From 742b7bd05c526e05ed9dca3af3062db0cc9ae620 Mon Sep 17 00:00:00 2001
From: "nicolas.dorier" <nicolas.dorier@gmail.com>
Date: Wed, 24 Mar 2021 12:48:31 +0900
Subject: [PATCH] Restrict x-forwarded-host

---
 Production/nginx.tmpl | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Production/nginx.tmpl b/Production/nginx.tmpl
index 538268c..1ddc388 100644
--- a/Production/nginx.tmpl
+++ b/Production/nginx.tmpl
@@ -272,6 +272,7 @@ upstream {{ $upstream_name }} {
 server {
 	server_name {{ trim $onionHost }};
 	listen 80 ;
+	proxy_set_header X-Forwarded-Host  $host;
 	access_log /var/log/nginx/access.log vhost;
 	{{ if (exists "/etc/nginx/vhost.d/default") }}
 	include /etc/nginx/vhost.d/default;
@@ -341,6 +342,7 @@ server {
 {{ end }}
 
 server {
+	proxy_set_header X-Forwarded-Host  $host;
 	client_max_body_size 100M;
 	server_name {{ $host }};
 	listen 443 ssl http2 {{ $default_server }};