From b80315e2384a92e7a7ea8c3a6d4b38957851061b Mon Sep 17 00:00:00 2001
From: Stephen Muth <smuth4@gmail.com>
Date: Sat, 8 Jul 2017 00:01:03 +0000
Subject: Respect HTTP_X_FORWARDED_HOST

alongside _PORT and _PROTO
Fixes #879
---
 application/HttpUtils.php | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/application/HttpUtils.php b/application/HttpUtils.php
index a81f9056..88a1efdb 100644
--- a/application/HttpUtils.php
+++ b/application/HttpUtils.php
@@ -311,7 +311,19 @@ function server_url($server)
             }
         }
 
-        return $scheme.'://'.$server['SERVER_NAME'].$port;
+        if (isset($server['HTTP_X_FORWARDED_HOST'])) {
+            // Keep forwarded host
+            if (strpos($server['HTTP_X_FORWARDED_HOST'], ',') !== false) {
+                $hosts = explode(',', $server['HTTP_X_FORWARDED_HOST']);
+                $host = trim($hosts[0]);
+            } else {
+                $host = $server['HTTP_X_FORWARDED_HOST'];
+            }
+        } else {
+            $host = $server['SERVER_NAME'];
+        }
+
+        return $scheme.'://'.$host.$port;
     }
 
     // SSL detection
-- 
cgit v1.2.3


From 0b51ea72517efa8731348cfaed410c71cb2bfd91 Mon Sep 17 00:00:00 2001
From: Stephen Muth <smuth4@gmail.com>
Date: Wed, 12 Jul 2017 17:57:47 +0000
Subject: Add tests to cover new server_url behavior

---
 tests/HttpUtils/ServerUrlTest.php | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/tests/HttpUtils/ServerUrlTest.php b/tests/HttpUtils/ServerUrlTest.php
index 7fdad659..dac02b3e 100644
--- a/tests/HttpUtils/ServerUrlTest.php
+++ b/tests/HttpUtils/ServerUrlTest.php
@@ -38,6 +38,34 @@ class ServerUrlTest extends PHPUnit_Framework_TestCase
         );
     }
 
+    /**
+     * Detect a Proxy that sets Forwarded-Host
+     */
+    public function testHttpsProxyForwardedHost()
+    {
+        $this->assertEquals(
+            'https://host.tld:8080',
+            server_url(
+                array(
+                    'HTTP_X_FORWARDED_PROTO' => 'https',
+                    'HTTP_X_FORWARDED_PORT' => '8080',
+                    'HTTP_X_FORWARDED_HOST' => 'host.tld'
+                )
+            )
+        );
+
+        $this->assertEquals(
+            'https://host.tld:4974',
+            server_url(
+                array(
+                    'HTTP_X_FORWARDED_PROTO' => 'https, https',
+                    'HTTP_X_FORWARDED_PORT' => '4974, 80',
+                    'HTTP_X_FORWARDED_HOST' => 'host.tld, example.com'
+                )
+            )
+        );
+    }
+
     /**
      * Detect a Proxy with SSL enabled
      */
-- 
cgit v1.2.3