Symfony version(s) affected

6.4.7

Description

\Symfony\Component\HttpFoundation\Request::setTrustedProxies is called in \Symfony\Component\HttpKernel\Kernel::preBoot()
But in some long-run runtime, preBoot is only called once when start the processing, like Swoole / FrankenPHP runtime.

\Symfony\Component\HttpFoundation\Request::getTrustedProxies() is a static method, so the value will exists in the whole process lifecycle.
So when we deploy the symfony application with Swoole runtime bebind the LBS, LBS send the x-forwarded-for but we will always get a wrong IP value.

How to reproduce

1. Install a symfony application.
2. Configurate like https://symfony.com/doc/6.4/deployment/proxies.html#solution-settrustedproxies
3. Install swoole runtime
4. Write a tes test controller, a test aciton like:

    #[Route('/header-dump', name: 'test-header')]
    public function headerDump(Request $request): Response
    {
        $request->server->set('REMOTE_ADDR', '10.160.0.5');
        return $this->json([
            'headers' => $request->headers->all(),
            'ip' => $request->getClientIp(),
            //'ips' => $request->getClientIps(),
        ]);
    }

5. Open postman, send the request with the header x-forwarded-for: 8.8.8.8, we expect got the ip is 8.8.8.8, but not.

Possible Solution

The simplest solution is change the environment TRUSTED_PROXIES=0.0.0.0/0.
But I think is better the move the trust proxy logic from Kernel to other service, on inline into the Request.

Additional Context

No response