From af46bdec2d0f54a03e8ad5ae0431222b7bc5e7b3 Mon Sep 17 00:00:00 2001
From: doobry <doobry@systemli.org>
Date: Fri, 29 Nov 2024 23:47:48 +0100
Subject: [PATCH] fix(framework): Support trusted proxies for userli behind
 reverse proxy

---
 .env                           | 1 +
 .env.test                      | 1 +
 config/packages/framework.yaml | 1 +
 3 files changed, 3 insertions(+)

diff --git a/.env b/.env
index 981c4717..10f92f58 100644
--- a/.env
+++ b/.env
@@ -36,6 +36,7 @@ WKD_FORMAT="advanced"
 ###> symfony/framework-bundle ###
 APP_ENV="dev"
 APP_SECRET="165e25e3846534bb4665d7078a851c0b"
+TRUSTED_PROXIES=""
 ###< symfony/framework-bundle ###
 
 ###> symfony/mailer ###
diff --git a/.env.test b/.env.test
index 7876d00b..ec333ba8 100644
--- a/.env.test
+++ b/.env.test
@@ -3,6 +3,7 @@ DATABASE_URL=sqlite:///%kernel.project_dir%/var/db_test.sqlite
 APP_DOMAIN=example.org
 APP_ENV=test
 APP_SECRET=165e25e3846534bb4665d7078a851c0b
+TRUSTED_PROXIES=""
 APP_NAME="Userli"
 APP_URL="https://users.example.org"
 PROJECT_NAME="example.org"
diff --git a/config/packages/framework.yaml b/config/packages/framework.yaml
index 980ee45c..be4f398c 100644
--- a/config/packages/framework.yaml
+++ b/config/packages/framework.yaml
@@ -5,6 +5,7 @@ framework:
     annotations: false
     http_method_override: false
     handle_all_throwables: true
+    trusted_proxies: '%env(TRUSTED_PROXIES)%'
 
     # Enables session support. Note that the session will ONLY be started if you read or write from it.
     # Remove or comment this section to explicitly disable session support.