Contributed by
Nicolas Grekas
in #37351
and #37357.
The front controller is a design pattern which makes all requests to be served
through a certain piece of code. In Symfony applications that’s the purpose of
the public/index.php file.
When configuring certain features of the front controller, such as trusted proxies
in load balancers or HTTP cache in reverse proxies, you need to edit the
code of the public/index.php file. In Symfony 5.2 we’ve introduced a new
feature to configure the front controller behavior using configuration options.
Using YAML, XML or PHP, you can now define the trusted_proxies, trusted_headers
and http_cache options to change your front controller behavior:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 | # config/packages/framework.yamlframework:# use the HTTP Cache defaultshttp_cache:true# configure every HTTP Cache optionhttp_cache:private_headers:['Authorization','Cookie','MyCustomHeader']default_ttl:3600allow_revalidate:truestale_if_error:600# configure proxies to trust directly in the config file:trusted_proxies:'127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16'# or use an env var if this value is dynamictrusted_proxies:'%env(TRUSTED_PROXIES)%'# you can also define the trusted headerstrusted_headers:['x-forwarded-all','!x-forwarded-host','!x-forwarded-prefix'] |
According to our own benchmarks, configuring these options instead of modifying
the index.php file can make the application up to 20% slower. However, when
using PHP preloading (available since PHP 7.4) the difference disappears and
both alternatives run equally fast.