Laravel 5.6 TrustedProxies error
After some investigation (Winmerge comparison with a fresh install of Laravel 5.6) this comes down to a difference in the files app\Http\Middleware\TrustProxies.php
:
Laravel 5.5:
namespace App\Http\Middleware;use Illuminate\Http\Request;use Fideloper\Proxy\TrustProxies as Middleware;class TrustProxies extends Middleware{ /** * The trusted proxies for this application. * * @var array */ protected $proxies; /** * The current proxy header mappings. * * @var array */ protected $headers = [ Request::HEADER_FORWARDED => 'FORWARDED', Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR', Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST', Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT', Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO', ];}
Laravel 5.6:
namespace App\Http\Middleware;use Illuminate\Http\Request;use Fideloper\Proxy\TrustProxies as Middleware;class TrustProxies extends Middleware{ /** * The trusted proxies for this application. * * @var array */ protected $proxies; /** * The headers that should be used to detect proxies. * * @var string */ protected $headers = Request::HEADER_X_FORWARDED_ALL;}
Ergo, set protected $headers = Request::HEADER_X_FORWARDED_ALL;
as per Laravel 5.6 version
Open app\Http\Middleware\TrustProxies.php
.
Change the following
protected $headers = [ Request::HEADER_FORWARDED => 'FORWARDED', Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR', Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST', Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT', Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',];
to
protected $headers = Request::HEADER_X_FORWARDED_ALL;
As stated in the upgrade guide, you need to set the $headers property in App\Http\Middleware\TrustProxies to a bit property.
The constants are defined in Symfony\Component\HttpFoundation\Request.
const HEADER_FORWARDED = 0b00001; // When using RFC 7239const HEADER_X_FORWARDED_FOR = 0b00010;const HEADER_X_FORWARDED_HOST = 0b00100;const HEADER_X_FORWARDED_PROTO = 0b01000;const HEADER_X_FORWARDED_PORT = 0b10000;const HEADER_X_FORWARDED_ALL = 0b11110; // All "X-Forwarded-*" headersconst HEADER_X_FORWARDED_AWS_ELB = 0b11010; // AWS ELB doesn't send X-Forwarded-Host
In the upgrade guide, HEADER_X_FORWARDED_ALL is used but you can use a combination of the bit values.