football2801/pictureFrame
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: trust Traefik reverse proxy so Symfony generates https:// redirects
CI / test (push) Has been cancelled
Details

Browse Source 
Traefik terminates TLS and forwards X-Forwarded-Proto: https to Nginx,
which forwards it to PHP-FPM. Without trusted_proxies, Symfony ignored
this header and generated http:// redirect URLs after login/register,
causing session cookie loss on mobile (Secure cookie not sent over HTTP).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Matt Edholm
2026-05-04 19:10:44 -04:00
parent fe416f223e
commit 4a871a1161
1 changed files with 10 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config/packages/framework.yaml
+10
View File
@@ -5,6 +5,16 @@ framework:
# Note that the session will be started ONLY if you read or write from it. # Note that the session will be started ONLY if you read or write from it.
session: true session: true
# Trust the Traefik reverse proxy that terminates TLS before Nginx.
# REMOTE_ADDR = trust whatever IP is connecting to PHP-FPM (always Nginx in Docker).
trusted_proxies: 'REMOTE_ADDR'
trusted_headers:
- 'x-forwarded-for'
- 'x-forwarded-host'
- 'x-forwarded-proto'
- 'x-forwarded-port'
- 'x-forwarded-prefix'
#esi: true #esi: true
#fragments: true #fragments: true