Cutlery/invoiceninja
1
0
Fork 0
mirror of https://github.com/invoiceninja/invoiceninja.git synced 2025-07-09 03:14:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

Support SSL offloading

Browse Source 
This adds a TRUSTED_PROXIES environment variable that enables the `Request::secure()` method to correctly and securely identify when a connection is passing through a SSL offloading frontend.
This commit is contained in:
Ben Harris 2015-10-12 11:23:46 +11:00
parent 54623cd185
commit 745ec80652
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/Http/Middleware/StartupCheck.php
View File

@ -25,6 +25,13 @@ class StartupCheck
*/
public function handle($request, Closure $next)
{
// Set up trusted X-Forwarded-Proto proxies
// TRUSTED_PROXIES accepts a comma delimited list of subnets
//
// TRUSTED_PROXIES='10.0.0.0/8,172.16.0.0/12,192.168.0.0/16'
if (isset($_ENV['TRUSTED_PROXIES'])) {
Request::setTrustedProxies(array_map('trim',explode(",",env('TRUSTED_PROXIES'))));
}
// Ensure all request are over HTTPS in production
if (App::environment() == ENV_PRODUCTION && !Request::secure()) {
return Redirect::secure(Request::getRequestUri());