settings.php should be enough.
(For some reason this did not come up in all my searches for x-forwarded-for and Drupal, probably because it was drowning in old results)
VAnnergard β created an issue.
VAnnergard β created an issue.
This patch does work to handle it for me
VAnnergard β created an issue.
We just found this issue when we tried to add a Shortcut to a page that is generated via routeing + controller + custom theming.
E.g something like this in a modules routing (generalized path etc)
foo.bar:
path: '/foo/thing/bar/{id}'
defaults:
_controller: '\Drupal\foo\Controller\fooController::method'
_title: 'Foo thing bar'
requirements:
_role: 'administrator'
options:
no_cache: 'TRUE'
This might be useful for reproducing so thought I should add this.
Having had the same issue and stumbled on to this ticket, I think #6 is probably the reason this is a problem to start with.
The standard setting for rendered html output is to render it as an anonymous user which works as long as you have a public facing site but when you have limited access the output will (correctly) not fully render. Interesting some of the fields that are directly on the node did render, but not paragraphs that only worked when rendering as a user that had access to see the page.
Its an interesting question in this if it is a bug that the rendered html output when sat as an anonymous user still renders into the search index for pages where permission is denied for such users. (I guess as long as the search index is not publicly available its not a major issue)