From 4638b3023e5f62d02af261abb9a9c8e59cd5b681 Mon Sep 17 00:00:00 2001
From: TdlQ <12106009+TdlQ@users.noreply.github.com>
Date: Fri, 17 Mar 2023 17:24:56 +0100
Subject: [PATCH] Fix: compatibility with proxies that extends
 HTTP_X_FORWARDED_HOST

---
 lib/Saml2/Utils.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/Saml2/Utils.php b/lib/Saml2/Utils.php
index 4289c806..bc069a3e 100644
--- a/lib/Saml2/Utils.php
+++ b/lib/Saml2/Utils.php
@@ -494,7 +494,7 @@ protected static function getRawHost()
         if (self::$_host) {
             $currentHost = self::$_host;
         } elseif (self::getProxyVars() && array_key_exists('HTTP_X_FORWARDED_HOST', $_SERVER)) {
-            $currentHost = $_SERVER['HTTP_X_FORWARDED_HOST'];
+            $currentHost = explode(',', $_SERVER['HTTP_X_FORWARDED_HOST'])[0];
         } elseif (array_key_exists('HTTP_HOST', $_SERVER)) {
             $currentHost = $_SERVER['HTTP_HOST'];
         } elseif (array_key_exists('SERVER_NAME', $_SERVER)) {