jdavidbakr/cloudfront-proxies
Composer 安装命令:
composer require jdavidbakr/cloudfront-proxies
包简介
Sets proxy settings for Cloudfront in a Laravel project
README 文档
README
Purpose
One of the great things about putting your application behind a load balancer or CDN is that you can terminate your TLS there, and make the requests to your application via http. The problem with this, though, is that your application is not aware of the protocol with which it is being accessed. This will cause a problem with Laravel's URL generation tools, as the assets will be prefixed with http.
Laravel takes care of this nicely by using the TrustedProxies package, which allows you to define what IP addresses and what headers you want to use to convert the incoming request to the IP address and protocol of the originating request.
This was all wonderful, until Laravel 5.6 came out. This version of Laravel uses Symfony version 4, which no longer exposes the header you want to use to determine the protocol. Not a problem, you say, because you can use the X-Forwarded headers? It wouldn't be a problem, except for the fact that CloudFront uses a special header Cloudfront-Forwarded-Proto - and so now there is not a simple solution to set the protocol.
Further, you probably don't want to expose all IP addresses to your trusted proxy settings - ideally we should only use CloudFront IP addresses for our trusted proxies.
The solution
This package contains a simple middleware that does two very important tasks:
- Downloads the CloudFront IPv4 and IPv6 addresses into the trusted proxy IP addresses. This is cached according to your cache settings for one hour, so you are not making this call on every request.
- Adds the
X-Forwarded-Protoheader to your requests based on theCloudfront-Forwarded-Protovalue. This helps Symfony behave as if the original headers were what it needed in the first place.
This middleware only fires for requests that look like they came from CloudFront. It checks for any of the following headers:
Cloudfront-Forwarded-ProtoCloudfront-Forwarded-PortCloudfront-Viewer-AddressX-Amz-Cf-Id
So it is ignored if you are using other load balancers or accessing the server directly.
Usage
To use, simply install via composer:
composer require jdavidbakr/cloudfront-proxies
Then add the middleware to your kernel after the TrustProxies middleware:
\App\Http\Middleware\TrustProxies::class,
\jdavidbakr\CloudfrontProxies\CloudfrontProxies::class,
If you desire, you may publish the config file to give you access to some options:
php artisan vendor:publish
This will publish a cloudfront-proxies.php config file that you may edit.
By default, this package maps the parsed Cloudfront-Viewer-Address IP into X-Forwarded-For, so Laravel/Symfony Request::getClientIp() (or Request::clientIp()) resolves to the viewer IP when behind CloudFront.
You do not need to set viewer-address-attribute for getClientIp() to work.
viewer-address-attribute is only an optional extra request attribute if you want to read the parsed viewer IP directly from request attributes:
// config/cloudfront-proxies.php 'viewer-address-attribute' => 'cloudfront_viewer_ip',
By default, this optional attribute is disabled (null).
If you want to disable that behavior:
// config/cloudfront-proxies.php 'viewer-address-to-forwarded-for' => false,
And everything should be good to go from here.
jdavidbakr/cloudfront-proxies 适用场景与选型建议
jdavidbakr/cloudfront-proxies 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 296.93k 次下载、GitHub Stars 达 23, 最近一次更新时间为 2018 年 02 月 16 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「cloudfront」 「laravel」 「trusted proxies」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 jdavidbakr/cloudfront-proxies 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 jdavidbakr/cloudfront-proxies 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 jdavidbakr/cloudfront-proxies 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
CloudFront cache purger for the Blitz plugin.
Build a dynamic list of trusted proxies for use with Laravel Vapor
Amazon Web Services (AWS) Toolbox - This extension connects your TYPO3 instance to Amazon CloudFront. It rewrites all file paths in the frontend to match your CDN domain. You also have the possibility to invalidate Amazon CloudFront entries.
CDN Cache Control and Invalidation
Serve Laravel Assets from a Content Delivery Network (CDN)
Client for compari trusted shop
统计信息
- 总下载量: 296.93k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 23
- 点击次数: 31
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2018-02-16