From nobody@hyperreal.com Mon Apr 14 11:18:58 1997 Received: (from nobody@localhost) by hyperreal.com (8.8.4/8.8.4) id LAA16641; Mon, 14 Apr 1997 11:18:58 -0700 (PDT) Message-Id: <199704141818.LAA16641@hyperreal.com> Date: Mon, 14 Apr 1997 11:18:58 -0700 (PDT) From: David Hull Reply-To: hull@cs.uiuc.edu To: apbugs@hyperreal.com Subject: Does not accept absolute URI in request. X-Send-Pr-Version: 3.2 >Number: 392 >Category: protocol >Synopsis: Does not accept absolute URI in request. >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Mon Apr 14 11:20:02 1997 >Last-Modified: Mon Apr 14 11:41:17 PDT 1997 >Originator: hull@cs.uiuc.edu >Organization: >Release: 1.2b8 >Environment: SunOS pertsserver 5.5.1 Generic_103640-02 sun4m sparc SUNW,Sun_4_600 pertsserver$ gcc --version 2.7.2.1 >Description: In apache 1.2b8, the request GET http://pertsserver.cs.uiuc.edu/ HTTP/1.1 fails, while GET / HTTP/1.1 Host: pertsserver.cs.uiuc.edu succeeds. The error log for the first request says: [Mon Apr 14 13:15:30 1997] access to / failed for pertsserver.cs.uiuc.edu, reason: client sent HTTP/1.1 request without hostname My understanding is that they should both succeed. The HTTP/1.1 spec (RFC2068) says: 5.1.2 Request-URI [...] Request-URI = "*" | absoluteURI | abs_path [...] An example Request-Line would be: GET http://www.w3.org/pub/WWW/TheProject.html HTTP/1.1 To allow for transition to absoluteURIs in all requests in future versions of HTTP, all HTTP/1.1 servers MUST accept the absoluteURI form in requests, even though HTTP/1.1 clients will only generate them in requests to proxies. >How-To-Repeat: >Fix: >Audit-Trail: State-Changed-From-To: open-closed State-Changed-By: coar@decus.org State-Changed-When: Mon Apr 14 11:41:16 PDT 1997 State-Changed-Why: Sorry, Apache is behaving correctly. From RFC 2068, section 14.23 " A client MUST include a Host header field in all HTTP/1.1 request messages on the Internet (i.e., on any message corresponding to a request for a URL which includes an Internet host address for the service being requested). If the Host field is not already present, an HTTP/1.1 proxy MUST add a Host field to the request message prior to forwarding it on the Internet. All Internet-based HTTP/1.1 servers MUST respond with a 400 status code to any HTTP/1.1 request message which lacks a Host header field." Thanks for the report, though, and for using Apache! >Unformatted: