On Mon, 2 Apr 2018 02:55:01 +0200
Josuah Demangeon <mail_AT_josuah.net> wrote:
Dear Josuah,
> An HTTP request may contain the port number:
>
> $ nc -l 8080
> GET / HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.55.1
> Accept: */*
>
> It provoked the canonical host to mismatch while comparing it with
> the actual host:
>
> r->field[REQ_HOST]: localhost:8080
> vhostmatch: localhost
>
> This commit attempts to fix it by replacing the first ':' by '\0'.
thanks for alerting me to this, I honestly forgot about it.
> Hopefully this will not clash with IPv6 addresses syntax.
I fear though that we'll have to be a bit more careful to avoid
problems with IPv6-hosts. Namely, if an IPv6-host with port is
specified, the ip-address will be wrapped in square-brackets.
I put this on the todo as I unfortunately don't have the time to write a
patch at the moment, but if you like, you might want to think about
changing the patch off a bit to also respect this square bracket case
(Something along the lines of a strrchr for both [ and : in some way).
With best regards
Laslo Hunhold
--
Laslo Hunhold <dev_AT_frign.de>
Received on Mon Apr 02 2018 - 10:05:10 CEST