football2801
4a871a1161
CI / test (push) Has been cancelled
Traefik terminates TLS and forwards X-Forwarded-Proto: https to Nginx, which forwards it to PHP-FPM. Without trusted_proxies, Symfony ignored this header and generated http:// redirect URLs after login/register, causing session cookie loss on mobile (Secure cookie not sent over HTTP). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
26 lines
749 B
YAML
26 lines
749 B
YAML
# see https://symfony.com/doc/current/reference/configuration/framework.html
|
|
framework:
|
|
secret: '%env(APP_SECRET)%'
|
|
|
|
# Note that the session will be started ONLY if you read or write from it.
|
|
session: true
|
|
|
|
# Trust the Traefik reverse proxy that terminates TLS before Nginx.
|
|
# REMOTE_ADDR = trust whatever IP is connecting to PHP-FPM (always Nginx in Docker).
|
|
trusted_proxies: 'REMOTE_ADDR'
|
|
trusted_headers:
|
|
- 'x-forwarded-for'
|
|
- 'x-forwarded-host'
|
|
- 'x-forwarded-proto'
|
|
- 'x-forwarded-port'
|
|
- 'x-forwarded-prefix'
|
|
|
|
#esi: true
|
|
#fragments: true
|
|
|
|
when@test:
|
|
framework:
|
|
test: true
|
|
session:
|
|
storage_factory_id: session.storage.factory.mock_file
|