diff --git a/rootfs/etc/nginx/template/nginx.tmpl b/rootfs/etc/nginx/template/nginx.tmpl index 2005909f9d..0ae08be868 100644 --- a/rootfs/etc/nginx/template/nginx.tmpl +++ b/rootfs/etc/nginx/template/nginx.tmpl @@ -213,11 +213,6 @@ http { '' $server_port; } - map $http_x_forwarded_host $best_http_host { - default $http_x_forwarded_host; - '' $this_host; - } - {{ if $all.IsSSLPassthroughEnabled }} # map port {{ $all.ListenPorts.SSLProxy }} to 443 for header X-Forwarded-Port map $pass_server_port $pass_port { @@ -231,12 +226,6 @@ http { } {{ end }} - # Obtain best http host - map $http_host $this_host { - default $http_host; - '' $host; - } - {{ if $cfg.ComputeFullForwardedFor }} # We can't use $proxy_add_x_forwarded_for because the realip module # replaces the remote_addr too soon @@ -709,11 +698,11 @@ stream { {{ if $location.UsePortInRedirects }} # using custom ports require a different rewrite directive {{ $redirect_port := (printf ":%v" $all.ListenPorts.HTTPS) }} - error_page 497 ={{ $all.Cfg.HTTPRedirectCode }} https://$best_http_host{{ $redirect_port }}$request_uri; + error_page 497 ={{ $all.Cfg.HTTPRedirectCode }} https://$host{{ $redirect_port }}$request_uri; return 497; {{ else }} - return {{ $all.Cfg.HTTPRedirectCode }} https://$best_http_host$request_uri; + return {{ $all.Cfg.HTTPRedirectCode }} https://$host$request_uri; {{ end }} } {{ end }} @@ -783,7 +772,7 @@ stream { {{ if not (empty $location.UpstreamVhost) }} proxy_set_header Host "{{ $location.UpstreamVhost }}"; {{ else }} - proxy_set_header Host $best_http_host; + proxy_set_header Host $host; {{ end }} @@ -812,7 +801,7 @@ stream { {{ else }} proxy_set_header X-Forwarded-For $the_real_ip; {{ end }} - proxy_set_header X-Forwarded-Host $best_http_host; + proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $pass_port; proxy_set_header X-Forwarded-Proto $pass_access_scheme; proxy_set_header X-Original-URI $request_uri;