search

fideloper / TrustedProxy

Laravel Proxy Package for handling sessions when behind load balancers or other intermediaries.
MIT License
7.36k stars 126 forks source link

HTTP Forwarded variables are not set #116

Closed ClaudioTesta closed 6 years ago

ClaudioTesta commented 6 years ago

Hey i'm using Laravel 5.4 and wanted to use this package in my laravel application behind a reverse proxy but somehow its not working. When I print out the $request->getScheme() and $request->getClientIp() they do not return the informations from my proxy forward variable.

Im not sure how to fix this or what might be the problem. Any idea how to solve or debug this any further ?

Here is my $_SERVER printout:

  "REDIRECT_STATUS" => "200"
  "HTTP_HOST" => "domainname.de"
  "HTTP_USER_AGENT" => "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0"
  "HTTP_ACCEPT" => "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
  "HTTP_ACCEPT_LANGUAGE" => "de,en-US;q=0.7,en;q=0.3"
  "HTTP_ACCEPT_ENCODING" => "gzip, deflate, br"
  "HTTP_COOKIE" =>
  "HTTP_UPGRADE_INSECURE_REQUESTS" => "1"
  "HTTP_X_FORWARDED_PORT" => "443"
  "HTTP_X_FORWARDED_PROTO" => "https"
  "HTTP_X_FORWARDED_FOR" => "10.0.1.221"
  "HTTP_CONNECTION" => "close"
  "PATH" => "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
  "SERVER_SOFTWARE" => "Apache/2.4.34 (Unix)"
  "SERVER_NAME" => "domainname.de"
  "SERVER_ADDR" => "10.42.128.150"
  "SERVER_PORT" => "80"
  "REMOTE_ADDR" => "10.42.109.50"

My trustedproxy.php (tried different headers without success):

<?php

return [
     'proxies' => [
         '**',
     ],

     'headers' => [
         (defined('Illuminate\Http\Request::HEADER_FORWARDED') ? Illuminate\Http\Request::HEADER_FORWARDED : 'forwarded') => null,
         \Illuminate\Http\Request::HEADER_CLIENT_IP    => 'X_FORWARDED_FOR',
         \Illuminate\Http\Request::HEADER_CLIENT_HOST  => null,
         \Illuminate\Http\Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_PROTO',
         \Illuminate\Http\Request::HEADER_CLIENT_PORT  => 'X_FORWARDED_PORT',
     ]
];

My App/Kernel.php

<?php

namespace App\Http;

use Illuminate\Foundation\Http\Kernel as HttpKernel;

class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware = [
        \Fideloper\Proxy\TrustProxies::class,
        \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,

    ];

    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],

        'api' => [
            'throttle:60,1',
            'bindings',
        ],
    ];
    protected $routeMiddleware = [
        'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'ldap' => \App\Http\Middleware\Ldap::class,
        'admin' => \App\Http\Middleware\Admin::class,
    ];
}

My config/app.php

    'providers' => [

        /*
         * Laravel Framework Service Providers...
         */
        Illuminate\Auth\AuthServiceProvider::class,
        Illuminate\Broadcasting\BroadcastServiceProvider::class,
        .........
        Fideloper\Proxy\TrustedProxyServiceProvider::class,

    ],
fideloper commented 6 years ago

Hi!

Thanks for the detailed question - I believe in this case, you need to adjust file trustedproxy.php and set the value of proxies to a string instead of an array:

<?php

// From:
return [
    'proxies' => [
         '**',
     ],
    // ...
];

// To:
return [
    'proxies' => '**',
    // ...
];
ClaudioTesta commented 6 years ago

Pretty sure I tested this before but looks like it works now. Thank you very much :)