From 0a54bf0eb2523650401883e4482031279b2822bf Mon Sep 17 00:00:00 2001
From: renzodf <renzodf@gmail.com>
Date: Wed, 13 Sep 2023 13:50:32 +0200
Subject: [PATCH] Handle x-forwarded-host header (#586)

* Handle x-forwarded-host header

* chore: update changelog

---------

Co-authored-by: Pete Gadomski <pete.gadomski@gmail.com>
---
 CHANGES.md                                      | 2 ++
 stac_fastapi/api/stac_fastapi/api/middleware.py | 1 +
 stac_fastapi/api/tests/test_middleware.py       | 9 +++++++++
 3 files changed, 12 insertions(+)

diff --git a/CHANGES.md b/CHANGES.md
index bd3ecd37b..d4c259a22 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -2,6 +2,8 @@
 
 ## [Unreleased]
 
+* Forward `x-forwarded-host` ([#586](https://github.com/stac-utils/stac-fastapi/pull/586))
+
 ## [2.4.8] - 2023-06-07
 
 ### Changed
diff --git a/stac_fastapi/api/stac_fastapi/api/middleware.py b/stac_fastapi/api/stac_fastapi/api/middleware.py
index 84b4e3dba..3ed67d6c9 100644
--- a/stac_fastapi/api/stac_fastapi/api/middleware.py
+++ b/stac_fastapi/api/stac_fastapi/api/middleware.py
@@ -103,6 +103,7 @@ def _get_forwarded_url_parts(self, scope: Scope) -> Tuple[str]:
                             # ignore ports that are not valid integers
                             pass
         else:
+            domain = self._get_header_value_by_name(scope, "x-forwarded-host", domain)
             proto = self._get_header_value_by_name(scope, "x-forwarded-proto", proto)
             port_str = self._get_header_value_by_name(scope, "x-forwarded-port", port)
             try:
diff --git a/stac_fastapi/api/tests/test_middleware.py b/stac_fastapi/api/tests/test_middleware.py
index e3e90bed4..041dc410c 100644
--- a/stac_fastapi/api/tests/test_middleware.py
+++ b/stac_fastapi/api/tests/test_middleware.py
@@ -108,6 +108,14 @@ def test_replace_header_value_by_name(
             },
             ("https", "test", 80),
         ),
+        (
+            {
+                "scheme": "http",
+                "server": ["testserver", 80],
+                "headers": [(b"x-forwarded-host", b"test")],
+            },
+            ("http", "test", 80),
+        ),
         (
             {
                 "scheme": "http",
@@ -138,6 +146,7 @@ def test_replace_header_value_by_name(
                 "server": ["testserver", 80],
                 "headers": [
                     (b"forwarded", b"proto=https;host=test:1234"),
+                    (b"x-forwarded-host", b"another-test"),
                     (b"x-forwarded-port", b"1111"),
                     (b"x-forwarded-proto", b"https"),
                 ],