Allow trusted proxies to be provided via TRUSTED_PROXIES env var

This commit is contained in:
Alejandro Celaya
2025-07-17 09:57:34 +02:00
parent 650fafb7c4
commit 1f825797f6
3 changed files with 44 additions and 36 deletions

View File

@@ -89,6 +89,7 @@ enum EnvVars: string
case CORS_ALLOW_ORIGIN = 'CORS_ALLOW_ORIGIN';
case CORS_ALLOW_CREDENTIALS = 'CORS_ALLOW_CREDENTIALS';
case CORS_MAX_AGE = 'CORS_MAX_AGE';
case TRUSTED_PROXIES = 'TRUSTED_PROXIES';
/** @deprecated Use REDIRECT_EXTRA_PATH */
case REDIRECT_APPEND_EXTRA_PATH = 'REDIRECT_APPEND_EXTRA_PATH';

View File

@@ -26,6 +26,8 @@ use function implode;
* if trusted proxies are not set.
*
* @see https://github.com/akrabat/ip-address-middleware/pull/51
* @deprecated Remove in future major version, and enforce users with multiple reverse proxies to provide the list via
* TRUSTED_PROXIES
*/
readonly class ReverseForwardedAddressesMiddlewareDecorator implements MiddlewareInterface
{