dwindown/dewemoji
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: trust proxy headers for secure URL generation

Browse Source
This commit is contained in:
Dwindi Ramadhana
2026-02-14 19:27:32 +07:00
parent 205a8b08e1
commit 6ac626191a
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/bootstrap/app.php
View File

@@ -4,6 +4,7 @@ use App\Http\Middleware\CanonicalPathMiddleware;
use Illuminate\Foundation\Application; use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions; use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware; use Illuminate\Foundation\Configuration\Middleware;
use Illuminate\Http\Request;
return Application::configure(basePath: dirname(__DIR__)) return Application::configure(basePath: dirname(__DIR__))
->withRouting( ->withRouting(
@@ -17,6 +18,13 @@ return Application::configure(basePath: dirname(__DIR__))
health: '/up', health: '/up',
) )
->withMiddleware(function (Middleware $middleware): void { ->withMiddleware(function (Middleware $middleware): void {
// Respect reverse-proxy forwarded headers (Coolify/Nginx) so generated URLs keep HTTPS.
$middleware->trustProxies(at: '*', headers: Request::HEADER_X_FORWARDED_FOR
| Request::HEADER_X_FORWARDED_HOST
| Request::HEADER_X_FORWARDED_PORT
| Request::HEADER_X_FORWARDED_PROTO
| Request::HEADER_X_FORWARDED_AWS_ELB);
$middleware->web(append: [ $middleware->web(append: [
CanonicalPathMiddleware::class, CanonicalPathMiddleware::class,
]); ]);