We have an application that is running on Azure. Due to the nature of the Azure setup, it's rewriting some of the headers. allowedOrigins to the rescue, you would say. However, we've configured the allowedOrigins but somehow we still receive the following error:

`x-forwarded-host` header with value `mysite.azurewebsites.net` does not match `origin` header with value `sub.domain.com` from a forwarded Server Actions request. Aborting the action.

The configuration looks like this:

experimental: {
    serverActions: {
      allowedOrigins: [
        'mysite.azurewebsites.net',
        'sub.domain.com',
      ],
    },
  },

We've confirmed that these values show up in required-server-files.json when building the app. And we also see the custom headers we're adding in the same configuration file when we see a valid response.

By looking through [the code](https://github.com/vercel/next.js/blob/v15.1.7/packages/next/src/server/app-render/action-handler.ts#L524) where the allowedOrigins are checked, we assume it should work, based on the values in the log message and the configuration. However, it doesn't.

Right now we changed our environment to make it work, but we can still replicate it by sending a cURL request with the X-Forwarded-Host header that's not matching the originDomain.

We're using Next 15.1.7 and React 19.0.0 with Node 20.x (don't know the exact version off-hand).

Does someone have suggestions on how we could resolve or debug this issue?