diff --git a/application/HttpUtils.php b/application/HttpUtils.php index a81f9056..88a1efdb 100644 --- a/application/HttpUtils.php +++ b/application/HttpUtils.php @@ -311,7 +311,19 @@ function server_url($server) } } - return $scheme.'://'.$server['SERVER_NAME'].$port; + if (isset($server['HTTP_X_FORWARDED_HOST'])) { + // Keep forwarded host + if (strpos($server['HTTP_X_FORWARDED_HOST'], ',') !== false) { + $hosts = explode(',', $server['HTTP_X_FORWARDED_HOST']); + $host = trim($hosts[0]); + } else { + $host = $server['HTTP_X_FORWARDED_HOST']; + } + } else { + $host = $server['SERVER_NAME']; + } + + return $scheme.'://'.$host.$port; } // SSL detection diff --git a/tests/HttpUtils/ServerUrlTest.php b/tests/HttpUtils/ServerUrlTest.php index 7fdad659..dac02b3e 100644 --- a/tests/HttpUtils/ServerUrlTest.php +++ b/tests/HttpUtils/ServerUrlTest.php @@ -38,6 +38,34 @@ public function testHttpsScheme() ); } + /** + * Detect a Proxy that sets Forwarded-Host + */ + public function testHttpsProxyForwardedHost() + { + $this->assertEquals( + 'https://host.tld:8080', + server_url( + array( + 'HTTP_X_FORWARDED_PROTO' => 'https', + 'HTTP_X_FORWARDED_PORT' => '8080', + 'HTTP_X_FORWARDED_HOST' => 'host.tld' + ) + ) + ); + + $this->assertEquals( + 'https://host.tld:4974', + server_url( + array( + 'HTTP_X_FORWARDED_PROTO' => 'https, https', + 'HTTP_X_FORWARDED_PORT' => '4974, 80', + 'HTTP_X_FORWARDED_HOST' => 'host.tld, example.com' + ) + ) + ); + } + /** * Detect a Proxy with SSL enabled */