Laravel 5.6 TrustedProxies 错误
Laravel 5.6 TrustedProxies error
我今天从 L5.5 升级到 L5.6(正在将 Symfony 组件更新到 v4)。此外,根据官方 Laravel 5.6 升级指南,我已将 fideloper/proxy 软件包更新为 4.0。
之后我开始收到这个错误:Type error: Argument 2 passed to Symfony\Component\HttpFoundation\Request::setTrustedProxies() must be of the type integer, array given, called in /var/www/html/vendor/fideloper/proxy/src/TrustProxies.php on line 54
Symfony 4 的 Symfony\Component\HttpFoundation\Request::setTrustedProxies() 确实需要整数(位掩码)作为第二个参数:
/**
* Sets a list of trusted proxies.
*
* You should only list the reverse proxies that you manage directly.
*
* @param array $proxies A list of trusted proxies
* @param int $trustedHeaderSet A bit field of Request::HEADER_*, to set which headers to trust from your proxies
*
* @throws \InvalidArgumentException When $trustedHeaderSet is invalid
*/
public static function setTrustedProxies(array $proxies, int $trustedHeaderSet)
{
self::$trustedProxies = $proxies;
self::$trustedHeaderSet = $trustedHeaderSet;
}
和fideloper/proxy 4.0确实是给这个函数一个数组而不是一个整数:
public function handle(Request $request, Closure $next)
{
$request::setTrustedProxies([], $this->getTrustedHeaderNames()); // Reset trusted proxies between requests
$this->setTrustedProxyIpAddresses($request);
return $next($request);
}
和
/**
* Retrieve trusted header name(s), falling back to defaults if config not set.
*
* @return array
*/
protected function getTrustedHeaderNames()
{
return $this->headers ?: $this->config->get('trustedproxy.headers');
}
所以我不明白这是 fideloper/proxy 中的错误还是我只是遗漏了什么?
如the upgrade guide所述,您需要将App\Http\Middleware\TrustProxies中的$headers 属性设置为属性 .
常数定义在Symfony\Component\HttpFoundation\Request.
const HEADER_FORWARDED = 0b00001; // When using RFC 7239
const HEADER_X_FORWARDED_FOR = 0b00010;
const HEADER_X_FORWARDED_HOST = 0b00100;
const HEADER_X_FORWARDED_PROTO = 0b01000;
const HEADER_X_FORWARDED_PORT = 0b10000;
const HEADER_X_FORWARDED_ALL = 0b11110; // All "X-Forwarded-*" headers
const HEADER_X_FORWARDED_AWS_ELB = 0b11010; // AWS ELB doesn't send X-Forwarded-Host
在升级指南中,使用了HEADER_X_FORWARDED_ALL,但您可以使用位值的组合。
经过一些调查(Winmerge 与 Laravel 5.6 的全新安装进行比较)这归结为文件 app\Http\Middleware\TrustProxies.php:
中的差异
Laravel 5.5:
namespace App\Http\Middleware;
use Illuminate\Http\Request;
use Fideloper\Proxy\TrustProxies as Middleware;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array
*/
protected $proxies;
/**
* The current proxy header mappings.
*
* @var array
*/
protected $headers = [
Request::HEADER_FORWARDED => 'FORWARDED',
Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR',
Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST',
Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT',
Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',
];
}
Laravel 5.6:
namespace App\Http\Middleware;
use Illuminate\Http\Request;
use Fideloper\Proxy\TrustProxies as Middleware;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array
*/
protected $proxies;
/**
* The headers that should be used to detect proxies.
*
* @var string
*/
protected $headers = Request::HEADER_X_FORWARDED_ALL;
}
因此,根据 Laravel 5.6 版本
设置 protected $headers = Request::HEADER_X_FORWARDED_ALL;
打开app\Http\Middleware\TrustProxies.php。
更改以下内容
protected $headers = [
Request::HEADER_FORWARDED => 'FORWARDED',
Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR',
Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST',
Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT',
Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',
];
到
protected $headers = Request::HEADER_X_FORWARDED_ALL;
还请记住,当从 Laravel 5.5 升级到 5.6 时,Laravel 会创建一个名为 TrustProxies.php 的新文件,其名称空间与 TrustedProxies 相同,即 "App\Http\Middleware\TrustProxies"。在 Laravel 5.6 中,TrustedProxies.php 文件 正确 如上所述。
TrustProxies.php 不是。但是如果它们都存在于同一个命名空间中,那么 Laravel 将使用它首先找到的那个,即 TrustProxies.php 文件。
如果两者都有,则删除 TrustProxies.php,并确保 TrustedProxies.php 具有如上所述的正确更改。
祝你有愉快的一天。
基督教
如果您在 Laravel 9.x 或以后遇到此问题,那是因为 Laravel 有 incorporated the package into the core framework 并且不再需要它。
fideloper/TrustedProxy repo has added a note to it's readme instructing not to install the package on Laravel 9.x and instead follow the Laravel upgrade guide.
您可以在 Laravel 文档 here 中的“可信代理”标题下找到升级说明。
我发现升级指南中的更改花了我 30 秒才完成!
我今天从 L5.5 升级到 L5.6(正在将 Symfony 组件更新到 v4)。此外,根据官方 Laravel 5.6 升级指南,我已将 fideloper/proxy 软件包更新为 4.0。
之后我开始收到这个错误:Type error: Argument 2 passed to Symfony\Component\HttpFoundation\Request::setTrustedProxies() must be of the type integer, array given, called in /var/www/html/vendor/fideloper/proxy/src/TrustProxies.php on line 54
Symfony 4 的 Symfony\Component\HttpFoundation\Request::setTrustedProxies() 确实需要整数(位掩码)作为第二个参数:
/**
* Sets a list of trusted proxies.
*
* You should only list the reverse proxies that you manage directly.
*
* @param array $proxies A list of trusted proxies
* @param int $trustedHeaderSet A bit field of Request::HEADER_*, to set which headers to trust from your proxies
*
* @throws \InvalidArgumentException When $trustedHeaderSet is invalid
*/
public static function setTrustedProxies(array $proxies, int $trustedHeaderSet)
{
self::$trustedProxies = $proxies;
self::$trustedHeaderSet = $trustedHeaderSet;
}
和fideloper/proxy 4.0确实是给这个函数一个数组而不是一个整数:
public function handle(Request $request, Closure $next)
{
$request::setTrustedProxies([], $this->getTrustedHeaderNames()); // Reset trusted proxies between requests
$this->setTrustedProxyIpAddresses($request);
return $next($request);
}
和
/**
* Retrieve trusted header name(s), falling back to defaults if config not set.
*
* @return array
*/
protected function getTrustedHeaderNames()
{
return $this->headers ?: $this->config->get('trustedproxy.headers');
}
所以我不明白这是 fideloper/proxy 中的错误还是我只是遗漏了什么?
如the upgrade guide所述,您需要将App\Http\Middleware\TrustProxies中的$headers 属性设置为属性 .
常数定义在Symfony\Component\HttpFoundation\Request.
const HEADER_FORWARDED = 0b00001; // When using RFC 7239
const HEADER_X_FORWARDED_FOR = 0b00010;
const HEADER_X_FORWARDED_HOST = 0b00100;
const HEADER_X_FORWARDED_PROTO = 0b01000;
const HEADER_X_FORWARDED_PORT = 0b10000;
const HEADER_X_FORWARDED_ALL = 0b11110; // All "X-Forwarded-*" headers
const HEADER_X_FORWARDED_AWS_ELB = 0b11010; // AWS ELB doesn't send X-Forwarded-Host
在升级指南中,使用了HEADER_X_FORWARDED_ALL,但您可以使用位值的组合。
经过一些调查(Winmerge 与 Laravel 5.6 的全新安装进行比较)这归结为文件 app\Http\Middleware\TrustProxies.php:
Laravel 5.5:
namespace App\Http\Middleware;
use Illuminate\Http\Request;
use Fideloper\Proxy\TrustProxies as Middleware;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array
*/
protected $proxies;
/**
* The current proxy header mappings.
*
* @var array
*/
protected $headers = [
Request::HEADER_FORWARDED => 'FORWARDED',
Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR',
Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST',
Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT',
Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',
];
}
Laravel 5.6:
namespace App\Http\Middleware;
use Illuminate\Http\Request;
use Fideloper\Proxy\TrustProxies as Middleware;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array
*/
protected $proxies;
/**
* The headers that should be used to detect proxies.
*
* @var string
*/
protected $headers = Request::HEADER_X_FORWARDED_ALL;
}
因此,根据 Laravel 5.6 版本
设置protected $headers = Request::HEADER_X_FORWARDED_ALL;
打开app\Http\Middleware\TrustProxies.php。
更改以下内容
protected $headers = [
Request::HEADER_FORWARDED => 'FORWARDED',
Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR',
Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST',
Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT',
Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',
];
到
protected $headers = Request::HEADER_X_FORWARDED_ALL;
还请记住,当从 Laravel 5.5 升级到 5.6 时,Laravel 会创建一个名为 TrustProxies.php 的新文件,其名称空间与 TrustedProxies 相同,即 "App\Http\Middleware\TrustProxies"。在 Laravel 5.6 中,TrustedProxies.php 文件 正确 如上所述。
TrustProxies.php 不是。但是如果它们都存在于同一个命名空间中,那么 Laravel 将使用它首先找到的那个,即 TrustProxies.php 文件。
如果两者都有,则删除 TrustProxies.php,并确保 TrustedProxies.php 具有如上所述的正确更改。
祝你有愉快的一天。 基督教
如果您在 Laravel 9.x 或以后遇到此问题,那是因为 Laravel 有 incorporated the package into the core framework 并且不再需要它。
fideloper/TrustedProxy repo has added a note to it's readme instructing not to install the package on Laravel 9.x and instead follow the Laravel upgrade guide.
您可以在 Laravel 文档 here 中的“可信代理”标题下找到升级说明。
我发现升级指南中的更改花了我 30 秒才完成!