Real life usage of the X-Forwarded-Host header?
I've found some interesting reading on the X-Forwarded-* headers, including the Reverse Proxy Request Headers section in the Apache documentation, as well as the Wikipedia article on X-Forwarded-For.
I understand that:
X-Forwarded-Forgives the address of the client which connected to the proxyX-Forwarded-Portgives the port the client connected to on the proxy (e.g.80or443)X-Forwarded-Protogives the protocol the client used to connect to the proxy (httporhttps)X-Forwarded-Hostgives the content of theHostheader the client sent to the proxy.
These all make sense.
However, I still can't figure out a real life use case of X-Forwarded-Host. I understand the need to repeat the connection on a different port or using a different scheme, but why would a proxy server ever change the Host header when repeating the request to the target server?
Answer
If you use a front-end service like Apigee as the front-end to your APIs, you will need something like X-FORWARDED-HOST to understand what hostname was used to connect to the API, because Apigee gets configured with whatever your backend DNS is, nginx and your app stack only see the Host header as your backend DNS name, not the hostname that was called in the first place.