You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While x-forwarded-host, x-forwarded-port, and x-forwarded-proto work perfectly, x-forwarded-prefix doesn't. This problem might result from the method named getTrustedValues ( in /Symfony/Component/HttpFoundation/Request.php)
Below is the original code in Request.php, which should get the base url, and it calls getTrustedValues(self::HEADER_X_FORWARDED_PREFIX) to get the trusted prefix, but getTrustedValues could not deal with this type, so it always returns [](in my case).
/** * Returns the root URL from which this request is executed. * * The base URL never ends with a /. * * This is similar to getBasePath(), except that it also includes the * script filename (e.g. index.php) if one exists. * * @return string The raw URL (i.e. not urldecoded) */publicfunctiongetBaseUrl(): string
{
$trustedPrefix = '';
// the proxy prefix must be prepended to any prefix being needed at the webserver levelif ($this->isFromTrustedProxy() && $trustedPrefixValues = $this->getTrustedValues(self::HEADER_X_FORWARDED_PREFIX)) {
$trustedPrefix = rtrim($trustedPrefixValues[0], '/');
}
return$trustedPrefix.$this->getBaseUrlReal();
}
...
private function getTrustedValues(int $type, string $ip = null): array
...
How to reproduce
Create an Nginx reverse proxy and do the following setting.
useIlluminate\Http\Request;
Route::get('/test', function (Request$request) {
// base url would be "/test" not "/to/project/test"
dd($request->getBaseUrl());
return response("test", 200);
});
Possible Solution
Create another method to get prefix from x-forwarded-prefix, or support HEADER_X_FORWARDED_PREFIX in getTrustedValues()
Additional Context
No response
The text was updated successfully, but these errors were encountered:
Did you configure your application so that X-Forwared-Prefix is treated as a trusted header? Can you create an example application that allows to reproduce your issue?
Symfony version(s) affected
5.3
Description
I use Nginx as my reverse proxy of my laravel project and use the following setting.
While x-forwarded-host, x-forwarded-port, and x-forwarded-proto work perfectly, x-forwarded-prefix doesn't. This problem might result from the method named getTrustedValues ( in /Symfony/Component/HttpFoundation/Request.php)
Below is the original code in Request.php, which should get the base url, and it calls
getTrustedValues(self::HEADER_X_FORWARDED_PREFIX)
to get the trusted prefix, but getTrustedValues could not deal with this type, so it always returns[]
(in my case).How to reproduce
Create an Nginx reverse proxy and do the following setting.
laravel (route/web.php)
Possible Solution
Create another method to get prefix from x-forwarded-prefix, or support
HEADER_X_FORWARDED_PREFIX
ingetTrustedValues()
Additional Context
No response
The text was updated successfully, but these errors were encountered: