Join GitHub today
GitHub is home to over 50 million developers working together to host and review code, manage projects, and build software together.Sign up
GitHub is where the world builds software
Millions of developers and companies build, ship, and maintain their software on GitHub — the largest and most advanced development platform in the world.
stripping trailing dot from URL prevents correct dns-resolving #3022
I did this
I used a trailing dot in the URL to prevent system resolvers from appending suffixes from the search list.
I need to do this because appending the suffix will eventually trigger resolving from a different upstream resolver (split dns setup) and add a long delay.
The trailing dot is the correct way to express this "absoluteness" of the name (RFC1034).
While I can understand the TLS/SNI and perhaps "virtual-host-matching" issues based on trailing dots in the URL (mostly discussed in #716), this issue here is really just about the name resolving.
I expected the following
I expected the trailing dot in the hostname to prevent dns lookups with system's dns search list entries appended.
Some additional data:
I don't see this functionality documented in POSIX for getaddrinfo.
As outlined in #716, the HTTP/1.1 spec section 5.4 clearly says "If the target URI includes an authority component, then a client MUST send a field-value for Host that is identical to that authority component". (emphasis added by me). Sending a
getadddrinfo is exactly the API we work with (mostly) so that's the specification and docs we have to work with. It not being specified in POSIX makes it unreliable to depend on, even if there are (several?) implementations that work like this.
It's just a violation of the HTTP/1.1 spec...
(if someone wants to work on a PR for this, I'll just warn that #3017 might land soon and will change hostname handling a little bit)
POSIX is the interface to the operating system. But beyond that there are numerous standards (be it HTTP, IP, DNS, ...). The thing about trailing dots in domain names is covered in RFC1034 3.1.
The POSIX interface of
"I am completely fine" was highly exaggerated. What I meant is, that I do not care in the scope of this issue, because this issue is not about the Host-Header at all.
In combination with
The stripping happens in the URI but not in the cache-entry from
So the question about dot-stripping or not is to be considered in at least 3 layers: