<?php
...
$sugar_config = array (
...
$sugar_config['trusted_hosts'] = ['^dev\.local$', '^localhost$'];
...
Starting with version 8.4.2 there is a new security check to see if the host header of the request is a valid one. This check is performed at the start of every request to the backend.
This check uses a new entry trusted_hosts
on public/legacy/config.php
or public/legacy/config_override.php
, where you can define an array of regex strings for the trusted hosts, like the following:
<?php
...
$sugar_config = array (
...
$sugar_config['trusted_hosts'] = ['^dev\.local$', '^localhost$'];
...
If no trusted_hosts
entry is defined on public/legacy/config.php
or public/legacy/config_override.php
, the system will:
Parse and use the site_url
config as one of the entries.
Add an entry for localhost
Content is available under GNU Free Documentation License 1.3 or later unless otherwise noted.