The HTTP X-Forwarded-Host request header indicates the original host as requested by the client.
The HTTP X-Forwarded-Host request header is used to identify the target host, as specified by the originator of the HTTP request. This is not needed in situations where the client connects directly to the server. However, when intermediaries exist, the hostnames and ports may differ from the destination server that ultimately handles the HTTP request. Consequently, the HTTP X-Forwarded-Host header can be used to determine the original host.
The use of this HTTP header is intended for improved troubleshooting and statistical reporting. There are, however, additional privacy concerns because it reveals information about the originator of the request.
The only directive is the name of the host, as in the following example.
The "X-" naming convention for HTTP headers, "X" referring to "experimental", has been deprecated and need to be transitioned to formal naming convention for HTTP headers.
The HTTP X-Forwarded-Host request header is commonly used; however, since its inception, this is now a standardized as the HTTP Forwarded request header.
The HTTP X-Forwarded-Host header, and the newer version HTTP Forwarded header, is used to identify the original host in a HTTP request.