tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From craig...@apache.org
Subject cvs commit: jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core LocalStrings.properties StandardEngineValve.java
Date Sat, 10 Nov 2001 01:24:20 GMT
craigmcc    01/11/09 17:24:20

  Modified:    catalina/src/share/org/apache/catalina/core
                        LocalStrings.properties StandardEngineValve.java
  Log:
  Enforce the requirement (RFC 2616, Section 5.2) that an HTTP/1.1 request
  MUST contain a "Host:" header to be valid.
  
  Revision  Changes    Path
  1.41      +1 -0      jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/LocalStrings.properties
  
  Index: LocalStrings.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/LocalStrings.properties,v
  retrieving revision 1.40
  retrieving revision 1.41
  diff -u -r1.40 -r1.41
  --- LocalStrings.properties	2001/10/25 00:23:02	1.40
  +++ LocalStrings.properties	2001/11/10 01:24:20	1.41
  @@ -79,6 +79,7 @@
   standardEngine.alreadyStarted=Engine has already been started
   standardEngine.mappingError=MAPPING configuration error for server name {0}
   standardEngine.noHost=No Host matches server name {0}
  +standardEngine.noHostHeader=HTTP/1.1 request with no Host: header
   standardEngine.notHost=Child of an Engine must be a Host
   standardEngine.notParent=Engine cannot have a parent Container
   standardEngine.notStarted=Engine has not yet been started
  
  
  
  1.7       +15 -4     jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardEngineValve.java
  
  Index: StandardEngineValve.java
  ===================================================================
  RCS file: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardEngineValve.java,v
  retrieving revision 1.6
  retrieving revision 1.7
  diff -u -r1.6 -r1.7
  --- StandardEngineValve.java	2001/11/10 00:33:55	1.6
  +++ StandardEngineValve.java	2001/11/10 01:24:20	1.7
  @@ -1,7 +1,7 @@
   /*
  - * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardEngineValve.java,v
1.6 2001/11/10 00:33:55 craigmcc Exp $
  - * $Revision: 1.6 $
  - * $Date: 2001/11/10 00:33:55 $
  + * $Header: /home/cvs/jakarta-tomcat-4.0/catalina/src/share/org/apache/catalina/core/StandardEngineValve.java,v
1.7 2001/11/10 01:24:20 craigmcc Exp $
  + * $Revision: 1.7 $
  + * $Date: 2001/11/10 01:24:20 $
    *
    * ====================================================================
    *
  @@ -86,7 +86,7 @@
    * when processing HTTP requests.
    *
    * @author Craig R. McClanahan
  - * @version $Revision: 1.6 $ $Date: 2001/11/10 00:33:55 $
  + * @version $Revision: 1.7 $ $Date: 2001/11/10 01:24:20 $
    */
   
   final class StandardEngineValve
  @@ -146,6 +146,17 @@
           if (!(request.getRequest() instanceof HttpServletRequest) ||
               !(response.getResponse() instanceof HttpServletResponse)) {
               return;     // NOTE - Not much else we can do generically
  +        }
  +
  +        // Validate that any HTTP/1.1 request included a host header
  +        HttpServletRequest hrequest = (HttpServletRequest) request;
  +        if ("HTTP/1.1".equals(hrequest.getProtocol()) &&
  +            (hrequest.getServerName() == null)) {
  +            ((HttpServletResponse) response.getResponse()).sendError
  +                (HttpServletResponse.SC_BAD_REQUEST,
  +                 sm.getString("standardEngine.noHostHeader",
  +                              request.getRequest().getServerName()));
  +            return;
           }
   
           // Select the Host to be used for this Request
  
  
  

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message