Development

#3842 (HTTP_X_FORWARDED_HOST and multiple proxies)

You must first sign up to be able to contribute.

Ticket #3842 (new defect)

Opened 2 years ago

Last modified 10 months ago

HTTP_X_FORWARDED_HOST and multiple proxies

Reported by: guglielmo.celata Assigned to: fabien
Priority: major Milestone:
Component: other Version: 1.2.7
Keywords: http_headers, proxies, deploy, production Cc:
Qualification: Unreviewed

Description

This is a problem related to the patch included in #637. The patch solves the issues for servers behind a single proxies, but when you're behind multiple proxies, the $_SERVER[HTTP_X_FORWARDED_HOST] looks like 

$_SERVER[HTTP_X_FORWARDED_HOST] = "www.firsthost.org, www.secondhost.org"

This way, the urls built through sfWebRequest::getHost are of course wrong and the whole application breaks.

A solution would be to use one of the values passed, but I can't figure out if the first value or the last should be used, since I don't really understand how reverse proxy work.

Change History

06/27/08 12:36:09 changed by guglielmo.celata

A similar ticket can be found in the dev.rubyonrails.org trac site: http://dev.rubyonrails.org/ticket/3397

It is still not clear whether the first or the last value should be used (there are patches for both cases).

05/15/09 10:45:10 changed by kevgau

  • version changed from 1.0.16 to 1.2.7.

This issue still exists on 1.2 branch.

This is quite tricky as it appeared only on our production environment as the production is behind a reverse proxy.

Is there any workaround ? I don't want to patch the framework on our first corporate Symfony production deployment...

The Sensio Labs Network

Since 1998, Sensio Labs has been promoting the Open-Source software movement by providing quality web application development, training, consulting.
Sensio Labs also supports several large Open-Source projects.

Open-Source Products

Services

> More