Thomas Peterson
e792c4d4f5
Symfony vertraute Caddys X-Forwarded-Proto nicht, daher lauteten QR- und Wallet-Barcode-URLs http:// statt https://. framework.trusted_proxies auf %env(TRUSTED_PROXIES)% gesetzt (Prod: 10.0.0.0/16, Dev: 127.0.0.1). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
21 lines
699 B
YAML
21 lines
699 B
YAML
# see https://symfony.com/doc/current/reference/configuration/framework.html
|
|
framework:
|
|
secret: '%env(APP_SECRET)%'
|
|
|
|
# Hinter Caddy (Reverse-Proxy): dessen X-Forwarded-Proto/Host vertrauen, damit
|
|
# generierte Absolut-URLs (QR, Wallet-Barcode) https + richtige Domain nutzen.
|
|
trusted_proxies: '%env(TRUSTED_PROXIES)%'
|
|
trusted_headers: ['x-forwarded-for', 'x-forwarded-host', 'x-forwarded-proto', 'x-forwarded-port']
|
|
|
|
# Note that the session will be started ONLY if you read or write from it.
|
|
session: true
|
|
|
|
#esi: true
|
|
#fragments: true
|
|
|
|
when@test:
|
|
framework:
|
|
test: true
|
|
session:
|
|
storage_factory_id: session.storage.factory.mock_file
|