feature #37357 [FrameworkBundle] allow configuring trusted proxies using semantic configuration (nicolas-grekas)

This PR was merged into the 5.2-dev branch.

Discussion
----------

[FrameworkBundle] allow configuring trusted proxies using semantic configuration

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | no
| New feature?  | yes
| Deprecations? | -
| Tickets       | -
| License       | MIT
| Doc PR        | -

On top of the improved DX this should provide, this PR (and #37351) will allow [removing the corresponding lines](symfony/recipes#790) from `index.php` & recipes.

Using values:
```yaml
framework:
    trusted_proxies: '127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16'
#or
    trusted_proxies: '%env(TRUSTED_PROXIES)%'
```

`trusted_headers` is similar but is an array of headers to trust.
```yaml
framework:
    # that's the defaults already
    trusted_headers: ['x-forwarded-all', '!x-forwarded-host', '!x-forwarded-prefix']
```

Commits
-------

af9dd52752 [FrameworkBundle] allow configuring trusted proxies using semantic configuration

Author: fabpot

CHANGELOG.md

@@ -5,6 +5,7 @@ CHANGELOG
 -----
 
  * Added `framework.http_cache` configuration tree
+ * Added `framework.trusted_proxies` and `framework.trusted_headers` configuration options
 
 5.1.0
 -----

DependencyInjection/Configuration.php

@@ -85,6 +85,20 @@ public function getConfigTreeBuilder()
                     ->beforeNormalization()->ifString()->then(function ($v) { return [$v]; })->end()
                     ->prototype('scalar')->end()
                 ->end()
+                ->scalarNode('trusted_proxies')->end()
+                ->arrayNode('trusted_headers')
+                    ->fixXmlConfig('trusted_header')
+                    ->performNoDeepMerging()
+                    ->defaultValue(['x-forwarded-all', '!x-forwarded-host', '!x-forwarded-prefix'])
+                    ->beforeNormalization()->ifString()->then(function ($v) { return $v ? array_map('trim', explode(',', $v)) : []; })->end()
+                    ->enumPrototype()
+                        ->values([
+                            'forwarded',
+                            'x-forwarded-for', 'x-forwarded-host', 'x-forwarded-proto', 'x-forwarded-port',
+                            'x-forwarded-all', '!x-forwarded-host', '!x-forwarded-prefix',
+                        ])
+                    ->end()
+                ->end()
                 ->scalarNode('error_controller')
                     ->defaultValue('error_controller')
                 ->end()

DependencyInjection/FrameworkExtension.php

@@ -65,6 +65,7 @@
 use Symfony\Component\Form\FormTypeGuesserInterface;
 use Symfony\Component\Form\FormTypeInterface;
 use Symfony\Component\HttpClient\ScopingHttpClient;
+use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpKernel\CacheClearer\CacheClearerInterface;
 use Symfony\Component\HttpKernel\CacheWarmer\CacheWarmerInterface;
 use Symfony\Component\HttpKernel\Controller\ArgumentValueResolverInterface;
@@ -242,6 +243,11 @@ public function load(array $configs, ContainerBuilder $container)
         $container->setParameter('kernel.default_locale', $config['default_locale']);
         $container->setParameter('kernel.error_controller', $config['error_controller']);
 
+        if (($config['trusted_proxies'] ?? false) && ($config['trusted_headers'] ?? false)) {
+            $container->setParameter('kernel.trusted_proxies', $config['trusted_proxies']);
+            $container->setParameter('kernel.trusted_headers', $this->resolveTrustedHeaders($config['trusted_headers']));
+        }
+
         if (!$container->hasParameter('debug.file_link_format')) {
             $links = [
                 'textmate' => 'txmt://open?url=file://%%f&line=%%l',
@@ -2094,6 +2100,30 @@ private function registerNotifierConfiguration(array $config, ContainerBuilder $
         }
     }
 
+    private function resolveTrustedHeaders(array $headers): int
+    {
+        $trustedHeaders = 0;
+
+        foreach ($headers as $h) {
+            switch ($h) {
+                case 'forwarded': $trustedHeaders |= Request::HEADER_FORWARDED; break;
+                case 'x-forwarded-for': $trustedHeaders |= Request::HEADER_X_FORWARDED_FOR; break;
+                case 'x-forwarded-host': $trustedHeaders |= Request::HEADER_X_FORWARDED_HOST; break;
+                case 'x-forwarded-proto': $trustedHeaders |= Request::HEADER_X_FORWARDED_PROTO; break;
+                case 'x-forwarded-port': $trustedHeaders |= Request::HEADER_X_FORWARDED_PORT; break;
+                case '!x-forwarded-host': $trustedHeaders &= ~Request::HEADER_X_FORWARDED_HOST; break;
+                case 'x-forwarded-all':
+                    if (!\in_array('!x-forwarded-prefix', $headers)) {
+                        throw new LogicException('When using "x-forwarded-all" in "framework.trusted_headers", "!x-forwarded-prefix" must be explicitly listed until support for X-Forwarded-Prefix is implemented.');
+                    }
+                    $trustedHeaders |= Request::HEADER_X_FORWARDED_ALL;
+                    break;
+            }
+        }
+
+        return $trustedHeaders;
+    }
+
     /**
      * {@inheritdoc}
      */

FrameworkBundle.php

@@ -95,10 +95,6 @@ public function boot()
         if ($this->container->getParameter('kernel.http_method_override')) {
             Request::enableHttpMethodParameterOverride();
         }
-
-        if ($trustedHosts = $this->container->getParameter('kernel.trusted_hosts')) {
-            Request::setTrustedHosts($trustedHosts);
-        }
     }
 
     public function build(ContainerBuilder $container)

Resources/config/schema/symfony-1.0.xsd

@@ -42,6 +42,9 @@
         <xsd:attribute name="default-locale" type="xsd:string" />
         <xsd:attribute name="test" type="xsd:boolean" />
         <xsd:attribute name="error-controller" type="xsd:string" />
+        <xsd:attribute name="trusted_hosts" type="xsd:string" />
+        <xsd:attribute name="trusted_proxies" type="xsd:string" />
+        <xsd:attribute name="trusted_headers" type="xsd:string" />
     </xsd:complexType>
 
     <xsd:complexType name="form">

Resources/config/services.php

@@ -132,9 +132,9 @@
             ->tag('container.hot_path')
 
         ->set('http_cache.store', Store::class)
-        ->args([
-            param('kernel.cache_dir').'/http_cache',
-        ])
+            ->args([
+                param('kernel.cache_dir').'/http_cache',
+            ])
 
         ->set('url_helper', UrlHelper::class)
             ->args([

Tests/DependencyInjection/ConfigurationTest.php

@@ -30,10 +30,7 @@ public function testDefaultConfig()
         $processor = new Processor();
         $config = $processor->processConfiguration(new Configuration(true), [['secret' => 's3cr3t']]);
 
-        $this->assertEquals(
-            array_merge(['secret' => 's3cr3t', 'trusted_hosts' => []], self::getBundleDefaultConfig()),
-            $config
-        );
+        $this->assertEquals(self::getBundleDefaultConfig(), $config);
     }
 
     public function getTestValidSessionName()
@@ -341,6 +338,13 @@ protected static function getBundleDefaultConfig()
             'http_method_override' => true,
             'ide' => null,
             'default_locale' => 'en',
+            'secret' => 's3cr3t',
+            'trusted_hosts' => [],
+            'trusted_headers' => [
+                'x-forwarded-all',
+                '!x-forwarded-host',
+                '!x-forwarded-prefix',
+            ],
             'csrf_protection' => [
                 'enabled' => false,
             ],