无法使TrustProxies中间件工作

时间:2017-11-08 18:46:05

标签: laravel load-balancing laravel-5.5 laravel-middleware

在这里向正确的方向指出Laravel 5.4 relative instead of absolute 302 redirects
我一直试图让Laravel TrustProxies中间件工作,但似乎忽略了X_FORWARDED_PROTO标题。

我的情景
我在Laravel中的应用程序(刚刚从5.4升级到5.5)是负载均衡器的背后,它将所有流量从HTTPS转换为HTTP。

我的问题
所有重定向都通过HTTP而不是原始协议HTTPS。

尝试解决方案
从Laravel 5.4升级到5.5并利用现在随Laravel一起提供的TrustProxies中间件。
中间件有:

protected $proxies = '*';

/**
 * The current proxy header mappings.
 *
 * @var array
 */
protected $headers = [
    Request::HEADER_FORWARDED => 'FORWARDED',
    Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR',
    Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST',
    Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT',
    Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',
];

App \ Http \ Kernel已注册中间件:

protected $middleware = [
    \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
    \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
    \App\Http\Middleware\TrimStrings::class,
    \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
    \App\Http\Middleware\TrustProxies::class,
];

我的发现:
来自服务器的Tcp转储显示标题:

请求: 

GET / HTTP/1.1
X_FORWARDED_PROTO: HTTPS
Host: mywebsiteaddress.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:56.0) Gecko/20100101 Firefox/56.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1

但响应具有HTTP上的位置: 

HTTP/1.1 302 Found
Date: Wed, 08 Nov 2017 18:03:48 GMT
Server: Apache/2.4.18 (Ubuntu)
Cache-Control: no-cache, private
Location: http://mywebsiteaddress.com/home
Set-Cookie: laravel_session=eyJp...In0%3D; expires=Wed, 08-Nov-2017 20:03:48 GMT; Max-Age=7200; path=/; HttpOnly
Content-Length: 376
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

补充意见:
由于我的应用程序从5.4升级到5.5,我复制了TrustProxies类,否则它将在5.5全新安装中出现。然后我在内核中注册了它 也许我在这里错过了一步。

我的希望:
我的疲惫并没有让我蒙羞,我忽略了一个简单的错误。

任何建议,提前谢谢!

更新
在Apache中启用了log_forensics模块,我在请求中看到了x-forwarded-proto标头。

GET / HTTP/1.1
X_FORWARDED_PROTO:HTTPS
Host:mywebsiteaddress.com
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv%3a56.0) Gecko/20100101 Firefox/56.0
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language:en-US,en;q=0.5
Accept-Encoding:gzip, deflate, br
Connection:keep-alive
Upgrade-Insecure-Requests:1
Cache-Control:max-age=0

为什么Laravel可能没有在header数组中的任何线索?

1 个答案:

答案 0 :(得分:0)

确实很累 负载均衡器一直在使用C#(IIS)应用程序的X_FORWARDED_PROTO标头,因此网络团队此次设置标头的方式相同。
但对于Laravel来说,标题必须采用 X-FORWARDED-PROTO 的形式,我理解这是正确的名称(破折号而不是下划线)。
这就是Laravel(现实中的Symfony)从请求中丢弃标题的原因。

相关问题
最新问题