[jboss-jira] [JBoss JIRA] (WFLY-7144) HTTP/1.1 request without Host header should be reported with 400 (Bad request)
Stuart Douglas (JIRA)
issues at jboss.org
Mon Sep 19 22:12:00 EDT 2016
[ https://issues.jboss.org/browse/WFLY-7144?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Stuart Douglas moved JBEAP-6073 to WFLY-7144:
---------------------------------------------
Project: WildFly (was: JBoss Enterprise Application Platform)
Key: WFLY-7144 (was: JBEAP-6073)
Workflow: GIT Pull Request workflow (was: CDW with loose statuses v1)
Component/s: Web (Undertow)
(was: Web (Undertow))
Affects Version/s: (was: 7.1.0.DR4)
> HTTP/1.1 request without Host header should be reported with 400 (Bad request)
> ------------------------------------------------------------------------------
>
> Key: WFLY-7144
> URL: https://issues.jboss.org/browse/WFLY-7144
> Project: WildFly
> Issue Type: Bug
> Components: Web (Undertow)
> Reporter: Stuart Douglas
> Assignee: Stuart Douglas
>
> For a HTTP/1.1 client request there is requirement that it has defined Host header either with empty or non-empty value, see RFC 2616 [here|https://tools.ietf.org/html/rfc2616#section-14.23], [here|https://tools.ietf.org/html/rfc2616#section-5.2] and [here|https://tools.ietf.org/html/rfc2616#section-19.6.1.1].
> If client performs the HTTP/1.1 request with no Host header defined, server MUST response with 400 (Bad request):
> {quote}
> Servers MUST report a 400 (Bad Request) error if an HTTP/1.1
> request does not include a Host request-header.
> {quote}
> Currently EAP7 response with actual page content when HTTP/1.1 request without Host header is performed, try:
> {code}
> telnet localhost 8080
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> GET / HTTP/1.1
> {code}
> Expected behaviour: server respondes with 400 (Bad request) as specification says so.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list