From: ArthurHoaro Date: Thu, 13 Jul 2017 12:15:06 +0000 (+0200) Subject: Merge pull request #899 from smuth4/master X-Git-Tag: v0.9.1~1^2~18 X-Git-Url: https://git.immae.eu/?a=commitdiff_plain;h=2fee2f425d244e50ff64416f302a941a4470d8d2;hp=70cb883547a04b3ccd3fda567d15541d124a3f41;p=github%2Fshaarli%2FShaarli.git Merge pull request #899 from smuth4/master Respect HTTP_X_FORWARDED_HOST --- diff --git a/application/HttpUtils.php b/application/HttpUtils.php index a81f9056..88a1efdb 100644 --- a/application/HttpUtils.php +++ b/application/HttpUtils.php @@ -311,7 +311,19 @@ function server_url($server) } } - return $scheme.'://'.$server['SERVER_NAME'].$port; + if (isset($server['HTTP_X_FORWARDED_HOST'])) { + // Keep forwarded host + if (strpos($server['HTTP_X_FORWARDED_HOST'], ',') !== false) { + $hosts = explode(',', $server['HTTP_X_FORWARDED_HOST']); + $host = trim($hosts[0]); + } else { + $host = $server['HTTP_X_FORWARDED_HOST']; + } + } else { + $host = $server['SERVER_NAME']; + } + + return $scheme.'://'.$host.$port; } // SSL detection diff --git a/tests/HttpUtils/ServerUrlTest.php b/tests/HttpUtils/ServerUrlTest.php index 7fdad659..dac02b3e 100644 --- a/tests/HttpUtils/ServerUrlTest.php +++ b/tests/HttpUtils/ServerUrlTest.php @@ -38,6 +38,34 @@ class ServerUrlTest extends PHPUnit_Framework_TestCase ); } + /** + * Detect a Proxy that sets Forwarded-Host + */ + public function testHttpsProxyForwardedHost() + { + $this->assertEquals( + 'https://host.tld:8080', + server_url( + array( + 'HTTP_X_FORWARDED_PROTO' => 'https', + 'HTTP_X_FORWARDED_PORT' => '8080', + 'HTTP_X_FORWARDED_HOST' => 'host.tld' + ) + ) + ); + + $this->assertEquals( + 'https://host.tld:4974', + server_url( + array( + 'HTTP_X_FORWARDED_PROTO' => 'https, https', + 'HTTP_X_FORWARDED_PORT' => '4974, 80', + 'HTTP_X_FORWARDED_HOST' => 'host.tld, example.com' + ) + ) + ); + } + /** * Detect a Proxy with SSL enabled */