Re: Apache httpd does not respect the HTTP RFCs !

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/28/09, André Warnier <aw@xxxxxxxxxx> wrote:
> ;-)
>  I just wanted, once, to use a subject line with capitals and an
>  exclamation mark.
>
>  It seems however that in this particular case, neither Tomcat nor Apache
>  httpd follow the rules, when they default to the .. default virtual host
>  in the case where they cannot find a match between the Host: header and
>  one of their defined virtual hosts.
>  Doesn't the following say that they MUST return a 400 status ?
>
> http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5.2

No, they only have to return a 400 when they believe the provided Host
is invalid on the server.  Neither server treats hostnames that have
not been explicitly enumerated as being invalid on the server, and
this is not a requirement of the RFC.


-- 
Eric Covener
covener@xxxxxxxxx

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux