Page MenuHomeDevCentral
Differential D24

Enum
ClosedPublic
Actions

Authored by dereckson on Jul 13 2015, 20:23.
Tags
None
Referenced Files
F3748559: D24.diff
Sat, Nov 16, 09:30
Unknown Object (File)
Tue, Nov 5, 06:43
Unknown Object (File)
Sat, Oct 26, 12:39
Unknown Object (File)
Thu, Oct 24, 20:36
Unknown Object (File)
Thu, Oct 24, 20:35
Unknown Object (File)
Thu, Oct 24, 20:35
Unknown Object (File)
Thu, Oct 24, 20:23
Unknown Object (File)
Mon, Oct 21, 09:16
View All Files
Subscribers
None

Details

Reviewers
None
Commits
rGROVEdc3c4cfd8195: Imported Enum support from artisaninweb/laravel-enum
Summary

A technical glitch sent to review AND Enum AND TrustProxy. The first intent were to send only the TrustProxy part.

Enum

Imported an Enum type

Next differential revision to come using this Enum

A new TrustProxy middleware allows to set a trust strategy about
potentially spoofable headers like HTTP_X_FORWARDED_PROTO and
HTTP_X_FORWARDED_FOR. This solves the proxy HTTPS problem.

We an app.proxy configuration option defined like this:

Auth Grove can handle proxy headers like HTTP_X_FORWARDED_PROTO
according your configuration.

  • To always trust forward headers, adds a star entry: ['*']
  • To never trust any server, use an empty array: []
  • To specify the proxies servers, create an array with each IP.

If you put Auth Grove on an back-end application server, with a
front-end nginx responsible for SSL termination,
you can set the front-end IPs or blindly trust any remote
address with a magic entry '*'.

Diff Detail

Repository
rGROVE Auth Grove
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dereckson updated this revision to Diff 48.Jul 13 2015, 20:23
dereckson retitled this revision from to Allow to serve https:// links behind a front-end server with SSL termination.
dereckson updated this object.
dereckson edited the test plan for this revision. (Show Details)
dereckson added reviewers: fauve, xcombelle.
dereckson added a task: T492: When using a front-end server with SSL termination, back-end serves http:// links..
dereckson added a subscriber: security.
Closed by commit rGROVEdc3c4cfd8195: Imported Enum support from artisaninweb/laravel-enum (authored by dereckson, committed by dereckson). · Explain WhyJul 13 2015, 20:27
This revision was automatically updated to reflect the committed changes.
dereckson added a comment.Jul 13 2015, 20:32

Well..

Only this part has been merged in master:

dc3c4cfd8195 cb06caf1aa85 a524afa5b17c Sébastien Santoro
Imported Enum support from artisaninweb/laravel-enum (Show More…)

dereckson retitled this revision from Allow to serve https:// links behind a front-end server with SSL termination to Enum.Jul 13 2015, 20:34
dereckson updated this object.
dereckson edited the test plan for this revision. (Show Details)
dereckson removed reviewers: xcombelle, fauve.
dereckson removed a task: T492: When using a front-end server with SSL termination, back-end serves http:// links..
dereckson removed a subscriber: security.

Revision Contents
Changeset List

PathSize
1 line
config/
6 lines

Diff 49

View Options

composer.json

Loading...
View Options

config/app.php

Loading...
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator