Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Appearance settings

Commit 1252f49

Browse filesBrowse files
committed
minor #9344 Update access_control.rst (rapemer)
This PR was squashed before being merged into the 2.8 branch (closes #9344). Discussion ---------- Update access_control.rst Extend documentation with IP netmask Commits ------- c79ecf0 Update access_control.rst
2 parents dc7f8cc + c79ecf0 commit 1252f49
Copy full SHA for 1252f49

File tree

Expand file treeCollapse file tree

1 file changed

+6
-4
lines changed
Filter options
Expand file treeCollapse file tree

1 file changed

+6
-4
lines changed

‎security/access_control.rst

Copy file name to clipboardExpand all lines: security/access_control.rst
+6-4Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ access control should be used on this request. The following ``access_control``
2323
options are used for matching:
2424

2525
* ``path``
26-
* ``ip`` or ``ips``
26+
* ``ip`` or ``ips`` (netmask is supported)
2727
* ``host``
2828
* ``methods``
2929

@@ -176,7 +176,7 @@ pattern so that it is only accessible by requests from the local server itself:
176176
# ...
177177
access_control:
178178
#
179-
- { path: ^/internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1] }
179+
- { path: ^/internal, roles: IS_AUTHENTICATED_ANONYMOUSLY, ips: [127.0.0.1, ::1, 192.168.0.1/24] }
180180
- { path: ^/internal, roles: ROLE_NO_ACCESS }
181181
182182
.. code-block:: xml
@@ -193,7 +193,7 @@ pattern so that it is only accessible by requests from the local server itself:
193193
<!-- ... -->
194194
<rule path="^/internal"
195195
role="IS_AUTHENTICATED_ANONYMOUSLY"
196-
ips="127.0.0.1, ::1"
196+
ips="127.0.0.1, ::1, 192.168.0.1/24"
197197
/>
198198
199199
<rule path="^/internal" role="ROLE_NO_ACCESS" />
@@ -209,7 +209,7 @@ pattern so that it is only accessible by requests from the local server itself:
209209
array(
210210
'path' => '^/internal',
211211
'role' => 'IS_AUTHENTICATED_ANONYMOUSLY',
212-
'ips' => '127.0.0.1, ::1',
212+
'ips' => '127.0.0.1, ::1, 192.168.0.1/24',
213213
),
214214
array(
215215
'path' => '^/internal',
@@ -239,6 +239,8 @@ address):
239239

240240
* The second access rule is not examined as the first rule matched.
241241

242+
IP netmask is supported. You can write ``ip`` or ``ips`` with ``192.168.0.1/24`` or ``192.168.0.1/32``.
243+
242244
.. _security-allow-if:
243245

244246
Securing by an Expression

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.