Merge pull request #899 from smuth4/master

Respect HTTP_X_FORWARDED_HOST
author: ArthurHoaro <arthur@hoa.ro> 2017-07-13 14:15:06 +0200
committer: GitHub <noreply@github.com> 2017-07-13 14:15:06 +0200
commit: 2fee2f425d244e50ff64416f302a941a4470d8d2 (patch)
tree: f21fed77b74ee708026491dfcec44350f59cec9c
parent: 70cb883547a04b3ccd3fda567d15541d124a3f41 (diff)
parent: 0b51ea72517efa8731348cfaed410c71cb2bfd91 (diff)
download: Shaarli-2fee2f425d244e50ff64416f302a941a4470d8d2.tar.gz
Shaarli-2fee2f425d244e50ff64416f302a941a4470d8d2.tar.zst
Shaarli-2fee2f425d244e50ff64416f302a941a4470d8d2.zip
2 files changed, 41 insertions, 1 deletions
diff --git a/application/HttpUtils.php b/application/HttpUtils.php
index a81f9056..88a1efdb 100644
--- a/application/HttpUtils.php
+++ b/application/HttpUtils.php
@@ -311,7 +311,19 @@ function server_url($server)
            }
        }
-        return $scheme.'://'.$server['SERVER_NAME'].$port;
+        if (isset($server['HTTP_X_FORWARDED_HOST'])) {
+            // Keep forwarded host
+            if (strpos($server['HTTP_X_FORWARDED_HOST'], ',') !== false) {
+                $hosts = explode(',', $server['HTTP_X_FORWARDED_HOST']);
+                $host = trim($hosts[0]);
+            } else {
+                $host = $server['HTTP_X_FORWARDED_HOST'];
+            }
+        } else {
+            $host = $server['SERVER_NAME'];
+        }
+        return $scheme.'://'.$host.$port;
    }
    // SSL detection
diff --git a/tests/HttpUtils/ServerUrlTest.php b/tests/HttpUtils/ServerUrlTest.php
index 7fdad659..dac02b3e 100644
--- a/tests/HttpUtils/ServerUrlTest.php
+++ b/tests/HttpUtils/ServerUrlTest.php
@@ -39,6 +39,34 @@ class ServerUrlTest extends PHPUnit_Framework_TestCase
    }
    /**
+     * Detect a Proxy that sets Forwarded-Host
+     */
+    public function testHttpsProxyForwardedHost()
+    {
+        $this->assertEquals(
+            'https://host.tld:8080',
+            server_url(
+                array(
+                    'HTTP_X_FORWARDED_PROTO' => 'https',
+                    'HTTP_X_FORWARDED_PORT' => '8080',
+                    'HTTP_X_FORWARDED_HOST' => 'host.tld'
+                )
+            )
+        );
+        $this->assertEquals(
+            'https://host.tld:4974',
+            server_url(
+                array(
+                    'HTTP_X_FORWARDED_PROTO' => 'https, https',
+                    'HTTP_X_FORWARDED_PORT' => '4974, 80',
+                    'HTTP_X_FORWARDED_HOST' => 'host.tld, example.com'
+                )
+            )
+        );
+    }
+    /**
     * Detect a Proxy with SSL enabled
     */
    public function testHttpsProxyForward()
author	ArthurHoaro <arthur@hoa.ro>	2017-07-13 14:15:06 +0200
committer	GitHub <noreply@github.com>	2017-07-13 14:15:06 +0200
commit	2fee2f425d244e50ff64416f302a941a4470d8d2 (patch)
tree	f21fed77b74ee708026491dfcec44350f59cec9c
parent	70cb883547a04b3ccd3fda567d15541d124a3f41 (diff)
parent	0b51ea72517efa8731348cfaed410c71cb2bfd91 (diff)
download	Shaarli-2fee2f425d244e50ff64416f302a941a4470d8d2.tar.gz Shaarli-2fee2f425d244e50ff64416f302a941a4470d8d2.tar.zst Shaarli-2fee2f425d244e50ff64416f302a941a4470d8d2.zip

diff --git a/application/HttpUtils.php b/application/HttpUtils.php index a81f9056..88a1efdb 100644 --- a/application/HttpUtils.php +++ b/application/HttpUtils.php
@@ -311,7 +311,19 @@ function server_url($server)
311	}	311	}
312	}	312	}
313		313
314	return $scheme.'://'.$server['SERVER_NAME'].$port;	314	if (isset($server['HTTP_X_FORWARDED_HOST'])) {
		315	// Keep forwarded host
		316	if (strpos($server['HTTP_X_FORWARDED_HOST'], ',') !== false) {
		317	$hosts = explode(',', $server['HTTP_X_FORWARDED_HOST']);
		318	$host = trim($hosts[0]);
		319	} else {
		320	$host = $server['HTTP_X_FORWARDED_HOST'];
		321	}
		322	} else {
		323	$host = $server['SERVER_NAME'];
		324	}
		325
		326	return $scheme.'://'.$host.$port;
315	}	327	}
316		328
317	// SSL detection	329	// SSL detection


diff --git a/tests/HttpUtils/ServerUrlTest.php b/tests/HttpUtils/ServerUrlTest.php index 7fdad659..dac02b3e 100644 --- a/tests/HttpUtils/ServerUrlTest.php +++ b/tests/HttpUtils/ServerUrlTest.php
@@ -39,6 +39,34 @@ class ServerUrlTest extends PHPUnit_Framework_TestCase
39	}	39	}
40		40
41	/**	41	/**
		42	* Detect a Proxy that sets Forwarded-Host
		43	*/
		44	public function testHttpsProxyForwardedHost()
		45	{
		46	$this->assertEquals(
		47	'https://host.tld:8080',
		48	server_url(
		49	array(
		50	'HTTP_X_FORWARDED_PROTO' => 'https',
		51	'HTTP_X_FORWARDED_PORT' => '8080',
		52	'HTTP_X_FORWARDED_HOST' => 'host.tld'
		53	)
		54	)
		55	);
		56
		57	$this->assertEquals(
		58	'https://host.tld:4974',
		59	server_url(
		60	array(
		61	'HTTP_X_FORWARDED_PROTO' => 'https, https',
		62	'HTTP_X_FORWARDED_PORT' => '4974, 80',
		63	'HTTP_X_FORWARDED_HOST' => 'host.tld, example.com'
		64	)
		65	)
		66	);
		67	}
		68
		69	/**
42	* Detect a Proxy with SSL enabled	70	* Detect a Proxy with SSL enabled
43	*/	71	*/
44	public function testHttpsProxyForward()	72	public function testHttpsProxyForward()