mta-sts.txt working with and without reverse proxy#7080
mta-sts.txt working with and without reverse proxy#7080monster010 wants to merge 9 commits intomailcow:stagingfrom
Conversation
* Initial plan * Fix duplicate login announcement display Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: DerLinkman <62480600+DerLinkman@users.noreply.github.com>
…rify-hash Support for PBKDF2-SHA512 hash algorithm in verify_hash() (FreeIPA compatibility) (issue 6646)
🐄🛡️ January 2026 Update | Limited EAS/DAV Access and Restricted Alias Sending
[Hotfix] Update 2026-01
Refactor host retrieval logic to use a dedicated function for better clarity and maintainability.
|
Thanks for contributing! I noticed that you didn't select
|
monster010
changed the title
|
Thanks for contributing! I noticed that you didn't select
|
|
Hey, thanks for the work on this — the idea of supporting reverse proxy setups via Just spotted a logic bug in the // Current (buggy) — condition is always false
if(!isset($_SERVER['HTTP_X_FORWARDED_HOST']) && !empty($_SERVER['HTTP_X_FORWARDED_HOST'])) {
// Fixed
if(isset($_SERVER['HTTP_X_FORWARDED_HOST']) && !empty($_SERVER['HTTP_X_FORWARDED_HOST'])) {
$xfh = explode(',', $_SERVER['HTTP_X_FORWARDED_HOST'])[0];
return trim($xfh);
}Once that's flipped, the logic works as intended — falls back to One small note on security: trusting Great fix overall, just needs that one-character change! |
|
@flightlesstux Thanks for the heads-up, I must have somehow overlooked that. |
Contribution Guidelines
What does this PR include?
Short Description
#6998 solves the problem by adding a simple function that takes reverse proxy into account.
Affected Containers
Did you run tests?
What did you tested?
What were the final results? (Awaited, got)
I expected mta-sts.txt to work both with and without a reverse proxy.