php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-02 13:02:24 +08:00
Code Issues Packages Projects Releases Wiki Activity

Already resolved IP: doc added #17521 (#17596) [skip ci]

Browse Source
This commit is contained in:
Somogyi Márton
2019-10-06 13:58:33 +02:00
committed by Alexander Makarov
parent 6a2777fc6d
commit aac8e3cec6
1 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
docs/guide/runtime-requests.md
View File

@ -200,3 +200,23 @@ With the above configuration, all headers listed in `secureHeaders` are filtered
except the `X-ProxyUser-Ip` and `Front-End-Https` headers in case the request is made by the proxy. except the `X-ProxyUser-Ip` and `Front-End-Https` headers in case the request is made by the proxy.
In that case the former is used to retrieve the user IP as configured in `ipHeaders` and the latter In that case the former is used to retrieve the user IP as configured in `ipHeaders` and the latter
will be used to determine the result of [[yii\web\Request::getIsSecureConnection()]]. will be used to determine the result of [[yii\web\Request::getIsSecureConnection()]].
### Already resolved user IP <span id="already-respolved-user-ip"></span>
If the user's IP address is resolved before the Yii application (e.g. `ngx_http_realip_module` or similar),
the `request` component will work correctly with the following configuration:
```php
'request' => [
// ...
'trustedHosts' => [
'0.0.0.0/0',
],
'ipHeaders' => [],
],
```
In this case, the value of [[yii\web\Request::userIP|userIP]] will be equal to `$_SERVER['REMOTE_ADDR']`.
Also, properties that are resolved from HTTP headers will work correctly (e.g. [[yii\web\Request:: getIsSecureConnection()]].
> Warning: The `trustedHosts=['0.0.0.0/0']` setting assumes that all IPs are trusted.