André Warnier schrieb: > But is is interesting to see how in the end, a document such as RFC2616 > which is meant to "specify" a relatively strict set of rules, and of > which I am sure the phrasing is examined carefully and repeatedly (it > being after all a revision of an earlier document on the same topic), > still leaves areas open to interpretation, or downright inconsistent. > What is for example, in this case, a hostname which is /invalid/ on this > host ? > If the request reached this host, then it must be that for the DNS > system, the hostname resolved to one of this physical host's IP > addresses. In that sense, any HTTP request which reaches the host could > be deemed to address a valid hostname. Yes and no. It's always up to the server (or server admin) if it's accepting a given hostname or not. But if it's not accepting a hostname, it must return a 400. Well, there is no directive in Apache httpd to enable such strict hostname tests and Apache is always accepting all hostnames and is routing this to the default (v)host. And that's the reason I'm always using the namebased vhosts from my last post. Even I normally only want have an ip-based vhost (or no vhosts at all). BTW: If you want/must deal with IPs in the URIs, just add the IP for that vhost as ServerAlias to the first regular VirtualHost block. Regarding DNS: Well, a normal browser is asking a dns server for the IP, and then is connecting to that IP and using the servername from the URI for the Host header. Example: URI: http://www.apache.org/ (nslookup: 192.87.106.226) | telnet 192.87.106.226 80 | GET / HTTP/1.1 | Host: www.apache.org | That's what a normal browser is doing. Well, apache.org is also accepting all hostnames, and so the next example shows the same homapage: URI: http://www.apache.org/ (nslookup: 192.87.106.226) telnet 192.87.106.226 80 | GET / HTTP/1.1 | Host: www.microsoft.com | Well, I don't want that this happens on my servers, and with a namebased vhost, a perl script and a rewriterule I have the behavior I want: an error 400 in this case. Also Apache is now only accepting a defined ServerName/ServerAlias, and not all requests which are possible with a wildcard dns entry. But be careful with *.foo.com in ServerAlias. Regards, Carsten --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|