承接 ecphp/reverse-proxy-helper-bundle 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

ecphp/reverse-proxy-helper-bundle

Composer 安装命令:

composer require ecphp/reverse-proxy-helper-bundle

包简介

Helper bundle, configure the request headers from a given base URL.

README 文档

README

Latest Stable Version GitHub stars Total Downloads GitHub Workflow Status Scrutinizer code quality Type Coverage Code Coverage License

Reverse Proxy Helper Bundle

At European Commission, many applications are behind a reverse proxy server.

If the reverse proxy configuration is not properly set, Symfony applications will generate invalid URIs because they will use their internal server URIs instead of the one given by the reverse proxy.

For some reason, the reverse proxy services at European Commission doesn't send all the necessary headers to let Symfony generate proper URIs.

This bundle will make sure that the URIs are properly generated by providing the missing headers and set the appropriate trusted proxies configuration.

Requirements

  • PHP >= 7.2.5
  • Symfony >= 5.2.4

Installation

composer require ecphp/reverse-proxy-helper-bundle

Then, in your Symfony application, create a new configuration file reverse-proxy-helper.yaml in config/packages:

    reverse_proxy_helper:
        base_url: https://frontend-url-foobar:12345/app1/

You may also move this file in a specific environment if needed, and modulate the configuration based on the environment.

You can also use environment variables as well:

Update your configuration file as such to use an environment variable REVERSE_PROXY_URL:

    reverse_proxy_helper:
        base_url: '%env(resolve:REVERSE_PROXY_URL)%'

You also need to configure the trusted_headers and trusted_proxies in framework.yaml, example:

framework:
    trusted_proxies: '127.0.0.1,REMOTE_ADDR'
    trusted_headers: ['x-forwarded-for', 'x-forwarded-host', 'x-forwarded-proto', 'x-forwarded-port', 'x-forwarded-prefix']

What does this do?

This bundle ensures that proper headers are set for HTTP requests behind a reverse proxy.

Setting a trusted proxy and proper headers allows for correct URL generation, redirecting, session handling and logging in Symfony when behind a reverse proxy.

This is useful if your web servers sit behind a load balancer (Nginx, HAProxy, Envoy, ELB/ALB, etc), HTTP cache (CloudFlare, Squid, Varnish, etc), or other intermediary (reverse) proxy.

Why does this matter?

A very common load balancing approach is to send https:// requests to a load balancer, but send http:// requests to the application servers behind the load balancer.

For example, you may send a request in your browser to https://example.org. The load balancer, in turn, might send requests to an application server at http://192.168.1.23.

What if that server returns a redirect, or generates an asset url? The users's browser would get back a redirect or HTML that includes http://192.168.1.23 in it, which is clearly wrong.

What happens is that the application thinks its hostname is 192.168.1.23 and the schema is http://. It doesn't know that the end client used https://example.org for its web request.

So the application needs to know to read the X-Forwarded headers to get the correct request details (schema https://, host example.org).

Symfony is able to reads those headers, but only if the trusted proxy configuration is correctly set to "trust" the load balancer/reverse proxy.

How does this work?

Applications behind a reverse proxy typically read some HTTP headers such as X-Forwarded-*, (X-Forwarded-For, X-Forwarded-Proto, X-Forwared-Host, X-Forwarded-Port, X-Forwarded-Prefix) to know about the real end-client making an HTTP request.

If those headers were not set, then the application code would think every incoming HTTP request would be from the proxy.

The Symfony HTTP base classes have a concept of a "trusted proxy", where those X-Forwarded-* headers will only be used if the source IP address of the request is known.

This package creates an easier interface to that option. You can set the IP addresses of the proxies (that the application would see, so it may be a private network IP address), and Symfony will use the X-Forwarded-* headers if an HTTP request containing those headers was from the trusted proxy.

Open Source contributions

  • symfony/framework-bundle: #40281

ecphp/reverse-proxy-helper-bundle 适用场景与选型建议

ecphp/reverse-proxy-helper-bundle 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 5.01k 次下载、GitHub Stars 达 0, 最近一次更新时间为 2021 年 02 月 25 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「headers」 「reverse-proxy」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 ecphp/reverse-proxy-helper-bundle 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 ecphp/reverse-proxy-helper-bundle 我们能提供哪些服务?
定制开发 / 二次开发

基于 ecphp/reverse-proxy-helper-bundle 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 5.01k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 9
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 1
  • Forks: 1
  • 开发语言: PHP

其他信息

  • 授权协议: BSD-3-Clause
  • 更新时间: 2021-02-25