Homestyx hydra
Diffusion hydra 57208dfd52c0

Strip port numbers from HTTP host headers before comparing them for cookie
57208dfd52c0
Actions

Description

Strip port numbers from HTTP host headers before comparing them for cookie
purposes

Summary:
Browsers send port numbers (like ":443" or proxy ports) in the Host header and
we'll currently reject them with a message like:

Blah is configured on "x.y.com" but you are accessing it on "x.y.com:443".

Instead, examine only the host part.

Test Plan: Had my local listen on port 81 and accessed Phabricator before/after
the change; it now works without throwing.

Reviewers: jungejason, tuomaspelkonen, aran

Reviewed By: jungejason

CC: aran, epriestley, abdul, jungejason

Differential Revision: 841

Details

Provenance
epriestleyAuthored on Aug 20 2011, 4:55 PM
sirocylPushed on Oct 16 2024, 5:49 AM
Parents
R1:c04805cde4a1: Open AphrontWriteGuard for user login
Branches
Unknown
Tags
Unknown

Event Timeline

Changes (1)

PathSize
src/
aphront/
request/

R1:57208dfd52c0

View Options

src/aphront/request/AphrontRequest.php

Loading...
styx copyright 2020 sirocyl / ellie (kymkdd) / ncommander / styx contributors
Use of other names and brands is not intended to reflect a claim of, or right to, use the name or brand.
styx is an operating system using the Linux kernel and components, and "styx Linux" as a phrase does not reflect the inclusion of the Linux brand or trademark in the styx project.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Terms and Conditions (TODO: fix this!)