The Host request-header field specifies the Internet host and port number of the resource being requested, as obtained from the original URI...
and also
A "host" without any trailing port information implies the default port for the service requested
HTTP requests generated by http.lua never include port information in the Host header, which is causing these requests to fail with some servers.
localfunctionget_host_field(host, port)
return stdnse.get_hostname(host)
end
I am proposing to rectify the issue by making the function more compliant with the RFC as follows:
localfunctionget_host_field(host, port)
ifnot host thenreturnnilendlocal ssl = shortport.ssl(host, port)
local pn = port.numberifnot ssl and pn ==80or ssl and pn ==443thenreturn stdnse.get_hostname(host)
elsereturn stdnse.get_hostname(host) ..":".. pn
endend
Please let me know if you have any questions or concerns. Otherwise I will commit the change in a few weeks.
As a side note, a similar logic where default port numbers are being derived from the scheme exists in several other areas. I will put together a follow-up patch to abstract out the logic.
The text was updated successfully, but these errors were encountered:
According to RFC 2616, Section 14.23:
and also
HTTP requests generated by
http.luanever include port information in theHostheader, which is causing these requests to fail with some servers.I am proposing to rectify the issue by making the function more compliant with the RFC as follows:
Please let me know if you have any questions or concerns. Otherwise I will commit the change in a few weeks.
As a side note, a similar logic where default port numbers are being derived from the scheme exists in several other areas. I will put together a follow-up patch to abstract out the logic.
The text was updated successfully, but these errors were encountered: