Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

3.1 vs 3.2 HTTP server behavior change when Host header value not allowed #859

Closed
spoonincode opened this issue Mar 21, 2023 · 3 comments · Fixed by #1008 or #1013
Closed

3.1 vs 3.2 HTTP server behavior change when Host header value not allowed #859

spoonincode opened this issue Mar 21, 2023 · 3 comments · Fixed by #1008 or #1013
Assignees
@huangminghuang
Labels
actionable bug Something isn't working 👍 lgtm OCI Work exclusive to OCI team
Milestone
Leap 3.2.4

Comments

@spoonincode
Copy link
Member

On 3.1 when an HTTP client's Host header is not allowed by http_plugin, an empty 400 response is returned to the client. On 3.2+, the connection is simply closed without any headers sent to the client.

This is easy to reproduce by simply

nodeos --plugin eosio::chain_api_plugin

and then

curl -v http://localhost:8888/v1/chain/get_info

(http_plugin listens on 127.0.0.1 by default, and thus will not accept a Host: localhost:8888 header)

IMO an error response should be sent (that is, the behavior change in 3.2 is undesirable). I would go further and suggest returning a small body describing the error would be very helpful.
@enf-ci-bot enf-ci-bot moved this to Todo in Team Backlog Mar 21, 2023
@heifner heifner added bug Something isn't working actionable and removed triage labels Mar 22, 2023
@bhazzard
Copy link

bhazzard commented Apr 7, 2023

Patched into 3.2, bring forward to 4.0 and beyond.

Caused confusion internally as well. Lack of information on why connection closes.

@stephenpdeos stephenpdeos added this to the Leap 3.2.4 milestone Apr 7, 2023
@heifner heifner added the OCI Work exclusive to OCI team label Apr 10, 2023
This was referenced Apr 10, 2023
Merged
Merged
Merged
@github-project-automation github-project-automation bot moved this from Todo to Done in Team Backlog Apr 12, 2023
@ericpassmore ericpassmore reopened this May 2, 2023
@heifner
Copy link
Member

heifner commented May 2, 2023

@ericpassmore why did you reopen this issue? Is it not working?

@ericpassmore
Copy link
Contributor

ericpassmore commented May 2, 2023
edited
Loading

Sorry mouse slip closing issue, and I shouldn’t have opened it. I ran into this issue last night.

I feel http://localhost should work. That’s a separate issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@huangminghuang huangminghuang

Labels
actionable bug Something isn't working 👍 lgtm OCI Work exclusive to OCI team
Projects
Team Backlog
Archived in project
Milestone
Leap 3.2.4
7 participants
@bhazzard @huangminghuang @heifner @ericpassmore @spoonincode @stephenpdeos @enf-ci-bot