HEADER_X_FORWARDED_ALL was deprecated in Symfony 5.2

Author: rodruiz

phpunit.xml.dist

@@ -1,14 +1,16 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <phpunit backupGlobals="false"
          backupStaticAttributes="false"
+         beStrictAboutTestsThatDoNotTestAnything="false"
          bootstrap="vendor/autoload.php"
          colors="true"
          convertErrorsToExceptions="true"
          convertNoticesToExceptions="true"
          convertWarningsToExceptions="true"
          processIsolation="false"
+         stopOnError="false"
          stopOnFailure="false"
-         syntaxCheck="false"
+         verbose="true"
 >
     <testsuites>
         <testsuite name="Trusted Proxy Test Suite">

src/TrustProxies.php

@@ -119,10 +119,24 @@ protected function getTrustedHeaderNames()
             case Request::HEADER_FORWARDED:
                 return Request::HEADER_FORWARDED;
                 break;
-            case 'HEADER_X_FORWARDED_ALL':
-            case Request::HEADER_X_FORWARDED_ALL:
-                return Request::HEADER_X_FORWARDED_ALL;
+            case 'HEADER_X_FORWARDED_FOR':
+            case Request::HEADER_X_FORWARDED_FOR:
+                return Request::HEADER_X_FORWARDED_FOR;
                 break;
+            case 'HEADER_X_FORWARDED_HOST':
+            case Request::HEADER_X_FORWARDED_HOST:
+                return Request::HEADER_X_FORWARDED_HOST;
+                break;
+            case 'HEADER_X_FORWARDED_PORT':
+            case Request::HEADER_X_FORWARDED_PORT:
+                return Request::HEADER_X_FORWARDED_PORT;
+                break;
+            case 'HEADER_X_FORWARDED_PROTO':
+            case Request::HEADER_X_FORWARDED_PROTO:
+                return Request::HEADER_X_FORWARDED_PROTO;
+                break;
+            default:
+                return Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_X_FORWARDED_AWS_ELB;
         }
 
         return $headers;

tests/TrustedProxyTest.php

@@ -6,6 +6,8 @@
 
 class TrustedProxyTest extends TestCase
 {
+    private $headerAll = Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO | Request::HEADER_X_FORWARDED_AWS_ELB;
+
     /**
      * Test that Symfony does indeed NOT trust X-Forwarded-*
      * headers when not given trusted proxies
@@ -34,7 +36,7 @@ public function test_request_does_not_trust()
     public function test_does_trust_trusted_proxy()
     {
         $req = $this->createProxiedRequest();
-        $req->setTrustedProxies(['192.168.10.10'], Request::HEADER_X_FORWARDED_ALL);
+        $req->setTrustedProxies(['192.168.10.10'], $this->headerAll);
 
         $this->assertEquals('173.174.200.38', $req->getClientIp(), 'Assert trusted proxy x-forwarded-for header used');
         $this->assertEquals('https', $req->getScheme(), 'Assert trusted proxy x-forwarded-proto header used');
@@ -48,7 +50,7 @@ public function test_does_trust_trusted_proxy()
      */
     public function test_trusted_proxy_sets_trusted_proxies_with_wildcard()
     {
-        $trustedProxy = $this->createTrustedProxy(Request::HEADER_X_FORWARDED_ALL, '*');
+        $trustedProxy = $this->createTrustedProxy($this->headerAll, '*');
         $request = $this->createProxiedRequest();
 
         $trustedProxy->handle($request, function ($request) {
@@ -62,7 +64,7 @@ public function test_trusted_proxy_sets_trusted_proxies_with_wildcard()
      */
     public function test_trusted_proxy_sets_trusted_proxies_with_double_wildcard_for_backwards_compat()
     {
-        $trustedProxy = $this->createTrustedProxy(Request::HEADER_X_FORWARDED_ALL, '**');
+        $trustedProxy = $this->createTrustedProxy($this->headerAll, '**');
         $request = $this->createProxiedRequest();
 
         $trustedProxy->handle($request, function ($request) {
@@ -76,7 +78,7 @@ public function test_trusted_proxy_sets_trusted_proxies_with_double_wildcard_for
      */
     public function test_trusted_proxy_sets_trusted_proxies()
     {
-        $trustedProxy = $this->createTrustedProxy(Request::HEADER_X_FORWARDED_ALL, ['192.168.10.10']);
+        $trustedProxy = $this->createTrustedProxy($this->headerAll, ['192.168.10.10']);
         $request = $this->createProxiedRequest();
 
         $trustedProxy->handle($request, function ($request) {
@@ -89,7 +91,7 @@ public function test_trusted_proxy_sets_trusted_proxies()
      */
     public function test_get_client_ips()
     {
-        $trustedProxy = $this->createTrustedProxy(Request::HEADER_X_FORWARDED_ALL, ['192.168.10.10']);
+        $trustedProxy = $this->createTrustedProxy($this->headerAll, ['192.168.10.10']);
 
         $forwardedFor = [
             '192.0.2.2',
@@ -113,7 +115,7 @@ public function test_get_client_ips()
      */
     public function test_get_client_ip_with_muliple_ip_addresses_some_of_which_are_trusted()
     {
-        $trustedProxy = $this->createTrustedProxy(Request::HEADER_X_FORWARDED_ALL, ['192.168.10.10', '192.0.2.199']);
+        $trustedProxy = $this->createTrustedProxy($this->headerAll, ['192.168.10.10', '192.0.2.199']);
 
         $forwardedFor = [
             '192.0.2.2',
@@ -136,7 +138,7 @@ public function test_get_client_ip_with_muliple_ip_addresses_some_of_which_are_t
      */
     public function test_get_client_ip_with_muliple_ip_addresses_all_proxies_are_trusted()
     {
-        $trustedProxy = $this->createTrustedProxy(Request::HEADER_X_FORWARDED_ALL, '*');
+        $trustedProxy = $this->createTrustedProxy($this->headerAll, '*');
 
         $forwardedFor = [
             '192.0.2.2',
@@ -294,7 +296,7 @@ public function test_is_reading_text_based_configurations()
         // trust *all* "X-Forwarded-*" headers
         $trustedProxy = $this->createTrustedProxy('HEADER_X_FORWARDED_ALL', '192.168.1.1, 192.168.1.2');
         $trustedProxy->handle($request, function (Request $request) {
-            $this->assertEquals($request->getTrustedHeaderSet(), Request::HEADER_X_FORWARDED_ALL,
+            $this->assertEquals($request->getTrustedHeaderSet(), $this->headerAll,
                 'Assert trusted proxy used all "X-Forwarded-*" header');
 
             $this->assertEquals($request->getTrustedProxies(), ['192.168.1.1', '192.168.1.2'],
@@ -351,7 +353,7 @@ protected function createProxiedRequest($serverOverRides = [])
         // which is likely something like this:
         $request = Request::create('http://localhost:8888/tag/proxy', 'GET', [], [], [], $serverOverRides, null);
         // Need to make sure these haven't already been set
-        $request->setTrustedProxies([], Request::HEADER_X_FORWARDED_ALL);
+        $request->setTrustedProxies([], $this->headerAll);
 
         return $request;
     }