Skip to content


Subversion checkout URL

You can clone with
Download ZIP



merged 2 commits into from

2 participants


If FAKE-PROXY is T, the server in PROXY is asked for a relative URI rather than an absolute URI. This allows sending requests with mismatched Host header (host part of the URI) and actual destination.

I added this keyword because I had to send requests with particular host header to arbitrary servers. Reusing PROXY for this purpose is rather fortunate, albeit nonconventional; for one thing, cookies are handled properly. Another one is that such a use is not compatible with real proxies anyway.


I'm not opposed to pulling this change in, but I do not like the name of the keyword argument, because it does not give a hint as to what it is intended for. I think I understand what it does and what it would be useful for: You want to send requests to a server, specified by PROXY, that have the host from the URL in the Host: header, and the relative URL in the HTTP request. That way, you can talk to a host as if you were the proxy, is that right?

If that is the case, I'd want to have the documentation explain the above. I'd also want to see the proxy argument not be used, but rather a, say ACT-AS-PROXY-FOR keyword argument be present instead of PROXY.

I understand that this suggestion is also not terribly clear, but in order for this functionality to appear in DRAKMA, it needs to be structured and documented so that someone else has the chance to use the feature. Can you come up with a better keyword argument name and a documentation update?



That way, you can talk to a host as if you were the proxy, is that right?

Yes, but with a peculiar host to IP mapping.

I am able to deploy a web server on multiple (say, testing) machines. It accepts requests based on the Host header. I want to connect to its instance with Drakma, and I want Drakma to behave as if the IP address of that instance was associated with the host name in /etc/hosts. Maybe REAL-HOST instead of PROXY is better for this purpose?

Some people call this "faking a host header", but that's incorrect because only remote address is forged, and complete URI (with a "fake" host) is used for cookie acceptability resolution.

I see here another explanation of the problem, and the last post there agrees with the semantics I originally introduced; although I know that your remark on the obscurity of such worded proposal is correct.

@orivej orivej Add REAL-HOST keyword to HTTP-REQUEST.
If REAL-HOST is not NIL, request is sent to the denoted host instead
of the URI host.  When specified, REAL-HOST supersedes PROXY.

How about this?


Another option is PEER instead of REAL-HOST. This has a benefit of displaying that the paramater can hold both host and port, and a disadvantage of concealing somewhat its purpose.


I hope you've received a notification of the second commit in the pull request.

@hanshuebner hanshuebner merged commit c71890a into edicl:master

Thanks for the patch!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Sep 13, 2012
  1. @orivej

    Add REAL-HOST keyword to HTTP-REQUEST.

    orivej authored
    If REAL-HOST is not NIL, request is sent to the denoted host instead
    of the URI host.  When specified, REAL-HOST supersedes PROXY.
  2. @orivej
This page is out of date. Refresh to see the latest.
Showing with 15 additions and 1 deletion.
  1. +6 −0 doc/index.html
  2. +9 −1 request.lisp
6 doc/index.html
@@ -761,6 +761,7 @@
<a class=none href="#range">range</a>
<a class=none href="#proxy">proxy</a>
<a class=none href="#proxy-basic-authorization">proxy-basic-authorization</a>
+ <a class=none href="#real-host">real-host</a>
<a class=none href="#additional-headers">additional-headers</a>
<a class=none href="#redirect">redirect</a>
<a class=none href="#redirect-methods">redirect-methods</a>
@@ -1035,6 +1036,11 @@
<a class=none name="proxy-basic-authorization"><code><i>proxy-basic-authorization</i></code></a> is used like <code><i>basic-authorization</i></code>, but for
the proxy, and only if <code><i>proxy</i></code> is true.
+If <a class=none name="real-host"><code><i>real-host</i></code></a> is
+not <code>NIL</code>, request is sent to the denoted host instead of
+the URI host. When specified, <code><i>real-host</i></code>
+supersedes <code><i>proxy</i></code>.
<a class=none
is a
10 request.lisp
@@ -206,6 +206,7 @@ headers of the chunked stream \(if any) as a second value."
+ real-host
(redirect 5)
(redirect-methods '(:get :head))
@@ -372,6 +373,9 @@ otherwise). PROXY-BASIC-AUTHORIZATION is used like
BASIC-AUTHORIZATION, but for the proxy, and only if PROXY is
+If REAL-HOST is not NIL, request is sent to the denoted host instead
+of the URI host. When specified, REAL-HOST supersedes PROXY.
ADDITIONAL-HEADERS is a name/value alist of additional HTTP headers
which should be sent with the request. Unlike in PARAMETERS, the cdrs
can not only be strings but also designators for unary functions
@@ -465,6 +469,9 @@ PARAMETERS will not be used."
(integerp (second range))
(<= (first range) (second range)))
(parameter-error "RANGE parameter must be specified as list of two integers, with the second larger or equal to the first")))
+ ;; supersede PROXY with REAL-HOST
+ (when real-host
+ (setq proxy real-host))
;; convert PROXY argument to canonical form
(when proxy
(when (atom proxy)
@@ -610,7 +617,8 @@ PARAMETERS will not be used."
(render-uri (cond
((and proxy
(null stream)
- (not proxying-https-p))
+ (not proxying-https-p)
+ (not real-host))
(make-instance 'uri
Something went wrong with that request. Please try again.