Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nginx default hostname "_" forwarded to SSO server #346

Open
Corfiot opened this issue Jun 5, 2020 · 5 comments
Open

Nginx default hostname "_" forwarded to SSO server #346

Corfiot opened this issue Jun 5, 2020 · 5 comments
Labels
Enhancement

Comments

@Corfiot
Copy link

Corfiot commented Jun 5, 2020
edited by phy25
Loading

Default nginx config has a host name of "_"
Diff to support this is:

--- a/source/CAS/Client.php
+++ b/source/CAS/Client.php
@@ -3970,7 +3970,7 @@ class CAS_Client
         } else if (!empty($_SERVER['HTTP_X_FORWARDED_SERVER'])) {
             $server_url = $_SERVER['HTTP_X_FORWARDED_SERVER'];
         } else {
-            if (empty($_SERVER['SERVER_NAME'])) {
+            if (empty($_SERVER['SERVER_NAME']) || $_SERVER['SERVER_NAME'] == '_') {
                 $server_url = $_SERVER['HTTP_HOST'];
             } else {
                 $server_url = $_SERVER['SERVER_NAME'];

Obviously you need to fix the config sample in the examples folder as well:

--- a/docs/examples/config.example.php
+++ b/docs/examples/config.example.php
@@ -63,11 +63,13 @@ $driver_options = '';
 ///////////////////////////////////////////

 // Generating the URLS for the local cas example services for proxy testing
+$sname = (empty($_SERVER['SERVER_NAME']) || $_SERVER['SERVER_NAME']=='_' )?$_SERVER['HOST_NAME']:$_SERVER['SERVER_NAME'];
 if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') {
-    $curbase = 'https://' . $_SERVER['SERVER_NAME'];
+    $curbase = 'https://' . $sname;
 } else {
-    $curbase = 'http://' . $_SERVER['SERVER_NAME'];
+    $curbase = 'http://' . $sname;
 }
+unset($sname);
 if ($_SERVER['SERVER_PORT'] != 80 && $_SERVER['SERVER_PORT'] != 443) {
     $curbase .= ':' . $_SERVER['SERVER_PORT'];
 }
@Corfiot
Copy link
Author

Corfiot commented Jun 5, 2020

Sorry in a rush, should be HTTP_HOST, not HOST_NAME

@phy25
Copy link
Member

phy25 commented Jun 6, 2020
edited by unfurl-links bot
Loading

I believe this is very specific to your nginx configuration (though it's kind of a convention) so I am not sure if it's worth fixing.

There is nothing special about this name, it is just one of a myriad of invalid domain names which never intersect with any real name. Other invalid names like “--” and “!@#” may equally be used.

http://nginx.org/en/docs/http/server_names.html#miscellaneous_names

https://core.trac.wordpress.org/ticket/25239 is a long thread about this.

@Corfiot
Copy link
Author

Corfiot commented Jun 6, 2020

Understood, just keep in mind "_" this seems to be Debian default. Closing now.

@Corfiot Corfiot closed this as completed Jun 6, 2020
@phy25
Copy link
Member

phy25 commented Jun 6, 2020

We can probably document this somehow.

@phy25
Copy link
Member

phy25 commented Jun 7, 2020

I will reopen this to see if we could get rid of SERVER_NAME to avoid this issue. Please feel free to research if anyone passes by.

@phy25 phy25 reopened this Jun 7, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@phy25 @Corfiot