public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge e94545eec0 into 3a55dadbe8

This commit is contained in:
kukubadze 2026-01-26 09:40:51 +00:00 committed by GitHub
parent 3a55dadbe8 e94545eec0
commit cf9593208c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/requests/util/util.go
View File

@ -30,6 +30,12 @@ func GetRequestHost(req *http.Request) string {
host := req.Header.Get(XForwardedHost)
if !IsProxied(req) || host == "" {
host = req.Host
} else {
// Handle multiple hosts in X-Forwarded-Host (comma-separated)
// Take only the first host as per RFC 7239
if hosts := strings.Split(host, ","); len(hosts) > 0 {
host = strings.TrimSpace(hosts[0])
}
}
return host
}

10
pkg/requests/util/util_test.go
View File

@ -59,6 +59,16 @@ var _ = Describe("Util Suite", func() {
req.Header.Add("X-Forwarded-Host", "external.oauth2proxy.text")
Expect(util.GetRequestHost(req)).To(Equal("external.oauth2proxy.text"))
})
It("returns the first X-Forwarded-Host when multiple hosts are present", func() {
req.Header.Add("X-Forwarded-Host", "first.host,second.host,third.host")
Expect(util.GetRequestHost(req)).To(Equal("first.host"))
})
It("returns the first X-Forwarded-Host when multiple hosts are present with extra spaces", func() {
req.Header.Add("X-Forwarded-Host", " first.host , second.host , third.host ")
Expect(util.GetRequestHost(req)).To(Equal("first.host"))
})
})
})