Add info about reverse_proxy on status page

Open on Drupal.org →

Created on 2 September 2020, over 4 years ago

Updated 17 March 2023, about 2 years ago

Problem/Motivation

The Reverse proxy settings are a bit tricky to understand and often drive to wrong protocol detection.

Steps to reproduce

Place Drupal behind a reverse proxy and do not set $settings['reverse_proxy'] : no warning is display.

Proposed resolution

Add an information on the status page displaying what info Drupal extract from the headers.

$request->getScheme();
$request->getHost();
$request->getClientIp();

Display a warning if $request::HEADER_X_FORWARDED_FOR is present but $request->getTrustedProxies() is not set (and link to reverse proxy doc).

Display an error if $request->getTrustedProxies() is set but $request->isFromTrustedProxy() return false.
If $request->getTrustedProxies() is set display the trusted proxy list $request->getTrustedProxies()

Remaining tasks

Add info about reverse_proxy on status page.

User interface changes

Add a line in status page.

API changes

None.

Data model changes

None.

Release notes snippet

Add status about

✨ Feature request

Status

Active

Version

9.5

Component

System →

Last updated about 13 hours ago

No maintainer

Created by

🇫🇷France o'briat Nantes

Live updates comments and jobs are added and updated live.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment about 2 years ago →
🇫🇷France o'briat Nantes
This issue is a bit more critical since https://www.drupal.org/sa-core-2023-004: → the phpinfo page doesn't display anymore the request headers.
The status page should return the following order HTTP headers in order to setup or debug the reverse proxy settings : REMOTE_ADDR, HTTP_X_FORWARDED_*, HTTP_HOST, SERVER_PORT, REQUEST_SCHEME.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024