proxy: set header X-Forwarded-Host

[nod0n]

Set the X-Forwarded-Host header by default when used as a proxy.

from Mozilla:

The X-Forwarded-Host (XFH) header is a de-facto standard header for identifying the original host requested by the client in the Host HTTP request header.

[puppet-community-rangefinder]

nginx is a class

that may have no external impact to Forge modules.

This module is declared in 9 of 578 indexed public Puppetfiles.

---

These results were generated with Rangefinder, a tool that helps predict the downstream impact of breaking changes to elements used in Puppet modules. You can run this on the command line to get a full report.

Exact matches are those that we can positively identify via namespace and the declaring modules' metadata. Non-namespaced items, such as Puppet 3.x functions, will always be reported as near matches only.

[root-expert]

Seems reasonable to me

[bastelfreak]

I'm still not sure if this is a breaking change / if this adds any security issues for people that miss it. I would like to see a few more comments. @voxpupuli/collaborators and ideas?

[vchepkov]

imho, no security implication. Original Host header already contains this information, this additional header helps generate proper response by servers behind reverse proxies.

[TuningYourCode]

Well, it's already sending the host as Host-header and there are also X-Real-Ip and X-Forwarded-For which could be critical too.
I guess if somebody cares about the fields as he has an untrusted upstream system he most likely already overwrites our default values.
I also think that almost nobody would proxy any requests to an untrusted upstream system anyway. For me no major release needed.

[baurmatt]

Sounds reasonable :)