X-Git-Url: http://source.bookstackapp.com/bookstack/blobdiff_plain/a5e49f642b18de09cac0f2fdceacf07b0bafafe7..refs/pull/2023/head:/app/Http/Middleware/TrustProxies.php

diff --git a/app/Http/Middleware/TrustProxies.php b/app/Http/Middleware/TrustProxies.php
index 69fcbe943..7b01d0aab 100644
--- a/app/Http/Middleware/TrustProxies.php
+++ b/app/Http/Middleware/TrustProxies.php
@@ -2,8 +2,9 @@
 
 namespace BookStack\Http\Middleware;
 
-use Illuminate\Http\Request;
+use Closure;
 use Fideloper\Proxy\TrustProxies as Middleware;
+use Illuminate\Http\Request;
 
 class TrustProxies extends Middleware
 {
@@ -15,15 +16,26 @@ class TrustProxies extends Middleware
     protected $proxies;
 
     /**
-     * The current proxy header mappings.
+     * The headers that should be used to detect proxies.
      *
-     * @var array
+     * @var int
      */
-    protected $headers = [
-        Request::HEADER_FORWARDED => 'FORWARDED',
-        Request::HEADER_X_FORWARDED_FOR => 'X_FORWARDED_FOR',
-        Request::HEADER_X_FORWARDED_HOST => 'X_FORWARDED_HOST',
-        Request::HEADER_X_FORWARDED_PORT => 'X_FORWARDED_PORT',
-        Request::HEADER_X_FORWARDED_PROTO => 'X_FORWARDED_PROTO',
-    ];
+    protected $headers = Request::HEADER_X_FORWARDED_ALL;
+
+    /**
+     * Handle the request, Set the correct user-configured proxy information.
+     * @param Request $request
+     * @param Closure $next
+     * @return mixed
+     */
+    public function handle(Request $request, Closure $next)
+    {
+        $setProxies = config('app.proxies');
+        if ($setProxies !== '**' && $setProxies !== '*' && $setProxies !== '') {
+            $setProxies = explode(',', $setProxies);
+        }
+        $this->proxies = $setProxies;
+
+        return parent::handle($request, $next);
+    }
 }