From 01118a2218e76d5fb89eb5eaeb101ce43632996f Mon Sep 17 00:00:00 2001
From: Robin Appelman <robin@icewind.nl>
Date: Fri, 12 Feb 2021 14:22:27 +0100
Subject: use the configured forwarded headers for the setup check

instead of always checking against the same header

Signed-off-by: Robin Appelman <robin@icewind.nl>
---
 apps/settings/lib/Controller/CheckSetupController.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'apps/settings/lib/Controller/CheckSetupController.php')

diff --git a/apps/settings/lib/Controller/CheckSetupController.php b/apps/settings/lib/Controller/CheckSetupController.php
index d732b137199..47a55591a46 100644
--- a/apps/settings/lib/Controller/CheckSetupController.php
+++ b/apps/settings/lib/Controller/CheckSetupController.php
@@ -309,7 +309,14 @@ class CheckSetupController extends Controller {
 		$trustedProxies = $this->config->getSystemValue('trusted_proxies', []);
 		$remoteAddress = $this->request->getHeader('REMOTE_ADDR');
 
-		if (empty($trustedProxies) && $this->request->getHeader('X-Forwarded-Host') !== '') {
+		$forwardedForHeaders = $this->config->getSystemValue('forwarded_for_headers', [
+			'HTTP_X_FORWARDED_FOR'
+		]);
+		$hasForwardedHeaderSet = array_reduce($forwardedForHeaders, function($set, $header) {
+			return $set || ($this->request->getHeader($header) !== '');
+		}, false);
+
+		if (empty($trustedProxies) && $hasForwardedHeaderSet) {
 			return false;
 		}
 
-- 
cgit v1.2.3