From b49cac80de2d0245d8a704eebf555c54371b41d8 Mon Sep 17 00:00:00 2001
From: adam <code@getbraintree.com>
Date: Fri, 20 Mar 2015 20:30:30 +0000
Subject: Fix handling of empty X_FORWARDED_HOST header.

Previously, an empty X_FORWARDED_HOST header would cause
Actiondispatch::Http:URL.raw_host_with_port to return nil, causing
Actiondispatch::Http:URL.host to raise a NoMethodError.
---
 actionpack/CHANGELOG.md                    | 8 ++++++++
 actionpack/lib/action_dispatch/http/url.rb | 2 +-
 actionpack/test/dispatch/request_test.rb   | 3 +++
 3 files changed, 12 insertions(+), 1 deletion(-)

(limited to 'actionpack')

diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 700a446af6..3f6cb5a5b1 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,3 +1,11 @@
+*   Fix handling of empty X_FORWARDED_HOST header in raw_host_with_port
+
+    Previously, an empty X_FORWARDED_HOST header would cause
+    Actiondispatch::Http:URL.raw_host_with_port to return nil, causing
+    Actiondispatch::Http:URL.host to raise a NoMethodError.
+
+    *Adam Forsyth*
+
 *   Drop request class from RouteSet constructor.
  
     If you would like to use a custom request class, please subclass and implement
diff --git a/actionpack/lib/action_dispatch/http/url.rb b/actionpack/lib/action_dispatch/http/url.rb
index 7da6301ac4..f5b709ccd6 100644
--- a/actionpack/lib/action_dispatch/http/url.rb
+++ b/actionpack/lib/action_dispatch/http/url.rb
@@ -229,7 +229,7 @@ module ActionDispatch
       #   req = Request.new 'HTTP_HOST' => 'example.com:8080'
       #   req.raw_host_with_port # => "example.com:8080"
       def raw_host_with_port
-        if forwarded = env["HTTP_X_FORWARDED_HOST"]
+        if forwarded = env["HTTP_X_FORWARDED_HOST"].presence
           forwarded.split(/,\s?/).last
         else
           env['HTTP_HOST'] || "#{env['SERVER_NAME'] || env['SERVER_ADDR']}:#{env['SERVER_PORT']}"
diff --git a/actionpack/test/dispatch/request_test.rb b/actionpack/test/dispatch/request_test.rb
index ee8e915610..61cc4dcd7e 100644
--- a/actionpack/test/dispatch/request_test.rb
+++ b/actionpack/test/dispatch/request_test.rb
@@ -435,6 +435,9 @@ class RequestHost < BaseRequestTest
 
     request = stub_request 'HTTP_X_FORWARDED_HOST' => "www.firsthost.org, www.secondhost.org"
     assert_equal "www.secondhost.org", request.host
+
+    request = stub_request 'HTTP_X_FORWARDED_HOST' => "", 'HTTP_HOST' => "rubyonrails.org"
+    assert_equal "rubyonrails.org", request.host
   end
 
   test "http host with default port overrides server port" do
-- 
cgit v1.2.3