Skip to content
  1. Nov 23, 2016
  2. Nov 22, 2016
  3. Nov 21, 2016
  4. Nov 19, 2016
  5. Nov 18, 2016
  6. Nov 17, 2016
  7. Nov 16, 2016
    • William A. Rowe Jr's avatar
      Actually cause the Host header to be overridden, as noted by rpluem, · 49004756
      William A. Rowe Jr authored
      and simplify now that there isn't a log-only mode.
      
      I believe this logic to be busted. Given this request;
      
      GET http://distant-host.com/ HTTP/1.1
      Host: proxy-host
      
      we would now fail to evaluate the proxy-host virtual host rules.
      
      This seems like a breaking change to our config. mod_proxy already
      follows this rule of RFC7230 section 5.4;
      
         When a proxy receives a request with an absolute-form of
         request-target, the proxy MUST ignore the received Host header field
         (if any) and instead replace it with the host information of the
         request-target.  A proxy that forwards such a request MUST generate a
         new Host field-value based on the received request-target rather than
         forward the received Host field-value.
      
      Section 5.5 of RFC7230 has this to say;
      
         Once the effective request URI has been constructed, an origin server
         needs to decide whether or not to provide service for that URI via
         the connection in which the request ...
      49004756
  8. Nov 15, 2016
  9. Nov 14, 2016
  10. Nov 13, 2016