public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge ad9dee6173 into 65037b086c

This commit is contained in:
kukubadze 2026-04-18 10:26:32 -05:00 committed by GitHub
parent 65037b086c ad9dee6173
commit acac423cb9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -78,6 +78,7 @@ software like OAuth2 Proxy more secure for everyone.
- [#3381](https://github.com/oauth2-proxy/oauth2-proxy/pull/3381) fix: do not log error for backend logout 204 (@artificiosus)
- [#3327](https://github.com/oauth2-proxy/oauth2-proxy/pull/3327) fix: improve logging when session refresh token is missing (@yosri-brh)
- [#2767](https://github.com/oauth2-proxy/oauth2-proxy/pull/2767) fix: propagate errors during route building (@sybereal)
- [#3323](https://github.com/oauth2-proxy/oauth2-proxy/pull/3323) fix: сorrect handling of multiple X-Forwarded-Host values (@kukubadze)
# V7.15.0

6
pkg/requests/util/util.go
View File

@ -30,6 +30,12 @@ func GetRequestHost(req *http.Request) string {
host := req.Header.Get(XForwardedHost)
if !CanTrustForwardedHeaders(req) || host == "" {
host = req.Host
} else {
// Handle multiple hosts in X-Forwarded-Host (comma-separated)
// Take only the first host as common implementation convention
if hosts := strings.Split(host, ","); len(hosts) > 0 {
host = strings.TrimSpace(hosts[0])
}
}
return host
}

10
pkg/requests/util/util_test.go
View File

@ -67,6 +67,16 @@ var _ = Describe("Util Suite", func() {
req.Header.Add("X-Forwarded-Host", "external.oauth2proxy.text")
Expect(util.GetRequestHost(req)).To(Equal("external.oauth2proxy.text"))
})
It("returns the first X-Forwarded-Host when multiple hosts are present", func() {
req.Header.Add("X-Forwarded-Host", "first.host,second.host,third.host")
Expect(util.GetRequestHost(req)).To(Equal("first.host"))
})
It("returns the first X-Forwarded-Host when multiple hosts are present with extra spaces", func() {
req.Header.Add("X-Forwarded-Host", " first.host , second.host , third.host ")
Expect(util.GetRequestHost(req)).To(Equal("first.host"))
})
})
})