Avoid X-Forwarded-Host to be copied to Host header

[paovitali]

What this PR does / why we need it: This PR reviews nginx template in order to avoid the overwriting of Host header with the values inherited from X-Forwarded-Host. The related variable assignment map has been deleted together with the related best_http_host assigment within the UseForwardedHeaders conditional. Now best_http_host gets populated only once with the right value independently from the usage of X-forwarded-* headers through related cfm key.

Which issue this PR fixes: fixes #3790

Special notes for your reviewer: Another PR has been submitted concerning this issue (#3798) which involves Lua migration of part of nginx template logic. As that one covers a lot more aspects, this PR is intended only to provide a behaviour fix while bigger WIP will be implemented :)

[k8s-ci-robot]

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA.

It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.

---

• If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
• If you signed the CLA as a corporation, please sign in with your organization's credentials at https://identity.linuxfoundation.org/projects/cncf to be authorized.
• If you have done the above and are still having issues with the CLA being reported as unsigned, please email the CNCF helpdesk: [email protected]

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: paovitali
To fully approve this pull request, please assign additional approvers.
We suggest the following additional approver: aledbf

If they are not already assigned, you can assign the PR to them by writing /assign @aledbf in a comment when ready.

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ElvinEfendi]

@paovitali unfortunately we can not just drop support for x-forwarded-host. But agreed that the current behaviour is not correct, i.e if x-forwarded-host has multiple domains instead of splitting and taking the first one we incorrectly take them all as $best_http_host.

I've an open PR to do this via Lua: https://github.com/kubernetes/ingress-nginx/pull/3798/files#diff-d2d9d7b4e27b247474196438a3dfbdc3R76, but there's a pushback on the amount of Lua we use - so it's not clear if we will continue with that PR.

[paovitali]

/check-cla

[paovitali]

@ElvinEfendi You are right, I added a splitted config to address the missing behaviour. I noticed (and referenced in PR message) your previous work with Lua on a prior PR, but as I saw it required some rethinking I wanted to do it via template too in the meantime

[ElvinEfendi]

@paovitali now that the referenced Lua PR is merged, how about #3950?

[paovitali]

@ElvinEfendi great, looking forward to test it 🍺