CASC-171

check x-forwarded host header
2012-04-22 23:38:22 -04:00 · 2012-04-22 23:38:22 -04:00 · eff195aaa9
parent 7302ca6a99
commit eff195aaa9
1 changed files with 9 additions and 1 deletions
--- a/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/util/CommonUtils.java
@ -214,7 +214,15 @@ public final class CommonUtils {
            return serverName;
        }

-        final String comparisonHost = request.getHeader("Host");
+        final String host = request.getHeader("Host");
+        final String xHost = request.getHeader("X-Forwarded-Host");
+        
+        final String comparisonHost;
+        if (xHost != null && host == "localhost") {
+        	comparisonHost = xHost;
+        } else {
+        	comparisonHost = host;
+        }

        if (comparisonHost == null) {
            return serverName;