From 6a5c346ecd2a5605b059600592b72301bff68506 Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Tue, 4 Jul 2023 15:33:02 +0200
Subject: [PATCH] nginx: complain about using $http_host rather than $host

---
 package_linter.py | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/package_linter.py b/package_linter.py
index 546a1e0..2eea6f1 100755
--- a/package_linter.py
+++ b/package_linter.py
@@ -1295,6 +1295,16 @@ class Configurations(TestSuite):
                     "DO NOT run the app PHP worker as root or www-data! Use a dedicated system user for this app!"
                 )
 
+    @test()
+    def nginx_http_host(self):
+
+        app = self.app
+
+        if os.path.exists(app.path + "/conf/nginx.conf"):
+            content = open(app.path + "/conf/nginx.conf").read()
+            if "$http_host" in content:
+                yield Info("In nginx.conf : please don't use $http_host but $host instead. C.f. https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md")
+
     @test()
     def nginx_https_redirect(self):