Added feature for proxies

[playcraft1]

In config.yml add: framework: trusted_proxies: [192.0.0.1, 10.0.0.0/8]

In /libs/init.php after line 49 add:

if (count($configs['framework']['trusted_proxies']) > 0) { \Symfony\Component\HttpFoundation\Request::setTrustedProxies($configs['framework']['trusted_proxies']); }

See: http://symfony.com/doc/current/reference/configuration/framework.html#reference-framework-trusted-proxies

[snewell92]

Relevant symfony article on configuration, linked from the trusted-proxy doc.

What would using this feature of symfony bring to Mibew? (Is there a list of features that we expect configuring trusted proxies to bring / bugs it will fix?) How does this line up with the philosophy of deploying Mibew anywhere, without Mibew caring or knowing about its environment?

Slightly related, I wonder if anyone has deployed Mibew to a load-balanced environment, and if so I wonder if this would affect that and what those people do nowadays (I only have a single ubuntu server where I deploy Mibew, so idk, genuinely curious).

[playcraft1]

I did deploy this to a load balancer. This was the fix. It's indirectly a Mibew issue. More so, it's directly a misconfiguration of symfony's use in Mibew when speaking in relation to reverse proxies. If one is not behind a proxy, simply leave out the trusted proxies configuration in the config.yml file.

Not having this configuration causes issues with how SSL works due to SSL not being used in the communication from load balancer to backend. Therefore, Mibew has no idea that it's a SSL connection on the frontend.