# see https://symfony.com/doc/current/reference/configuration/framework.html
framework:
    secret: '%env(APP_SECRET)%'

    # Note that the session will be started ONLY if you read or write from it.
    session: true

    # Trusted proxies — REQUIRED for a correct client IP in the activity log
    # when SIRH runs behind a reverse proxy (nginx / traefik / cloud LB).
    # Without this, Request::getClientIp() returns the PROXY ip, not the client's.
    # Uncomment and set to the proxy network/CIDR of your deployment, e.g.:
    #   trusted_proxies: '127.0.0.1,REMOTE_ADDR,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16'
    #   trusted_headers: ['x-forwarded-for', 'x-forwarded-host', 'x-forwarded-proto', 'x-forwarded-port']
    # trusted_proxies: '%env(TRUSTED_PROXIES)%'

    #esi: true
    #fragments: true

when@test:
    framework:
        test: true
        session:
            storage_factory_id: session.storage.factory.mock_file