Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

warp-tls strips out the Host request header #478

Closed
snoyberg opened this issue Dec 6, 2015 · 5 comments
Closed

warp-tls strips out the Host request header #478

snoyberg opened this issue Dec 6, 2015 · 5 comments

Comments

@snoyberg
Copy link
Member

snoyberg commented Dec 6, 2015

Just discovered this due to some buggy behavior in yesod devel, where URLs were misgenerated for TLS connections but generated correctly for non-TLS connections. Take as an example the following print of a Request value for a warp-tls connection:

Request {requestMethod = "GET", httpVersion = HTTP/1.1, rawPathInfo = "/", rawQueryString = "", requestHeaders = [("Host","localhost:3009"),("Connection","keep-alive"),("Accept","text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"),("Upgrade-Insecure-Requests","1"),("User-Agent","Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"),("Accept-Encoding","gzip, deflate, sdch"),("Accept-Language","en-US,en;q=0.8,he;q=0.6"),("Cookie","_SESSION=SwprbhBIY0Nkf+vIaMIaBXE1cFbWqtLAU5O7CwUmDsrB8YTi+roXGq30tVTLnNCpEqtdmEHMug8TSp9NyV0nJsFt09Q4xcHPPXIAvfxDdj06JeM5LnrH5rSTg5G2JiPPpBSpHzYSpwA=; XSRF-TOKEN=ZdJ5OHPy5K")], isSecure = False, remoteHost = 127.0.0.1:51112, pathInfo = [], queryString = [], requestBody = <IO ByteString>, vault = <Vault>, requestBodyLength = KnownLength 0, requestHeaderHost = Just "localhost:3009", requestHeaderRange = Nothing}

Note that while the requestHeaderHost field is populated, the Host header itself does not appear in the requestHeaders, in contrast with warp itself which populates both. This harms the situation, for example, when reverse proxying.
@snoyberg snoyberg mentioned this issue Dec 6, 2015
Open
@snoyberg
Copy link
Member Author

snoyberg commented Dec 6, 2015

I'm not actually quite sure what's going on in warp-tls right now, @kazu-yamamoto would this be an easy thing for you to fix?

snoyberg added a commit to yesodweb/yesod that referenced this issue Dec 6, 2015
@snoyberg
Add a workaround for yesodweb/wai#478
1fb697f
@kazu-yamamoto
Copy link
Contributor

Probably you cut and pasted a wrong example since it has a Host header.

However, I confirmed that WAI apps don't receive Host headers with WarpTLS. This happens only with github code, not with released code.

@kazu-yamamoto
Copy link
Contributor

Never mind. This happens even with warp-tls 3.1.4.

kazu-yamamoto added a commit that referenced this issue Dec 7, 2015
@kazu-yamamoto
adding the host header from :authority. (#478)
776a8dc
@kazu-yamamoto
Copy link
Contributor

Fixed.

@snoyberg If your problem has gone away with the commit above, please close this issue.

@snoyberg
Copy link
Member Author

snoyberg commented Dec 7, 2015

Confirmed fixed, thanks!

@snoyberg snoyberg closed this as completed Dec 7, 2015
@Restioson Restioson mentioned this issue Feb 2, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@snoyberg @kazu-yamamoto