SpringBoot Multiple values in X-Forwarded-Host not supported by NATIVE forward headers strategy

Spring Boot version : 3.2.4

My Spring Boot application is located behind multiple Apache servers which act as reverse proxies. Some of them are configured to automatically add X-Forwarded-* headers in the proxied HTTP request (the ProxyAddHeaders directive is on). As a consequence, the X-Forwarded-Host header contain multiple values separated by a comma.

With server.strategy.forward-headers-strategy set to NATIVE, the X-Forwarded-Host is ignored if it contains multiple values separated by a comma and defaults to Host header value when resolving HttpServletRequest.getServerName().

Changing the strategy to FRAMEWORK works as expected: one value of the X-Forwarded-Host is returned by ServletRequest.getServerName().

I am not sure if this issue is due to a Spring Boot misconfiguration of the embedded Tomcat container or a bug/limitation in Tomcat itself.

Comment From: wilkinsona

It's a limitation of Tomcat and its RemoteIpValve. Specifically, the valve retrieves the value of the X-Forwared-Host header from the request and passes it to org.apache.tomcat.util.http.parser.Host.parse(String). parse throws an IllegalArgumentException when the value contains a , and the header is then ignored.