I created a simple php script with the following contents:
<?php
phpinfo();
?>
Then I executed it on the server normally as a URL (example: http://xxx.xxx.xxx.xxx/whatever.php) and received information about what's installed, with php, etc.
Next, I used an advanced tool (opera dragonfly) and requested the same URL again, with the host HTTP request header changed from xxx.xxx.xxx.xxx to a random word. I'll call the new value word.
The same page appears, but what I find is that the SCRIPT_URL environment variable value is http://word/whatever.php instead of http://xxx.xxx.xxx.xxx/whatever.php and HTTP_HOST and SERVER_NAME are both set to word.
Why can't one environment variable value be the domain part of the url someone types in (like http://xxx.xxx.xxx.xxx) and another one be the value of the http host: header? and how do I fix this?
I'm using apache.
