New in Symfony 7.2: Simpler Trusted Proxies Configuration

New Private Subnets Shortcut for Trusted Proxies

Contributed by
Nicolas Grekas
in
#58154

If your Symfony application works behind a load balancer or reverse proxy
(AWS Elastic Load Balancing, Varnish, etc.), you need to tell Symfony which
reverse proxy IP addresses to trust. If the IP of the reverse proxy changes constantly,
you must configure a range of IPs to trust.

In Symfony 7.2, we’re adding PRIVATE_SUBNETS as a shortcut for the value of
the constant IpUtils::PRIVATE_SUBNETS, so your configuration is easier to
read and maintain:

# config/packages/framework.yaml
framework:
trusted_proxies: ‚127.0.0.1,PRIVATE_SUBNETS‘

Configure Trusted Proxies with Environment Variables

Contributed by
Nicolas Grekas
in
#58161

The trusted proxies configuration is currently done in configuration files (YAML,
XML, or PHP format) like this:

# config/packages/framework.yaml
framework:
# …
trusted_proxies: ‚192.0.0.1,10.0.0.0/8‘
trusted_headers: [‚x-forwarded-for‘, ‚x-forwarded-host‘, ‚x-forwarded-proto‘, ‚x-forwarded-port‘, ‚x-forwarded-prefix‘]
trusted_hosts: [‚…‘]
trust_x_sendfile_type_header: true

In Symfony 7.2 we’re simplifying this thanks to new environment variables.
Instead of configuring the previous file, you can now set the trusted proxies
configuration in these env vars:

SYMFONY_TRUST_X_SENDFILE_TYPE_HEADER
SYMFONY_TRUSTED_HEADERS
SYMFONY_TRUSTED_HOSTS
SYMFONY_TRUSTED_PROXIES

Sponsor the Symfony project.

Symfony Blog

Read More

Latest News

PHP-Releases

PHP 8.3.15 released!

PHP 8.2.27 released!

PHP 8.1.31 released!

Generated by Feedzy