Cover of the book Symfony 5: The Fast Track

Symfony 5: The Fast Track is the best book to learn modern Symfony development, from zero to production. +300 pages showcasing Symfony with Docker, APIs, queues & async tasks, Webpack, SPAs, etc.

New in Symfony 5.2: Front controller configuration

Contributed by
Nicolas Grekas
in #37351 and #37357.

The front controller is a design pattern which makes all requests to be served through a certain piece of code. In Symfony applications that’s the purpose of the public/index.php file.

When configuring certain features of the front controller, such as trusted proxies in load balancers or HTTP cache in reverse proxies, you need to edit the code of the public/index.php file. In Symfony 5.2 we’ve introduced a new feature to configure the front controller behavior using configuration options.

Using YAML, XML or PHP, you can now define the trusted_proxies, trusted_headers and http_cache options to change your front controller behavior:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
# config/packages/framework.yaml
framework:
    # use the HTTP Cache defaults
    http_cache: true

    # configure every HTTP Cache option
    http_cache:
        private_headers: ['Authorization', 'Cookie', 'MyCustomHeader']
        default_ttl: 3600
        allow_revalidate: true
        stale_if_error: 600

    # configure proxies to trust directly in the config file:
    trusted_proxies: '127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16'
    # or use an env var if this value is dynamic
    trusted_proxies: '%env(TRUSTED_PROXIES)%'

    # you can also define the trusted headers
    trusted_headers: ['x-forwarded-all', '!x-forwarded-host', '!x-forwarded-prefix']

According to our own benchmarks, configuring these options instead of modifying the index.php file can make the application up to 20% slower. However, when using PHP preloading (available since PHP 7.4) the difference disappears and both alternatives run equally fast.

Help the Symfony project!

As with any Open-Source project, contributing code or documentation is the most common way to help, but we also have a wide range of sponsoring opportunities.

New in Symfony 5.2: Front controller configuration symfony.com/blog/new-in-symfony-5-2-front-controller-configuration

Tweet this

Comments

So running Sy5.2 on Php 7.3 will now be 20% slower? really? that seems like an odd thing to do. Any way to disable this then?
@Craig don't worry, because if you don't use this feature explicitly in your app, you won't see any difference. The slowdown mentioned in the article only happens if you use this feature and have PHP preloading disabled (or use a PHP version without preloading).
Please note that this performance drop only occurs when using the HttpCache functionality, not the trusted options.

You can still use HttpCache by updating public/index.php (instead of this config) if you're on PHP
Amazing feature, thanks !

Let's hope this will prevent people altering index.php :)
Finally! Thanks :)
Login with SymfonyConnect to post a comment