csun-metalab / laravel-proxypass
Composer package for Laravel that resolves the correct absolute URLs when behind a proxy
Installs: 15 292
Dependents: 1
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Requires
- php: >=5.5.9
README
Composer package for Laravel that resolves the correct absolute URLs when behind a proxy.
This package is built for version 5.0 of Laravel and above. It modifies the functionality
of the url()
, asset()
, and other helper methods.
To install from Composer, use the following command:
composer require csun-metalab/laravel-proxypass
Installation
First, add the following lines to your .env file to leverage the proxy attributes:
PROXY_ACTIVE=true
PROXY_PATH_HEADER=HTTP_X_FORWARDED_PATH
You may also add the following optional lines to your .env file to leverage the ability to FORCE the URL and schema without having to pass through a load balancer or proxy:
# http or https: PUBLIC_SCHEMA_OVERRIDE=https
PUBLIC_SCHEMA_OVERRIDE=
# Example: PUBLIC_URL_OVERRIDE=http://some-other-domain.example.com/some-other-directory
PUBLIC_URL_OVERRIDE=
Next, add the service provider to your providers
array in Laravel as follows:
'providers' => [
//...
CSUNMetaLab\ProxyPass\Providers\ProxyPassServiceProvider::class,
// You can also use the following depending on Laravel convention:
// 'CSUNMetaLab\ProxyPass\Providers\ProxyPassServiceProvider',
//...
],
Finally, run the following Artisan command to publish the configuration:
php artisan vendor:publish
Environment Variables
The two environment variables you added to your .env file are the following:
PROXY_ACTIVE
Set this to true
to enable the proxying functionality or false
to disable it.
PROXY_PATH_HEADER
This is the PHP-interpreted value of the request header sent from your proxy. The
default is HTTP_X_FORWARDED_PATH
(the computed value of X-Forwarded-Path
)
Trusted Proxies
This package also has the ability to allow only certain proxy servers to modify the necessary values in order to set the proper absolute URL.
By default, all proxy servers are allowed to modify the values; if, however, the following value is set in your .env file then you can create a whitelist of proxies:
TRUSTED_PROXIES
This is a comma-delimited list of hostnames/IP addresses that are allowed to perform proxying functions.
TRUSTED_PROXIES=192.168.1.10,www.example.com,192.168.3.12
The above example would allow the following three proxy servers to provide proxying functionality:
- 192.168.1.10 (would come from the
REMOTE_ADDR
value in PHP) - www.example.com (would come from the
X-Forwarded-Server
header from the web server) - 192.168.3.12 (would come from the
REMOTE_ADDR
value in PHP)
Usage Example
Let's say you have an application hosted at http://laravel.example.com
but that is
not the location you want to show to the world. Instead, you want to show a URL of
http://www.example.com/laravel
so you place your Laravel application behind a proxy.
However, you notice that while the front page loads properly, none of the URLs you
have written with the url()
, asset()
, or other helpers work with that URL and instead
continue writing http://laravel.example.com
as their base path.
You can configure your proxy to add a request header along with your ProxyPass
and
ProxyPassReverse
directives in Apache (ensure you have mod_headers
enabled and
mod_proxy
enabled as well):
ProxyPass /laravel http://laravel.example.com
ProxyPassReverse /laravel http://laravel.example.com
<Location /laravel>
RequestHeader set X-Forwarded-Path "http://www.example.com/laravel"
</Location>
Now all of your URLs using the url()
, asset()
, and other helpers will be written
correctly!