You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* Deprecated the `x-forwarded-all` option, use `x-forwarded-for, x-forwarded-host, x-forwarded-port, x-forwarded-proto` options instead.
8
+
9
+
HttpFoundation
10
+
--------------
11
+
12
+
* Deprecated the `Request::HEADER_X_FORWARDED_ALL` constant, use either `Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO` or `Request::HEADER_X_FORWARDED_AWS_ELB` or `Request::HEADER_X_FORWARDED_TRAEFIK`constants instead.
Copy file name to clipboardExpand all lines: UPGRADE-6.0.md
+2Lines changed: 2 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -59,6 +59,7 @@ FrameworkBundle
59
59
* The `form.factory`, `form.type.file`, `translator`, `security.csrf.token_manager`, `serializer`,
60
60
`cache_clearer`, `filesystem` and `validator` services are now private.
61
61
* Removed the `lock.RESOURCE_NAME` and `lock.RESOURCE_NAME.store` services and the `lock`, `LockInterface`, `lock.store` and `PersistingStoreInterface` aliases, use `lock.RESOURCE_NAME.factory`, `lock.factory` or `LockFactory` instead.
62
+
* Removed the `x-forwarded-all` option, use `x-forwarded-for, x-forwarded-host, x-forwarded-port, x-forwarded-proto` options instead.
62
63
63
64
HttpFoundation
64
65
--------------
@@ -67,6 +68,7 @@ HttpFoundation
67
68
`RedirectResponse::create()`, and `StreamedResponse::create()` methods (use
68
69
`__construct()` instead)
69
70
* Not passing a `Closure` together with `FILTER_CALLBACK` to `ParameterBag::filter()` throws an `InvalidArgumentException`; wrap your filter in a closure instead.
71
+
* Removed the `Request::HEADER_X_FORWARDED_ALL` constant, use either `Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO` or `Request::HEADER_X_FORWARDED_AWS_ELB` or `Request::HEADER_X_FORWARDED_TRAEFIK`constants instead.
trigger_deprecation('symfony/framework-bundle', '5.3', 'The "x-forwarded-all" configuration option is deprecated, use "x-forwarded-for, x-forwarded-host, x-forwarded-port, x-forwarded-proto" options instead.');
2299
2300
if (!\in_array('!x-forwarded-prefix', $headers)) {
2300
2301
thrownewLogicException('When using "x-forwarded-all" in "framework.trusted_headers", "!x-forwarded-prefix" must be explicitly listed until support for X-Forwarded-Prefix is implemented.');
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/CHANGELOG.md
+5Lines changed: 5 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,6 +1,11 @@
1
1
CHANGELOG
2
2
=========
3
3
4
+
5.3.0
5
+
-----
6
+
7
+
* Deprecated the `Request::HEADER_X_FORWARDED_ALL` constant, use either `HEADER_X_FORWARDED_FOR | HEADER_X_FORWARDED_HOST | HEADER_X_FORWARDED_PORT | HEADER_X_FORWARDED_PROTO` or `HEADER_X_FORWARDED_AWS_ELB` or `HEADER_X_FORWARDED_TRAEFIK` constants instead.
constHEADER_X_FORWARDED_TRAEFIK = 0b111110; // All "X-Forwarded-*" headers sent by Traefik reverse proxy
43
+
constHEADER_FORWARDED = 0b0000001; // When using RFC 7239
44
+
constHEADER_X_FORWARDED_FOR = 0b0000010;
45
+
constHEADER_X_FORWARDED_HOST = 0b0000100;
46
+
constHEADER_X_FORWARDED_PROTO = 0b0001000;
47
+
constHEADER_X_FORWARDED_PORT = 0b0010000;
48
+
constHEADER_X_FORWARDED_PREFIX = 0b0100000;
49
+
privateconstCONST_DEPRECATED = 0b10000000; // reserved to deprecate constants
50
+
51
+
/** @deprecated since Symfony 5.3, to be removed in 6.0, use either "HEADER_X_FORWARDED_FOR | HEADER_X_FORWARDED_HOST | HEADER_X_FORWARDED_PORT | HEADER_X_FORWARDED_PROTO" or "HEADER_X_FORWARDED_AWS_ELB" or "HEADER_X_FORWARDED_TRAEFIK" constants instead. */
52
+
constHEADER_X_FORWARDED_ALL = 0b10011110; // All "X-Forwarded-*" headers sent by "usual" reverse proxy
if (self::HEADER_X_FORWARDED_ALL === $trustedHeaderSet) {
599
+
trigger_deprecation('symfony/http-fundation', '5.3', 'The "HEADER_X_FORWARDED_ALL" constant is deprecated, use either "HEADER_X_FORWARDED_FOR | HEADER_X_FORWARDED_HOST | HEADER_X_FORWARDED_PORT | HEADER_X_FORWARDED_PROTO" or "HEADER_X_FORWARDED_AWS_ELB" or "HEADER_X_FORWARDED_TRAEFIK" constants instead.');
600
+
}
596
601
self::$trustedProxies = array_reduce($proxies, function ($proxies, $proxy) {
$this->expectDeprecation('Since symfony/http-fundation 5.3: The "HEADER_X_FORWARDED_ALL" constant is deprecated, use either "HEADER_X_FORWARDED_FOR | HEADER_X_FORWARDED_HOST | HEADER_X_FORWARDED_PORT | HEADER_X_FORWARDED_PROTO" or "HEADER_X_FORWARDED_AWS_ELB" or "HEADER_X_FORWARDED_TRAEFIK" constants instead.');
0 commit comments