André Warnier wrote: > ;-) > I just wanted, once, to use a subject line with capitals and an > exclamation mark. > > It seems however that in this particular case, neither Tomcat nor Apache > httpd follow the rules, when they default to the .. default virtual host > in the case where they cannot find a match between the Host: header and > one of their defined virtual hosts. > Doesn't the following say that they MUST return a 400 status ? > > http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5.2 In theory, yes. As a practical matter, no... """ An origin server that does not allow resources to differ by the requested host MAY ignore the Host header field value when determining the resource identified by an HTTP/1.1 request. """ Apache httpd may operate in either mode. I agree it should be easier, Rich and I have it down to 3-4 lines of rewrite magic to kick out a 400, but we should probably allow this to be explicit [default?] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|