A Bug
Maxim Dounin
mdounin at mdounin.ru
Wed Dec 8 04:26:59 MSK 2010
Hello!
On Tue, Dec 07, 2010 at 04:39:32PM -0500, f3zz wrote:
> I redirect the *.yanbao360.com to www.yanbao360.com use the
> configuration below.
>
> [quote]
> location / {
> if ($host != 'www.yanbao360.com') {
> rewrite ^(.*)$ http://www.yanbao360.com$1;
> }
> }
> [/quote]
>
> everything is ok except three case return 200 not 302
>
> how to duplicate (nginx 0.8.x ~ 0.9.x)
>
>
> [quote]telnet yanbao360.com 80[/quote]
>
> then paste one of these text
>
> GET / HTTP/1.1
> Host: WWW.yanbao360.com
>
> GET / HTTP/1.1
> Host: www.yanbao360.com.
>
> GET / HTTP/1.1
> Host: WWW.yanbao360.com.
>
> press enter twice, you will get nginx return 200 OK
Variable $host contains normalized host name, and all of the above
forms are normalized into 'www.yanbao360.com' in $host variable as
they are equivalent.
Case-insensitive matching of hostnames is explicitly required by
RFC2616[1]. And fully qualified domain name may contain trailing
"." if it is necessary to distinguish between the complete domain
name and some local domain[2].
[1] http://tools.ietf.org/html/rfc2616#section-3.2.3
[2] http://tools.ietf.org/html/rfc3986#section-3.2.2
If you want to check Host header exactly as sent by client - you
may use $http_host variable instead. There are some caveats
though:
1. Redirection to equivalent URL may cause problems, as it's
basically identical to infinite redirection loop.
2. You're likely to see some browsers sending port in Host header
("www.yanbao360.com:80") even if it's default one.
3. Some requests may use absolute URL in request line, then Host
header must be ignored and host portion of URL used instead
(though this shouldn't happen with HTTP/1.1 clients).
Maxim Dounin
More information about the nginx
mailing list