mirror/Part-DB.Part-DB-server
1
0
Fork 1
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-07-09 18:04:33 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
Part-DB.Part-DB-server/config/packages/framework.yaml
Jan Böhmer 9cc4226726 Allow users to set trusted proxies for header override. 
This should fix issue #145.
2022-07-17 22:47:30 +02:00

33 lines
1.3 KiB
YAML
Raw Blame History

# see https://symfony.com/doc/current/reference/configuration/framework.html
framework:
secret: '%env(APP_SECRET)%'
csrf_protection: true
http_method_override: false
# Allow users to configure trusted hosts via .env variables
# see https://symfony.com/doc/current/reference/configuration/framework.html#trusted-hosts
trusted_hosts: '%env(TRUSTED_HOSTS)%'
# Allow users to configure reverse proxies via .env variables. Default values are defined in parameters.yaml.
trusted_proxies: '%env(TRUSTED_PROXIES)%'
# Trust all headers by default. X-Forwared-Host can be a security risk if your reverse proxy doesn't set it.
trusted_headers: ['x-forwarded-for', 'x-forwarded-host', 'x-forwarded-proto', 'x-forwarded-port', 'x-forwarded-prefix']
# Enables session support. Note that the session will ONLY be started if you read or write from it.
# Remove or comment this section to explicitly disable session support.
session:
handler_id: null
cookie_secure: auto
cookie_samesite: lax
storage_factory_id: session.storage.factory.native
#esi: true
#fragments: true
php_errors:
log: true
when@test:
framework:
test: true
session:
storage_factory_id: session.storage.factory.mock_file
Reference in a new issue View git blame Copy permalink