Commit72b47e1

committed

minor#6345 Remove link-local IPv6 address (snoek09)

This PR was merged into the 2.3 branch.Discussion----------Remove link-local IPv6 address| Q | A| ------------- | ---| Doc fix? | yes| New docs? | no| Applies to | all| Fixed tickets |#6310Commits-------c9c33b5 remove link-local IPv6 address (fe80::1)

2 parentsc2ef745 +c9c33b5 commit72b47e1Copy full SHA for 72b47e1

File tree

2 files changed

-6

lines changed

cookbook
- configuration
  - environments.rst
- security
  - access_control.rst

2 files changed

-6

lines changed

`‎cookbook/configuration/environments.rst‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -328,7 +328,7 @@ The new environment is now accessible via::`
`328`	`328`	`aren't accessible, the front controller is usually protected from external`
`329`	`329`	`IP addresses via the following code at the top of the controller::`
`330`	`330`
`331`		`- if (!in_array(@$_SERVER['REMOTE_ADDR'], array('127.0.0.1', 'fe80::1', '::1'))) {`
	`331`	`+ if (!in_array(@$_SERVER['REMOTE_ADDR'], array('127.0.0.1', '::1'))) {`
`332`	`332`	`die('You are not allowed to access this file. Check '.basename(__FILE__).' for more information.');`
`333`	`333`	`}`
`334`	`334`

`‎cookbook/security/access_control.rst‎`

Lines changed: 5 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -176,7 +176,7 @@ pattern so that it is only accessible by requests from the local server itself:`
`176`	`176`	`# ...`
`177`	`177`	`access_control:`
`178`	`178`	`#`
`179`		`- -{ path: ^/internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1,fe80::1,::1] }`
	`179`	`+ -{ path: ^/internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1] }`
`180`	`180`	`-{ path: ^/internal, roles: ROLE_NO_ACCESS }`
`181`	`181`
`182`	`182`	`..code-block::xml`
`@@ -193,7 +193,7 @@ pattern so that it is only accessible by requests from the local server itself:`
`193`	`193`	`<!-- ...-->`
`194`	`194`	`<rulepath="^/internal"`
`195`	`195`	`role="IS_AUTHENTICATED_ANONYMOUSLY"`
`196`		`-ips="127.0.0.1,fe80::1,::1"`
	`196`	`+ips="127.0.0.1, ::1"`
`197`	`197`	`/>`
`198`	`198`
`199`	`199`	`<rulepath="^/internal"role="ROLE_NO_ACCESS" />`
`@@ -209,7 +209,7 @@ pattern so that it is only accessible by requests from the local server itself:`
`209`	`209`	`array(`
`210`	`210`	`'path' => '^/internal',`
`211`	`211`	`'role' => 'IS_AUTHENTICATED_ANONYMOUSLY',`
`212`		`- 'ips' => '127.0.0.1,fe80::1,::1'`
	`212`	`+ 'ips' => '127.0.0.1, ::1'`
`213`	`213`	`),`
`214`	`214`	`array(`
`215`	`215`	`'path' => '^/internal',`
@@ -230,8 +230,8 @@ the external IP address ``10.0.0.1``:
`230`	`230`	`that does not match an existing role, it just serves as a trick to always`
`231`	`231`	`deny access).`
`232`	`232`
`233`		-But if the same request comes from ``127.0.0.1``, ``::1`` (the IPv6 loopback
`234`		-address) or ``fe80::1`` (the IPv6 link-local address):
	`233`	+But if the same request comes from ``127.0.0.1`` or ``::1`` (the IPv6 loopback
	`234`	`+address):`
`235`	`235`
`236`	`236`	* Now, the first access control rule is enabled as both the ``path`` and the
`237`	`237`	``ip`` match: access is allowed as the user always has the

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commit72b47e1

File tree

2 files changed

2 files changed

`‎cookbook/configuration/environments.rst‎`

`‎cookbook/security/access_control.rst‎`

0 commit comments