Add support for X-Forwarded-Host using Tomcat's new RemoteIpValve hostHeader attribute

[NFarrington]

Tomcat now supports the X-Forwarded-Host header, per https://bz.apache.org/bugzilla/show_bug.cgi?id=57665 (as referenced in #5677).

It would be great to add support for this in order to enable a more complete support for X-Forwarded-* headers without needing to use the ForwardedHeaderFilter, and to provide closer feature parity with what's available in RemoteIpValve.

The current (Spring Boot 2.1.8.RELEASE) RemoteIpValve configuration can be found here:

spring-boot/spring-boot-project/spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/web/embedded/TomcatWebServerFactoryCustomizer.java

Lines 146 to 166 in b1ca1ae

	private void customizeRemoteIpValve(ConfigurableTomcatWebServerFactory factory) {
	Tomcat tomcatProperties = this.serverProperties.getTomcat();
	String protocolHeader = tomcatProperties.getProtocolHeader();
	String remoteIpHeader = tomcatProperties.getRemoteIpHeader();
	// For back compatibility the valve is also enabled if protocol-header is set
	if (StringUtils.hasText(protocolHeader) || StringUtils.hasText(remoteIpHeader)
	|| getOrDeduceUseForwardHeaders()) {
	RemoteIpValve valve = new RemoteIpValve();
	valve.setProtocolHeader(StringUtils.hasLength(protocolHeader) ? protocolHeader : "X-Forwarded-Proto");
	if (StringUtils.hasLength(remoteIpHeader)) {
	valve.setRemoteIpHeader(remoteIpHeader);
	}
	// The internal proxies default to a white list of "safe" internal IP
	// addresses
	valve.setInternalProxies(tomcatProperties.getInternalProxies());
	valve.setPortHeader(tomcatProperties.getPortHeader());
	valve.setProtocolHeaderHttpsValue(tomcatProperties.getProtocolHeaderHttpsValue());
	// ... so it's safe to add this valve by default.
	factory.addEngineValves(valve);
	}
	}

[philwebb]

This is the relevant Tomcat commit: apache/tomcat@67c3af9