setTrustedProxies([]); # сбрасываем состояние между запросами $trusted = config::get('request.trusted.proxies'); if (is_null($trusted) || $trusted === '') { return $next($request); } if (is_string($trusted)) { if ($trusted === '*') { $trusted = [ $request->remoteAddress(false, false) # текущий IP ]; } else { $trusted = array_map('trim', explode(',', $trusted)); } } if (is_array($trusted)) { $request->setTrustedProxies( $this->mixinCloudFlareIps($trusted) ); } return $next($request); } public function mixinCloudFlareIps(array $trusted, $force = false) { $key = array_search('cloudflare', $trusted, true); if ($key !== false) { unset($trusted[$key]); $force = true; } if ($force) { $trusted = array_merge($this->loadCloudFlareIps(), $trusted); } return $trusted; } public function loadCloudFlareIps($v6 = false) { return Cache::remember('trusted.proxies.cloudflare', 172800/* 2 days */, static function () use ($v6) { $ch = curl_init('https://www.cloudflare.com/ips-v' . ($v6 ? '6' : '4')); curl_setopt($ch, CURLOPT_FAILONERROR, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $result = curl_exec($ch); if ($result === false) { curl_close($ch); return []; } $code = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ($code !== 200) { return []; } curl_close($ch); return array_map('trim', explode(PHP_EOL, $result)); }); } }