function ReverseProxyMiddleware::setSettingsOnRequest

Same name in other branches
  1. 9 core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php \Drupal\Core\StackMiddleware\ReverseProxyMiddleware::setSettingsOnRequest()
  2. 10 core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php \Drupal\Core\StackMiddleware\ReverseProxyMiddleware::setSettingsOnRequest()
  3. 11.x core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php \Drupal\Core\StackMiddleware\ReverseProxyMiddleware::setSettingsOnRequest()

Sets reverse proxy settings on Request object.

Parameters

\Symfony\Component\HttpFoundation\Request $request: A Request instance.

\Drupal\Core\Site\Settings $settings: The site settings.

3 calls to ReverseProxyMiddleware::setSettingsOnRequest()
install_begin_request in core/includes/install.core.inc
Begins an installation request, modifying the installation state as needed.
ReverseProxyMiddleware::handle in core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php
UpdateKernel::handle in core/lib/Drupal/Core/Update/UpdateKernel.php

File

core/lib/Drupal/Core/StackMiddleware/ReverseProxyMiddleware.php, line 58

Class

ReverseProxyMiddleware
Provides support for reverse proxies.

Namespace

Drupal\Core\StackMiddleware

Code

public static function setSettingsOnRequest(Request $request, Settings $settings) {
    // Initialize proxy settings.
    if ($settings->get('reverse_proxy', FALSE)) {
        $proxies = $settings->get('reverse_proxy_addresses', []);
        if (count($proxies) > 0) {
            $deprecated_settings = [
                'reverse_proxy_header' => Request::HEADER_X_FORWARDED_FOR,
                'reverse_proxy_proto_header' => Request::HEADER_X_FORWARDED_PROTO,
                'reverse_proxy_host_header' => Request::HEADER_X_FORWARDED_HOST,
                'reverse_proxy_port_header' => Request::HEADER_X_FORWARDED_PORT,
                'reverse_proxy_forwarded_header' => Request::HEADER_FORWARDED,
            ];
            $all = $settings->getAll();
            // Set the default value. This is the most relaxed setting possible and
            // not recommended for production.
            $trusted_header_set = Request::HEADER_X_FORWARDED_ALL | Request::HEADER_FORWARDED;
            foreach ($deprecated_settings as $deprecated_setting => $bit_value) {
                if (array_key_exists($deprecated_setting, $all)) {
                    @trigger_error(sprintf("The '%s' setting in settings.php is deprecated in Drupal 8.7.0 and will be removed before Drupal 9.0.0. Use the 'reverse_proxy_trusted_headers' setting instead. See https://www.drupal.org/node/3030558", $deprecated_setting), E_USER_DEPRECATED);
                    $request::setTrustedHeaderName($bit_value, $all[$deprecated_setting]);
                    if ($all[$deprecated_setting] === NULL) {
                        // If the value is NULL do not trust the header.
                        $trusted_header_set &= ~$bit_value;
                    }
                }
            }
            $request::setTrustedProxies($proxies, $settings->get('reverse_proxy_trusted_headers', $trusted_header_set));
        }
    }
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.