X-Forwarded-Host (XFH)
What is X-Forwarded-Host (XFH)?
The X-Forwarded-Host HTTP request header is used to forward the original Host HTTP request header value to the origin waiter. This can be utilitarian in the consequence that a proxy or CDN rewrites the Host header. According to RFC 7230, section 5.4 :
When a proxy receives a request with an absolute-form of request-target, the proxy MUST ignore the receive Host header field ( if any ) and rather replace it with the master of ceremonies information of the request-target .
For example, when a request is made from a KeyCDN edge server, the quote above means that unless the Forward Host Header set is enabled, the Host heading measure will be the lapp hostname as what is defined in the Origin URL fix and the X-Forwarded-Host header measure will contain the original Host header respect .
Using XFH with KeyCDN
When a request is made from a node for an object on a KeyCDN edge server, the Host header will either be the assign Zone URL ( e.g. examplepull-hexid.kxcdn.com ) or the add zone Alias ( e.g. cdn.example.com ). If the object is not cached on the edge server, it will make a request to the beginning server to pull and cache the object. By default, the request made from a KeyCDN edge waiter will contain the hostname defined in the Origin URL determine as the Host heading value and the original hostname made in the request as the X-Forwarded-Host header value.
For exercise, if a Pull Zone had the Origin URL plant defined as https://www.example.com and a request was made to https://examplepull-hexid.kxcdn.com/img/example.jpg the follow request headers would be sent to the origin server from KeyCDN :
Host: www.example.com
X-Forwarded-Host: examplepull-hexid.kxcdn.com
If cdn.example.com was added as a Zone Alias and the request was now made to https://cdn.example.com/img/example.jpg the X-Forwarded-Host header value will inactive be the in the first place requested hostname, but alternatively it will nowadays be the Zone Alias because that is the hostname used in the request, for example :
Host: www.example.com
X-Forwarded-Host: cdn.example.com
If the Forward Host Header fix was enabled and the request was still made to https://cdn.example.com/img/example.jpg both the Host and X-Forwarded-Host values will be the original hostname made in the request, for case :
Host: cdn.example.com
X-Forwarded-Host: cdn.example.com
The XFH header can be useful when wanting to use one Zone to manage multiple websites. The prototype below demonstrates the use of the X-Forwarded-Host header in this scenario when a wildcard Zone Alias has been added. The XFH contains the Zone Alias of each request allowing the origin server to route the requests to the adjust location on the origin server in order to deliver successful responses .
Summary
The valuable X-Forwarded-Host HTTP request header can be used for determining the original hostname made in the request if there is a proxy or CDN between the client and origin server. As seen in the exemplar above, making the origin server aware of the original hostname requested can prove to be very utilitarian for certain integrations, such as using one zone to manage multiple websites .