From 8ff420c686785d0a77e554662bb16ca5d3b4d405 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micka=C3=ABl=20Andrieu?= <andrieu.travail@gmail.com> Date: Sun, 18 Jun 2017 00:38:46 +0200 Subject: [PATCH] Removed IP checks block from front controller --- web/index.php | 35 ----------------------------------- 1 file changed, 35 deletions(-) delete mode 100644 web/index.php diff --git a/web/index.php b/web/index.php deleted file mode 100644 index 8df305c..0000000 --- a/web/index.php +++ /dev/null @@ -1,35 +0,0 @@ -<?php - -use App\Kernel; -use Symfony\Component\HttpFoundation\Request; -use Symfony\Component\Debug\Debug; - -require __DIR__.'/../vendor/autoload.php'; - -if (getenv('APP_DEBUG')) { - // This check prevents access to debug front controllers that are deployed by accident to production servers. - // Feel free to remove this, extend it, or make something more sophisticated. - $whitelistedIps = ['127.0.0.1', '::1']; - - // Allow access from the host - if ($dockerBridgeIp = getenv('DOCKER_BRIDGE_IP')) { - $whitelistedIps[] = $dockerBridgeIp; - } - if (isset($_SERVER['HTTP_CLIENT_IP']) - || isset($_SERVER['HTTP_X_FORWARDED_FOR']) - || !(in_array(@$_SERVER['REMOTE_ADDR'], $whitelistedIps) || php_sapi_name() === 'cli-server') - ) { - header('HTTP/1.0 403 Forbidden'); - exit('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.'); - } - - Debug::enable(); -} - -// Request::setTrustedProxies(['0.0.0.0/0'], Request::HEADER_FORWARDED); - -$kernel = new Kernel(getenv('APP_ENV'), getenv('APP_DEBUG')); -$request = Request::createFromGlobals(); -$response = $kernel->handle($request); -$response->send(); -$kernel->terminate($request, $response);