Fix depreciation on Request::HEADER_X_FORWARDED_ALL constant in index.php

Chose to move the protection to the yaml config instead as it is possible since Symfony 5.2

Also removed default support for the $_SERVER['TRUSTED_PROXIES'], seems too untrusty. Use TRUSTED_PROXIES env var instead !

See https://jolicode.com/blog/symfony-reverse-proxies-and-ip-protection

datamodels/2.x/itop-portal-base/portal/.env

@@ -16,6 +16,6 @@
 ###> symfony/framework-bundle ###
 #APP_ENV=prod
 #APP_SECRET=40ef8b29be00df19cec62edf08f73808
-#TRUSTED_PROXIES=127.0.0.1,127.0.0.2
+TRUSTED_PROXIES=
 #TRUSTED_HOSTS='^localhost|example\.com$'
 ###< symfony/framework-bundle ###

datamodels/2.x/itop-portal-base/portal/config/packages/framework.yaml

@@ -1,4 +1,7 @@
 framework:
+  trusted_proxies: '%env(TRUSTED_PROXIES)%'
+  trusted_headers: [ 'forwarded', 'x-forwarded-for', 'x-forwarded-proto', 'x-forwarded-port', 'x-forwarded-prefix' ]
+
   secret: '%env(APP_SECRET)%'
   #default_locale: en
   #csrf_protection: true

datamodels/2.x/itop-portal-base/portal/public/index.php

@@ -29,12 +29,6 @@ $oContext2 = new ContextTag('Portal:'.$_ENV['PORTAL_ID']);
 
 $oKPI = new ExecutionKPI();
 
-// Note: Manually refactored ternary condition to be PHP 5.x compatible
-if ($trustedProxies = isset($_SERVER['TRUSTED_PROXIES']) ? $_SERVER['TRUSTED_PROXIES'] : (isset($_ENV['TRUSTED_PROXIES']) ? $_ENV['TRUSTED_PROXIES'] : false)) {
-	Request::setTrustedProxies(explode(',', $trustedProxies), Request::HEADER_X_FORWARDED_ALL ^ Request::HEADER_X_FORWARDED_HOST);
-}
-
-// Note: Manually refactored ternary condition to be PHP 5.x compatible
 if ($trustedHosts = isset($_SERVER['TRUSTED_HOSTS']) ? $_SERVER['TRUSTED_HOSTS'] : (isset($_ENV['TRUSTED_HOSTS']) ? $_ENV['TRUSTED_HOSTS'] : false)) {
 	Request::setTrustedHosts([$trustedHosts]);
 }