On Tue, Oct 14, 2008 at 04:40:27PM +0200, Justus Winter wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Jorge Arellano Cid wrote:
2. joining hostname and port for the Host: header
a_Http_make_query_str used to build the Host: header by concatenating the url->hostname with the port number in case it's not the default port. Unfortunately this breaks with numeric ipv6 addresses since an ipv6 literal has to be enclosed with square brackets when used in urls and Host: header fields (according to my experiments and my interpretation of rfc 2616 section 14.23 ("Host header") and 3.2.2 ("http URL")).
I would therefore suggest to use the original authority string obtained from the url. Patch is attached.
AFAIR, the "remove default port" part was added because some sites answer 404 when receiving it. Yes, that's what your comment says. But my proposal does not break those cases in general.
The current behavior is to construct the authority string for the host header using the parsed hostname and the port number in case it differs from 80.
I proposed to use the authority part from the url the user entered. This may break some sites _if_ the user explicitly entered ":80" in the url.
That's the point.
Btw, I just checked firefox and it seems to do it this way.
Entering "http://localhost:80" in firefox url bar yields the following request:
root@thinkbox:/var/tmp# nc -l -p 80 GET / HTTP/1.1 Host: localhost:80 [...]
Good. If FF does it currently, then it should be less of a problem. I'll commit as it is and let's see what happens. -- Cheers Jorge.-