httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 50563] New: improperly truncated ipv6 address in HTTP_X_FORWARDED_HOST variable
Date Mon, 10 Jan 2011 13:53:56 GMT

           Summary: improperly truncated ipv6 address in
                    HTTP_X_FORWARDED_HOST variable
           Product: Apache httpd-2
           Version: 2.2.3
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_proxy_http

We have two apache servers in a ProxyPass configuration, with the public
address being an IPv6 address of https://[fd66:4613:4146:1::82]/. The Django
web framework uses the HTTP_X_FORWARDED_HOST variable to determine the host to
use for redirection, and apache passes this


It looks like some code is naively assuming ipv4 and stripping everything after
the colon. This is breaking http redirects from Django and anyone else relying
on that variable.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message