weaver · April 30, 2011 17:27 · styledev · Oct 21, 2011
diff --git a/x-forwarded-host.php b/x-forwarded-host.php
 <?php
 /*

 # X-Forwarded-Host #

 Honor the `X-Forwarded-Host` header for the duration of a single
 request in WordPress.

 ## Read Me First ##

 Use this when you want to *temporarily* use a reverse proxy with
 WordPress. If you are going to *permanently* use a reverse proxy, just
 change the "Wordpress address" and "Site address" in the General
 Settings section of the Admin.

 Unfortunately, this cannot be installed as a plugin because it needs
 to be activated before the call to `wp_plugin_directory_constants`.

 ## Installation ##

 First, put this file into the `wp-includes` folder of a WordPress
 installation.

 Edit `wp-settings.php`. Just before the call to
 `wp_plugin_directory_constants`, add this line:

    require( ABSPATH . WPINC . '/x-forwarded-host.php' );

 ## Use Case ##

 You are running a local installation of WordPress. You have
 temporarily created a reverse proxy server with a public URL that
 forwards to your local installation. The proxy server sets the
 `X-Forwarded-Host` header.

 WordPress normally creates absolute URLs using the `home` and
 `siteurl` options. Since you're temporarily accessing the WordPress
 site through a proxy with a different address, you want to use the
 public URL instead of the local URL.

 ## Did it Work? ##

 To verify that it worked, load a page through the proxy URL. View the
 page source. All URLs should use the proxy URL hostname, not your
 local hostname.

 ## Compatibility ##

 Tested against WordPress 3.1.2.

 ## About ##

 Copyright (c) 2011, Ben Weaver <[email protected]>.

 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
 met:

    * Redistributions of source code must retain the above copyright
      notice, this list of conditions and the following disclaimer.

    * Redistributions in binary form must reproduce the above copyright
      notice, this list of conditions and the following disclaimer in the
      documentation and/or other materials provided with the distribution.

    * Neither the names of the authors nor the names of contributors may
      be used to endorse or promote products derived from this software
      without specific prior written permission.

 THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
 IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
 IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
 INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 */

 // Return TRUE if this request has been forwarded.
 function is_forwarded() {
  return array_key_exists('HTTP_X_FORWARDED_HOST', $_SERVER);
 }

 // Return the original `Host` header.
 function forwarded_host() {
  return $_SERVER['HTTP_X_FORWARDED_HOST'];
 }

 // Create a base URL using the original `Host` header. Rather than
 // trying to sort out whether to use `http` or `https`, just keep
 // using whatever the scheme was for this request. This is a good
 // strategy when using a reverse proxy because the proxy can handle
 // redirecting all requests from http to https, for example.
 function forwarded_url() {
  $host = forwarded_host();
  return "//$host";
 }

 // Patch the `$_SERVER` superglobal, replacing the host with the
 // forwarded host. Some parts of wordpress (particularly
 // `redirect_canonical`) use `$_SERVER['HTTP_HOST']`.
 function x_host_patch_server() {
  if (is_forwarded()) {
    $_SERVER['HTTP_X_ORIG_HOST'] = $_SERVER['HTTP_HOST'];
    $_SERVER['HTTP_HOST'] = forwarded_host();
  }
 }

 // Override the value of `home` and `siteurl`.
 function x_host_patch_url() {
  if (!is_forwarded())
    return false;
  return forwarded_url();
 }

 add_action('init', 'x_forwarded_host');
 add_filter('pre_option_home', 'x_host_patch_url');
 add_filter('pre_option_siteurl', 'x_host_patch_url');

 ?>
	<?php
	/*

	# X-Forwarded-Host #

	Honor the `X-Forwarded-Host` header for the duration of a single
	request in WordPress.

	## Read Me First ##

	Use this when you want to temporarily use a reverse proxy with
	WordPress. If you are going to permanently use a reverse proxy, just
	change the "Wordpress address" and "Site address" in the General
	Settings section of the Admin.

	Unfortunately, this cannot be installed as a plugin because it needs
	to be activated before the call to `wp_plugin_directory_constants`.

	## Installation ##

	First, put this file into the `wp-includes` folder of a WordPress
	installation.

	Edit `wp-settings.php`. Just before the call to
	`wp_plugin_directory_constants`, add this line:

	require( ABSPATH . WPINC . '/x-forwarded-host.php' );

	## Use Case ##

	You are running a local installation of WordPress. You have
	temporarily created a reverse proxy server with a public URL that
	forwards to your local installation. The proxy server sets the
	`X-Forwarded-Host` header.

	WordPress normally creates absolute URLs using the `home` and
	`siteurl` options. Since you're temporarily accessing the WordPress
	site through a proxy with a different address, you want to use the
	public URL instead of the local URL.

	## Did it Work? ##

	To verify that it worked, load a page through the proxy URL. View the
	page source. All URLs should use the proxy URL hostname, not your
	local hostname.

	## Compatibility ##

	Tested against WordPress 3.1.2.

	## About ##

	Copyright (c) 2011, Ben Weaver <[email protected]>.

	Redistribution and use in source and binary forms, with or without
	modification, are permitted provided that the following conditions are
	met:

	* Redistributions of source code must retain the above copyright
	notice, this list of conditions and the following disclaimer.

	* Redistributions in binary form must reproduce the above copyright
	notice, this list of conditions and the following disclaimer in the
	documentation and/or other materials provided with the distribution.

	* Neither the names of the authors nor the names of contributors may
	be used to endorse or promote products derived from this software
	without specific prior written permission.

	THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR
	IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
	OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT,
	INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

	*/

	// Return TRUE if this request has been forwarded.
	function is_forwarded() {
	return array_key_exists('HTTP_X_FORWARDED_HOST', $_SERVER);
	}

	// Return the original `Host` header.
	function forwarded_host() {
	return $_SERVER['HTTP_X_FORWARDED_HOST'];
	}

	// Create a base URL using the original `Host` header. Rather than
	// trying to sort out whether to use `http` or `https`, just keep
	// using whatever the scheme was for this request. This is a good
	// strategy when using a reverse proxy because the proxy can handle
	// redirecting all requests from http to https, for example.
	function forwarded_url() {
	$host = forwarded_host();
	return "//$host";
	}

	// Patch the `$_SERVER` superglobal, replacing the host with the
	// forwarded host. Some parts of wordpress (particularly
	// `redirect_canonical`) use `$_SERVER['HTTP_HOST']`.
	function x_host_patch_server() {
	if (is_forwarded()) {
	$_SERVER['HTTP_X_ORIG_HOST'] = $_SERVER['HTTP_HOST'];
	$_SERVER['HTTP_HOST'] = forwarded_host();
	}
	}

	// Override the value of `home` and `siteurl`.
	function x_host_patch_url() {
	if (!is_forwarded())
	return false;
	return forwarded_url();
	}

	add_action('init', 'x_forwarded_host');
	add_filter('pre_option_home', 'x_host_patch_url');
	add_filter('pre_option_siteurl', 'x_host_patch_url');

	?>