function Request::getTrustedValues
This method is rather heavy because it splits and merges headers, and it's called by many other methods such as getPort(), isSecure(), getHost(), getClientIps(), getBaseUrl() etc. Thus, we try to cache the results for best performance.
5 calls to Request::getTrustedValues()
- Request::getBaseUrl in vendor/
symfony/ http-foundation/ Request.php - Returns the root URL from which this request is executed.
- Request::getClientIps in vendor/
symfony/ http-foundation/ Request.php - Returns the client IP addresses.
- Request::getHost in vendor/
symfony/ http-foundation/ Request.php - Returns the host name.
- Request::getPort in vendor/
symfony/ http-foundation/ Request.php - Returns the port on which the request is made.
- Request::isSecure in vendor/
symfony/ http-foundation/ Request.php - Checks whether the request is secure or not.
File
-
vendor/
symfony/ http-foundation/ Request.php, line 1996
Class
- Request
- Request represents an HTTP request.
Namespace
Symfony\Component\HttpFoundationCode
private function getTrustedValues(int $type, ?string $ip = null) : array {
$cacheKey = $type . "\x00" . (self::$trustedHeaderSet & $type ? $this->headers
->get(self::TRUSTED_HEADERS[$type]) : '');
$cacheKey .= "\x00" . $ip . "\x00" . $this->headers
->get(self::TRUSTED_HEADERS[self::HEADER_FORWARDED]);
if (isset($this->trustedValuesCache[$cacheKey])) {
return $this->trustedValuesCache[$cacheKey];
}
$clientValues = [];
$forwardedValues = [];
if (self::$trustedHeaderSet & $type && $this->headers
->has(self::TRUSTED_HEADERS[$type])) {
foreach (explode(',', $this->headers
->get(self::TRUSTED_HEADERS[$type])) as $v) {
$clientValues[] = (self::HEADER_X_FORWARDED_PORT === $type ? '0.0.0.0:' : '') . trim($v);
}
}
if (self::$trustedHeaderSet & self::HEADER_FORWARDED && isset(self::FORWARDED_PARAMS[$type]) && $this->headers
->has(self::TRUSTED_HEADERS[self::HEADER_FORWARDED])) {
$forwarded = $this->headers
->get(self::TRUSTED_HEADERS[self::HEADER_FORWARDED]);
$parts = HeaderUtils::split($forwarded, ',;=');
$param = self::FORWARDED_PARAMS[$type];
foreach ($parts as $subParts) {
if (null === ($v = HeaderUtils::combine($subParts)[$param] ?? null)) {
continue;
}
if (self::HEADER_X_FORWARDED_PORT === $type) {
if (str_ends_with($v, ']') || false === ($v = strrchr($v, ':'))) {
$v = $this->isSecure() ? ':443' : ':80';
}
$v = '0.0.0.0' . $v;
}
$forwardedValues[] = $v;
}
}
if (null !== $ip) {
$clientValues = $this->normalizeAndFilterClientIps($clientValues, $ip);
$forwardedValues = $this->normalizeAndFilterClientIps($forwardedValues, $ip);
}
if ($forwardedValues === $clientValues || !$clientValues) {
return $this->trustedValuesCache[$cacheKey] = $forwardedValues;
}
if (!$forwardedValues) {
return $this->trustedValuesCache[$cacheKey] = $clientValues;
}
if (!$this->isForwardedValid) {
return $this->trustedValuesCache[$cacheKey] = null !== $ip ? [
'0.0.0.0',
$ip,
] : [];
}
$this->isForwardedValid = false;
throw new ConflictingHeadersException(\sprintf('The request has both a trusted "%s" header and a trusted "%s" header, conflicting with each other. You should either configure your proxy to remove one of them, or configure your project to distrust the offending one.', self::TRUSTED_HEADERS[self::HEADER_FORWARDED], self::TRUSTED_HEADERS[$type]));
}