tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Merge pull request #6977 from andrewandante/FIX/move_dotenv_higher

Browse Source 
move TRUSTED_PROXY below .env loader
This commit is contained in:
Daniel Hensby 2017-05-30 12:41:09 +01:00 committed by GitHub
commit 11de4abe0a
1 changed files with 22 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
src/Core/Constants.php
View File

@ -30,28 +30,6 @@ use SilverStripe\Control\Util\IPUtils;
///////////////////////////////////////////////////////////////////////////////
// ENVIRONMENT CONFIG
/**
* Validate whether the request comes directly from a trusted server or not
* This is necessary to validate whether or not the values of X-Forwarded-
* or Client-IP HTTP headers can be trusted
*/
if (!defined('TRUSTED_PROXY')) {
define('TRUSTED_PROXY', call_user_func(function () {
$trustedIPs = getenv('SS_TRUSTED_PROXY_IPS');
if (empty($trustedIPs) || $trustedIPs === 'none') {
return false;
}
if ($trustedIPs === '*') {
return true;
}
// Validate IP address
if (isset($_SERVER['REMOTE_ADDR'])) {
return IPUtils::checkIP($_SERVER['REMOTE_ADDR'], explode(',', $trustedIPs));
}
return false;
}));
}
/**
* Define system paths
*/
@ -90,6 +68,28 @@ if (!getenv('SS_IGNORE_DOT_ENV')) {
}
}
/**
* Validate whether the request comes directly from a trusted server or not
* This is necessary to validate whether or not the values of X-Forwarded-
* or Client-IP HTTP headers can be trusted
*/
if (!defined('TRUSTED_PROXY')) {
define('TRUSTED_PROXY', call_user_func(function () {
$trustedIPs = getenv('SS_TRUSTED_PROXY_IPS');
if (empty($trustedIPs) || $trustedIPs === 'none') {
return false;
}
if ($trustedIPs === '*') {
return true;
}
// Validate IP address
if (isset($_SERVER['REMOTE_ADDR'])) {
return IPUtils::checkIP($_SERVER['REMOTE_ADDR'], explode(',', $trustedIPs));
}
return false;
}));
}
if (!defined('BASE_URL')) {
define('BASE_URL', call_user_func(function () {
// Determine the base URL by comparing SCRIPT_NAME to SCRIPT_FILENAME and getting common elements