Symfony 的请求和反向代理
我有apache2和nginx。我在配置中将“信任代理标头”设置为 true,但无论如何在调用 $request->getClientIp(); 时获取内部 ip 我做错了什么?
如果我使用参数 $proxy = true 调用 getClientIp ,那么我会得到正确的 IP。但是有启用代理标头的配置,这还不够吗?
I've apache2 and nginx. I set "trust proxy headers" to true in configuration, but anyway get internal ip when calls $request->getClientIp(); What do I wrong?
If I calling getClientIp with parameter $proxy = true then I getting correct IP. But there is configuration where proxy headers enabled, aren't that enough?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
实际上这是一个问题,通过此合并解决 https://github.com/symfony/symfony/commit/40599ec0a24e688ef5903e2bd3cfb29b5ab29a18
Actually this is an issue, fixed by this merge https://github.com/symfony/symfony/commit/40599ec0a24e688ef5903e2bd3cfb29b5ab29a18
简而言之:如果您计划使用某种反向代理,则始终需要使用
$proxy = true。设置此参数(并启用trustProxyData();)后,$this->getClientIp();将使用反向代理返回正确的 IP。说明:即使配置后,代理标头仍将返回
HTTP_X_FORWARDED_FOR或HTTP_CLIENT_IP作为用户 IP,而REMOTE_ADDR将返回服务器本地主机地址(最有可能是 127.0.0.1)。$proxy = true正是检查这一点。这是该函数的源代码:In short: you always need to use
$proxy = trueif you're planning on using some kind of reverse proxy. With this parameter set (andtrustProxyData();enabled),$this->getClientIp();will return the correct IP with reverse proxy.Explanation: even after configured, proxy headers will return
HTTP_X_FORWARDED_FORorHTTP_CLIENT_IPas the user IP, whileREMOTE_ADDRwill return server localhost address (most likely 127.0.0.1).$proxy = truechecks exactly that. Here's the source code for this function: