Fails to run server actions if X-Forwarded-Host header doesn't contain a port

[nanto]

Link to the code that reproduces this issue

https://github.com/nanto/nextjs-nginx-proxy-example

To Reproduce

1. Run docker compose up.
2. Open http://localhost:3333/.
3. Click the “Increment” button.

Current vs. Expected behavior

Expected behavior: the “Count: 0” becomes to “Count: 1”.

Actual behavior: Invalid Server Actions request error happens in client side and the following error message is shown in server side:

`x-forwarded-host` header with value `localhost` does not match `origin` header with value `localhost:3333` from a forwarded Server Actions request. Aborting the action.

Provide environment information

Operating System:
  Platform: linux
  Arch: x64
  Version: #1 SMP PREEMPT_DYNAMIC Debian 6.1.128-1 (2025-02-07)
  Available memory (MB): 15976
  Available CPU cores: 2
Binaries:
  Node: 18.20.7
  npm: 10.8.2
  Yarn: N/A
  pnpm: 9.6.0
Relevant Packages:
  next: 15.2.3 // Latest available version is detected (15.2.3).
  eslint-config-next: N/A
  react: 19.0.0
  react-dom: 19.0.0
  typescript: N/A
Next.js Config:
  output: N/A

Which area(s) are affected? (Select all that apply)

Server Actions

Which stage(s) are affected? (Select all that apply)

next dev (local)

Additional context

Some reverse proxies are configured as X-Forwarded-Host header doesn't contain the original port but X-Forwarded-Port header contains it. For example, when nginx-proxy with default settings accepts an HTTP request for https://local.example.com:3333/, it adds X-Forwarded-Host: local.example.com, X-Forwarded-Port: 3333, and X-Forwarded-Proto: https headers. Current Next.js CSRF prevention logic can't handle such a case and refuse execution of server actions.