Skip to content

Commit

Permalink
HTTP/HTTPS mixed content errors #612 (#613)
Browse files Browse the repository at this point in the history
* Configure TrustProxies middleware
* Add trusted proxies to deps
* Replace jquery request with axios request code
* Trust current user IP for forwarded headers
* Update dependencies
* Downgrade self-updater package for PHP 7.2
  • Loading branch information
nabeelio authored Mar 3, 2020
1 parent dcf9f48 commit 89481b5
Show file tree
Hide file tree
Showing 26 changed files with 219 additions and 191 deletions.
9 changes: 8 additions & 1 deletion .travis/deploy_script.sh
Original file line number Diff line number Diff line change
Expand Up @@ -140,4 +140,11 @@ else
artifacts upload --target-paths "/" ${TRAVIS_BRANCH}_version
fi

curl -X POST --data "{\"content\": \"A new build is available at http://downloads.phpvms.net/$TAR_NAME (${FULL_VERSION})\"}" -H "Content-Type: application/json" $DISCORD_WEBHOOK_URL
#if [ "$TRAVIS_BRANCH" != "master" ] && [ "$TRAVIS_BRANCH" != "dev" ]; then
# echo "Skipping Discord branch update broadcast"
#else
curl -X POST \
--data "{\"content\": \"A new build is available at http://downloads.phpvms.net/$TAR_NAME (${FULL_VERSION})\"}" \
-H "Content-Type: application/json" \
$DISCORD_WEBHOOK_URL
#fi
2 changes: 2 additions & 0 deletions app/Http/Kernel.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
use App\Http\Middleware\InstalledCheck;
use App\Http\Middleware\JsonResponse;
use App\Http\Middleware\RedirectIfAuthenticated;
use App\Http\Middleware\TrustProxies;
use App\Http\Middleware\UpdatePending;
use Illuminate\Auth\Middleware\Authenticate;
use Illuminate\Auth\Middleware\Authorize;
Expand All @@ -23,6 +24,7 @@
class Kernel extends HttpKernel
{
protected $middleware = [
TrustProxies::class,
CheckForMaintenanceMode::class,
TrimStrings::class,
ConvertEmptyStringsToNull::class,
Expand Down
40 changes: 40 additions & 0 deletions app/Http/Middleware/TrustProxies.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
<?php

namespace App\Http\Middleware;

use Closure;
use Fideloper\Proxy\TrustProxies as Middleware;
use Illuminate\Http\Request;

class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array|string
*/
protected $proxies;

/**
* The headers that should be used to detect proxies.
*
* @var int
*/
protected $headers = Request::HEADER_X_FORWARDED_ALL;

/**
* Set the client as trusted
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
*
* @return mixed
*/
public function handle(Request $request, Closure $next)
{
$request->setTrustedProxies([$request->getClientIp()], $this->getTrustedHeaderNames());
$this->setTrustedProxyIpAddresses($request);

return $next($request);
}
}
1 change: 1 addition & 0 deletions app/Models/FlightField.php
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
*
* @property string name
* @property string slug
* @property bool required
*/
class FlightField extends Model
{
Expand Down
7 changes: 4 additions & 3 deletions composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -21,10 +21,11 @@
"anhskohbo/no-captcha": "^3.0",
"appstract/laravel-opcache": "^2.0",
"arrilot/laravel-widgets": "~3.13.0",
"codedge/laravel-selfupdater": "^2.5",
"codedge/laravel-selfupdater": "~2.5.1",
"doctrine/dbal": "~2.9.2",
"elcobvg/laravel-opcache": "~0.4",
"facade/ignition": "^1.6",
"fideloper/proxy": "^4.3",
"guzzlehttp/guzzle": "~6.3.3",
"hashids/hashids": "^2.0.0",
"igaster/laravel-theme": "^2.0",
Expand All @@ -43,6 +44,7 @@
"nabeel/vacentral": "~2.0",
"nwidart/laravel-modules": "^6.0",
"php-units-of-measure/php-units-of-measure": "~2.1.0",
"phpvms/sample-module": "^1.0",
"pragmarx/version": "0.2.*",
"prettus/l5-repository": "~2.6.0",
"santigarcor/laratrust": "~5.2.0",
Expand All @@ -54,8 +56,7 @@
"theiconic/php-ga-measurement-protocol": "2.7.*",
"tivie/php-os-detector": "~1.1.0",
"webpatser/laravel-uuid": "~3.0",
"oomphinc/composer-installers-extender": "^1.1",
"phpvms/sample-module": "^1.0"
"oomphinc/composer-installers-extender": "^1.1"
},
"require-dev": {
"barryvdh/laravel-debugbar": "^3.0",
Expand Down
Loading

0 comments on commit 89481b5

Please sign in to comment.