X-Forwarded-Host HTTP request header is used to forward the original
Host HTTP request header value to the origin server. This can be useful in the event that a proxy or CDN rewrites the
Host header. According to RFC 7230, section 5.4:
When a proxy receives a request with an absolute-form of request-target, the proxy MUST ignore the received Host header field (if any) and instead replace it with the host information of the request-target.
For example, when a request is made from a KeyCDN edge server, the quote above means that unless the Forward Host Header setting is enabled, the
Host header value will be the same hostname as what is defined in the Origin URL setting and the
X-Forwarded-Host header value will contain the original
Host header value.
Using XFH with KeyCDN
When a request is made from a client for an object on a KeyCDN edge server, the
Host header will either be the assigned Zone URL (e.g.
examplepull-1a2b.kxcdn.com) or the added Zone Alias (e.g.
cdn.example.com). If the object is not cached on the edge server, it will make a request to the origin server to pull and cache the object. By default, the request made from a KeyCDN edge server will contain the hostname defined in the Origin URL setting as the
Host header value and the original hostname made in the request as the
X-Forwarded-Host header value.
For example, if a Pull Zone had the Origin URL setting defined as
https://www.example.com and a request was made to
https://examplepull-1a2b.kxcdn.com/img/example.jpg the following request headers would be sent to the origin server from KeyCDN:
Host: www.example.com X-Forwarded-Host: examplepull-1a2b.kxcdn.com
cdn.example.com was added as a Zone Alias and the request was now made to
X-Forwarded-Host header value will still be the originally requested hostname, but instead it will now be the Zone Alias because that is the hostname used in the request, for example:
Host: www.example.com X-Forwarded-Host: cdn.example.com
If the Forward Host Header setting was enabled and the request was still made to
https://cdn.example.com/img/example.jpg both the
X-Forwarded-Host values will be the original hostname made in the request, for example:
Host: cdn.example.com X-Forwarded-Host: cdn.example.com
The XFH header can be useful when wanting to use one Zone to manage multiple websites. The image below demonstrates the use of the
X-Forwarded-Host header in this scenario when a wildcard Zone Alias has been added.
The XFH contains the Zone Alias of each request allowing the origin server to route the requests to the correct location on the origin server in order to deliver successful responses.
X-Forwarded-Host HTTP request header can be used for determining the original hostname made in the request if there is a proxy or CDN between the client and origin server. As seen in the example above, making the origin server aware of the original hostname requested can prove to be very useful for certain integrations, such as using one Zone to manage multiple websites.