Skip to content

Introduce KestrelServerOptions.AllowUnsafeHostHeaderOverride #48460

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Aug 1, 2023
Merged

Introduce KestrelServerOptions.AllowUnsafeHostHeaderOverride #48460

merged 6 commits into from
Aug 1, 2023

Conversation

amcasey
Copy link
Member

@amcasey amcasey commented May 26, 2023
edited
Loading

Introduce KestrelServerOptions.AllowUnsafeHostHeaderOverride

  • You've read the Contributor Guide and Code of Conduct.
  • You've included unit or integration tests for your change, where applicable.
  • You've included inline docs for your change, where applicable.
  • There's an open issue for the PR that you are making. If you'd like to propose a new feature or change, please open an issue to discuss the change or find an existing issue.

Make it possible to skip validation that the request-target and host header match.

Description

This builds on #48415 (which is itself a port of #39334). That PR introduced an internal API and corresponding appcontext switch that made it possible to overwrite an incorrect Host header with a value derived from an absolute-form request target to handle the surprisingly common client behavior of missing the line-break after the host header, as IIS/Http.Sys did. This PR upgrades it to a public API since those clients aren't going away. The behavior is the same, it just has a name and a doc comment intended for broader consumption.

Fixes #39335 (with #48415).
Fixes #48461

@ghost ghost added the area-runtime label May 26, 2023
@amcasey amcasey added api-ready-for-review API is ready for formal API review - https://github.com/dotnet/apireviews and removed area-runtime labels May 26, 2023
@ghost
Copy link

ghost commented May 26, 2023

Thank you for your API proposal. I'm removing the api-ready-for-review label. API Proposals should be submitted for review through Issues based on this template.

@ghost ghost removed the api-ready-for-review API is ready for formal API review - https://github.com/dotnet/apireviews label May 26, 2023
@amcasey amcasey mentioned this pull request May 26, 2023
Closed
Tratcher
Tratcher approved these changes May 26, 2023
View reviewed changes
@JamesNK JamesNK added blocked The work on this issue is blocked due to some dependency area-runtime labels May 27, 2023
@amcasey amcasey added area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions and removed area-runtime labels Jun 6, 2023
@ghost
Copy link

ghost commented Jun 13, 2023

Looks like this PR hasn't been active for some time and the codebase could have been changed in the meantime.
To make sure no breaking changes are introduced, please leave an /azp run comment here to rerun the CI pipeline and confirm success before merging the change.

@ghost ghost added the pending-ci-rerun When assigned to a PR indicates that the CI checks should be rerun label Jun 13, 2023
Tratcher and others added 4 commits July 31, 2023 16:17
@Tratcher @halter73 @amcasey
Allow overriding the host header if doesn't match the absolute-form h…
73fcbf1 
…ost (dotnet#39334)

* Allow overriding the host header if doesn't match the absolute-form host
* Apply suggestions from code review

Co-authored-by: Stephen Halter <[email protected]>
@amcasey
Add explanatory comment
2ca5c88
@amcasey
Replace internal API and appcontext switch with public API
7dec71a 
The new public API is `KestrelServerOptions.AllowUnsafeHostHeaderOverride` and I've moved the explanatory comments there.  The behavior remains opt-in.
@amcasey
Separate corruption and mismatch tests
9a89e7e
@amcasey
Copy link
Member Author

amcasey commented Jul 31, 2023

Force push is a rebase

Tratcher
Tratcher approved these changes Aug 1, 2023
View reviewed changes
@amcasey @Tratcher
Clarify comment.
ec6b5f4 
Co-authored-by: Chris Ross <[email protected]>
@amcasey amcasey enabled auto-merge (squash) August 1, 2023 16:32
@amcasey amcasey removed blocked The work on this issue is blocked due to some dependency pending-ci-rerun When assigned to a PR indicates that the CI checks should be rerun labels Aug 1, 2023
@amcasey amcasey merged commit c52c200 into dotnet:main Aug 1, 2023
@ghost ghost added this to the 8.0-rc1 milestone Aug 1, 2023
@amcasey amcasey deleted the HostHeader8 branch August 1, 2023 20:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Tratcher Tratcher Tratcher approved these changes

@halter73 halter73 Awaiting requested review from halter73 halter73 is a code owner

@BrennanConroy BrennanConroy Awaiting requested review from BrennanConroy BrennanConroy is a code owner

@JamesNK JamesNK Awaiting requested review from JamesNK JamesNK is a code owner

@mgravell mgravell Awaiting requested review from mgravell

Assignees
No one assigned
Labels
area-networking Includes servers, yarp, json patch, bedrock, websockets, http client factory, and http abstractions
Projects
None yet
Milestone
8.0-rc1
Development

Successfully merging this pull request may close these issues.

Introduce KestrelServerOptions.AllowUnsafeHostHeaderOverride Requests using the absolute-form in the request line require the host to match
4 participants
@amcasey @Tratcher @BrennanConroy @JamesNK