Bug #85062: TYPO3 8.7 [SYS][trustedHostsPattern] = SERVER_NAME - TYPO3 Core - TYPO3 Forge

Bug #85062

Updated by Rene Tobias almost 6 years ago

Hello, 

 we have following problem in error log: 

 _PHP Fatal error:    Uncaught 
 UnexpectedValueException: The current host header value does not match the configured 
 trusted hosts pattern! Check the pattern defined in 
 $GLOBALS['TYPO3_CONF_VARS']['SYS']['trustedHostsPattern'] and adapt it, if you want to 
 allow the current host header 'http://www.mydomain.si./' for your installation. in 
 /var/www/html/typo3_source/typo3_src-8.7.12/typo3/sysext/core/Classes/Utility/GeneralUtility.php:29_ 

 So every time someone (bot...) wants to access following link http://www.mydomain.si*.*/ we get this php error. 

 The easy solution is to set 'trustedHostsPattern' => '.*' My question: why is 'trustedHostsPattern' => '.*' in TYPO3 defined as "not recommended because it is insecure"? Is that really so? And why?

Back

Project

General

Profile

TYPO3 Core

Bug #85062