diff --git a/framework/core/src/Api/Server.php b/framework/core/src/Api/Server.php index 59c3090f0..629b0355c 100644 --- a/framework/core/src/Api/Server.php +++ b/framework/core/src/Api/Server.php @@ -33,6 +33,7 @@ class Server extends AbstractServer $pipe->pipe($path, $app->make('Flarum\Api\Middleware\FakeHttpMethods')); $pipe->pipe($path, $app->make('Flarum\Http\Middleware\StartSession')); $pipe->pipe($path, $app->make('Flarum\Http\Middleware\RememberFromCookie')); + $pipe->pipe($path, $app->make('Flarum\Http\Middleware\SharedHosts')); $pipe->pipe($path, $app->make('Flarum\Http\Middleware\AuthenticateWithSession')); $pipe->pipe($path, $app->make('Flarum\Http\Middleware\AuthenticateWithHeader')); $pipe->pipe($path, $app->make('Flarum\Http\Middleware\SetLocale')); diff --git a/framework/core/src/Http/Middleware/SharedHosts.php b/framework/core/src/Http/Middleware/SharedHosts.php new file mode 100644 index 000000000..d96c2c800 --- /dev/null +++ b/framework/core/src/Http/Middleware/SharedHosts.php @@ -0,0 +1,35 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +namespace Flarum\Http\Middleware; + +use Psr\Http\Message\ResponseInterface as Response; +use Psr\Http\Message\ServerRequestInterface as Request; +use Zend\Stratigility\MiddlewareInterface; + +class SharedHosts implements MiddlewareInterface +{ + /** + * {@inheritdoc} + */ + public function __invoke(Request $request, Response $response, callable $out = null) + { + $SERVER = $request->getServerParams(); + + // CGI wrap may not pass on the Authorization header. + // In that case, the web server can be configured + // to pass its value in an env variable instead. + if (isset($SERVER['REDIRECT_HTTP_AUTHORIZATION'])) { + $request = $request->withHeader('authorization', $SERVER['REDIRECT_HTTP_AUTHORIZATION']); + } + + return $out ? $out($request, $response) : $response; + } +}