What's with HTTP_X_FORWARDED_HOST?
I’ve seen some requests to boxesandarrows.com with HTTP_X_FORWARDED_HOST=myweb2.search.yahoo.com. They go to the right virtual server just fine, but Rails, and most other web app frameworks that I’ve seen, have decided that when HTTP_X_FORWARDED_HOST is present, it trumps HTTP_HOST.
I haven’t been able to find a good resource to tell me how it’s intended to be used, so I can determine whether Yahoo is mistaken, and what the best way to handle it is. It would seem to be used with proxies, but that’s about all I dare guess.
It seems to happen when people save a search for a B&A story to their My Web 2.0 Search, in which case Yahoo sends this weird request from a proxy server of theirs, proxy2.search.scd.yahoo.net.
Can anyone help clarify?
![](https://active-storage.simplerousercontent.net/rails/active_storage/representations/proxy/eyJfcmFpbHMiOnsiZGF0YSI6ODc2MTIzLCJwdXIiOiJibG9iX2lkIn19--1b30a7ab1e3fa62b5fb5ad353b7274fb273c0c93/eyJfcmFpbHMiOnsiZGF0YSI6eyJmb3JtYXQiOiJwbmciLCJyZXNpemVfdG9fZmlsbCI6WzUwMCw1MDBdLCJzYXZlciI6eyJzdHJpcCI6dHJ1ZX19LCJwdXIiOiJ2YXJpYXRpb24ifX0=--25278945c39e5ac55075c45502d7ee00fa60fa3b/Option%201%20Mint%20Green.png)
About Calvin Correli
I've spent the last 17 years learning, growing, healing, and discovering who I truly am, so that I'm now living every day aligned with my life's purpose.
6 comments
Leave a comment