From 8f44b8f0baf69fc58771c83bedd0a92e81ee9379 Mon Sep 17 00:00:00 2001
From: Andrew Aitken-Fincham <andrew@silverstripe.com>
Date: Tue, 30 May 2017 12:18:47 +0100
Subject: [PATCH] move trusted_proxy_ips below .env loader

---
 src/Core/Constants.php | 44 +++++++++++++++++++++---------------------
 1 file changed, 22 insertions(+), 22 deletions(-)

diff --git a/src/Core/Constants.php b/src/Core/Constants.php
index bc4ddc8d5..3bda59efc 100644
--- a/src/Core/Constants.php
+++ b/src/Core/Constants.php
@@ -30,28 +30,6 @@ use SilverStripe\Control\Util\IPUtils;
 ///////////////////////////////////////////////////////////////////////////////
 // ENVIRONMENT CONFIG
 
-/**
- * Validate whether the request comes directly from a trusted server or not
- * This is necessary to validate whether or not the values of X-Forwarded-
- * or Client-IP HTTP headers can be trusted
- */
-if (!defined('TRUSTED_PROXY')) {
-    define('TRUSTED_PROXY', call_user_func(function () {
-        $trustedIPs = getenv('SS_TRUSTED_PROXY_IPS');
-        if (empty($trustedIPs) || $trustedIPs === 'none') {
-            return false;
-        }
-        if ($trustedIPs === '*') {
-            return true;
-        }
-        // Validate IP address
-        if (isset($_SERVER['REMOTE_ADDR'])) {
-            return IPUtils::checkIP($_SERVER['REMOTE_ADDR'], explode(',', $trustedIPs));
-        }
-        return false;
-    }));
-}
-
 /**
  * Define system paths
  */
@@ -90,6 +68,28 @@ if (!getenv('SS_IGNORE_DOT_ENV')) {
     }
 }
 
+/**
+ * Validate whether the request comes directly from a trusted server or not
+ * This is necessary to validate whether or not the values of X-Forwarded-
+ * or Client-IP HTTP headers can be trusted
+ */
+if (!defined('TRUSTED_PROXY')) {
+    define('TRUSTED_PROXY', call_user_func(function () {
+        $trustedIPs = getenv('SS_TRUSTED_PROXY_IPS');
+        if (empty($trustedIPs) || $trustedIPs === 'none') {
+            return false;
+        }
+        if ($trustedIPs === '*') {
+            return true;
+        }
+        // Validate IP address
+        if (isset($_SERVER['REMOTE_ADDR'])) {
+            return IPUtils::checkIP($_SERVER['REMOTE_ADDR'], explode(',', $trustedIPs));
+        }
+        return false;
+    }));
+}
+
 if (!defined('BASE_URL')) {
     define('BASE_URL', call_user_func(function () {
         // Determine the base URL by comparing SCRIPT_NAME to SCRIPT_FILENAME and getting common elements