Menu
▾
▴
Re: [Openvpn-devel] HTTP/1.1 Host header
|
From: Jan J. K. <ja...@ni...> - 2010-09-27 13:22:46
|
Hi , Heikki Kallasjoki wrote: > On Mon, Sep 27, 2010 at 02:22:00PM +0200, Jan Just Keijser wrote: > >> ah right, now I see... hmmm 'Host: ...' headers should not be required >> by a web server and with apache's Virtual Hosts you can override this using >> > > I would have to disagree with whether Host: headers should be required, > given that the HTTP/1.1 specification explicitly says [RFC2616]: > > "All Internet-based HTTP/1.1 servers MUST respond with a 400 (Bad > Request) status code to any HTTP/1.1 request message which lacks a Host > header field." > > The client also "MUST" send a Host: header in every request, it is not > an optional field. Changing only the version number on the CONNECT line > OpenVPN sends does not make it a real HTTP/1.1 request. > > (From what I can tell, and based on a very quick test, the string > "_default_" in an Apache <VirtualHost> config also only matches unlisted > IP addresses, and does not change how it processes HTTP requests that > claim to be version 1.1 but aren't.) > > > now I see where the confusion is coming from : by default openvpn is using HTTP/1.0 requests; RFC1945 (http 1.0 standard) does NOT specify that the Host: header should be present. This was added in HTTP/1.1 RFC2616 ; so I guess that whenever you specify HTTP/1.1 requests using --http-proxy-option VERSION 1.1 then OpenVPN should also send a 'Host: ' header - seems like a trivial fix to me. I still have no clue why the original patch was not accepted, but then again, the mechanism for entering patches has changed (improved!) a lot as of late. HTH, JJK |
