From c150e328eb9b230c964f042a1451f11e7f0db32f Mon Sep 17 00:00:00 2001
From: reliq <reliq@reliqarts.com>
Date: Fri, 22 Mar 2024 17:09:41 +0100
Subject: [PATCH] fix non-www middleware issue with trusted proxy

---
 src/Http/Middleware/NonWWW.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/Http/Middleware/NonWWW.php b/src/Http/Middleware/NonWWW.php
index bece26c..cc37589 100644
--- a/src/Http/Middleware/NonWWW.php
+++ b/src/Http/Middleware/NonWWW.php
@@ -3,6 +3,7 @@
 namespace ReliqArts\Http\Middleware;
 
 use Closure;
+use Symfony\Component\HttpFoundation\Request;
 
 /**
  * Redirects any www requests to non-www counterparts.
@@ -14,10 +15,17 @@
  */
 class NonWWW
 {
+    private const TRUSTED_PROXY_HEADERS = Request::HEADER_X_FORWARDED_FOR |
+        Request::HEADER_X_FORWARDED_HOST |
+        Request::HEADER_X_FORWARDED_PORT |
+        Request::HEADER_X_FORWARDED_PROTO |
+        Request::HEADER_X_FORWARDED_PREFIX |
+        Request::HEADER_X_FORWARDED_AWS_ELB;
+
     public function handle($request, Closure $next)
     {
         if (str_starts_with($request->header('host'), 'www.')) {
-            $request->setTrustedProxies([$request->getClientIp()], config('trustedproxy.headers'));
+            $request->setTrustedProxies([$request->getClientIp()], self::TRUSTED_PROXY_HEADERS);
             $request->headers->set('host', parse_url(config('app.url'), PHP_URL_HOST));
 
             return redirect($request->getRequestUri(), 301);