Last modified: 2004-09-02 22:09:15 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T2273, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 273 - Making MediaWiki reversed proxying able (use HTTP_HOST for redirects if set)
Making MediaWiki reversed proxying able (use HTTP_HOST for redirects if set)
Status: RESOLVED DUPLICATE of bug 61
Product: MediaWiki
Classification: Unclassified
General/Unknown (Other open bugs)
unspecified
PC Linux
: Normal normal (vote)
: ---
Assigned To: Nobody - You can work on this!
: patch
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2004-09-02 22:00 UTC by Hendrik Brummermann
Modified: 2004-09-02 22:09 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
use HTTP_HOST if set (868 bytes, patch)
2004-09-02 22:01 UTC, Hendrik Brummermann 		Details
Add an attachment (proposed patch, testcase, etc.)

Description Hendrik Brummermann 2004-09-02 22:00:21 UTC 
Mediawiki should use the HTTP_HOST instead of SERVER_NAME, if the first one is set.

Problem: Using a tcp-forward HTTP-redirect do not work because the server name
included in the Location header is set based on the local settings of the
webserver. However, the name of the reversed proxy should be used. This one is
provided in the HTTP-"Host:"-header, if HTTP 1.1 is used.
Comment 1 Hendrik Brummermann 2004-09-02 22:01:01 UTC 
Created attachment 23 [details]
use HTTP_HOST if set
Comment 2 Brion Vibber 2004-09-02 22:09:15 UTC 
You can already manually set $wgServer to anything you like.

Note that using HTTP_HOST indiscriminately may not be the best idea; a server not configured for strict name-based virtual hosts 
will accept anything in that header, so the resulting URL could go to an arbitrary site. If it's not validated, it may even open up 
various injection attacks. It's also bad for caching since the result may differ as various clients connect to the server with different 
hostnames. $wgServer is supposed to be a consistent, canonical form.

Marking as a duplicate of bug 61, for detecting more sensible default values of $wgServer.

*** This bug has been marked as a duplicate of 61 ***
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links