Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 412942009D9 for ; Thu, 19 May 2016 22:19:20 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 3FACA160A1D; Thu, 19 May 2016 20:19:20 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 87CA71609AE for ; Thu, 19 May 2016 22:19:19 +0200 (CEST) Received: (qmail 52414 invoked by uid 500); 19 May 2016 20:19:13 -0000 Mailing-List: contact dev-help@hc.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "HttpComponents Project" Delivered-To: mailing list dev@hc.apache.org Received: (qmail 52176 invoked by uid 99); 19 May 2016 20:19:13 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 19 May 2016 20:19:13 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id 060812C1F61 for ; Thu, 19 May 2016 20:19:13 +0000 (UTC) Date: Thu, 19 May 2016 20:19:13 +0000 (UTC) From: "James Kelley (JIRA)" To: dev@hc.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Comment Edited] (HTTPCLIENT-1744) code treats domain names or hostnames case sensitive. This will cause verification to fail because FQDN are case insensitive. MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Thu, 19 May 2016 20:19:20 -0000 [ https://issues.apache.org/jira/browse/HTTPCLIENT-1744?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15292062#comment-15292062 ] James Kelley edited comment on HTTPCLIENT-1744 at 5/19/16 8:18 PM: ------------------------------------------------------------------- Well if I understand what you are saying, you wish the bug to be moved further up in the stack because it should be normalized prior. Which is fine, where do you think it should be normalized? org.apache.hc.client5.http.methods.HttpGet() is where it comes in. So some where between HttpGet method and matchDomainRoot method? was (Author: knowever): Well if I understand what you are say, you wish the bug to be moved further up in the stack because it should be normalized prior. Which is fine, where do you think it should be normalized? org.apache.hc.client5.http.methods.HttpGet() is where it comes in. So some where between HttpGet method and matchDomainRoot method? > code treats domain names or hostnames case sensitive. This will cause verification to fail because FQDN are case insensitive. > ----------------------------------------------------------------------------------------------------------------------------- > > Key: HTTPCLIENT-1744 > URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1744 > Project: HttpComponents HttpClient > Issue Type: Bug > Components: HttpClient, HttpConn > Affects Versions: 4.5.1, 4.5.2, 5.0 Alpha1 > Reporter: James Kelley > > in class DefaultHostnameVerifier in the method static boolean matchDomainRoot(final String host, final String domainRoot); and maybe else where the code treats domain names or hostnames case sensitive. This will cause verification to fail because FQDN are case insensitive. > host.endsWith(domainRoot) -- This message was sent by Atlassian JIRA (v6.3.4#6332) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@hc.apache.org For additional commands, e-mail: dev-help@hc.apache.org