Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net/http: bad host for WriteProxy for HTTP schemes #36831

Closed
tehmoon opened this issue Jan 28, 2020 · 1 comment
Closed

net/http: bad host for WriteProxy for HTTP schemes #36831

tehmoon opened this issue Jan 28, 2020 · 1 comment
Labels
FrozenDueToAge NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.

Comments

@tehmoon
Copy link

tehmoon commented Jan 28, 2020

What version of Go are you using (go version)?

$ go version
go version go1.13.4 linux/amd64

Does this issue reproduce with the latest release?

Yes, code path did not change

What operating system and processor architecture are you using (go env)?

GO111MODULE=""
GOARCH="amd64"
GOBIN=""
GOCACHE="/home/moon/.cache/go-build"
GOENV="/home/moon/.config/go/env"
GOEXE=""
GOFLAGS=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GONOPROXY=""
GONOSUMDB=""
GOOS="linux"
GOPATH="/home/moon/go"
GOPRIVATE=""
GOPROXY="https://proxy.golang.org,direct"
GOROOT="/usr/lib/go-1.13"
GOSUMDB="sum.golang.org"
GOTMPDIR=""
GOTOOLDIR="/usr/lib/go-1.13/pkg/tool/linux_amd64"
GCCGO="gccgo"
AR="ar"
CC="gcc"
CXX="g++"
CGO_ENABLED="1"
GOMOD=""
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
PKG_CONFIG="pkg-config"
GOGCCFLAGS="-fPIC -m64 -pthread -fmessage-length=0 -fdebug-prefix-map=/tmp/go-build174047944=/tmp/go-build -gno-record-gcc-switches"

go env Output
$ go env

What did you do?

While writing to proxy using either http.ProxyURL( or http.ProxyFromEnvironment. If the request.URL.Scheme is http, the request.RequestURI's host will be from ``request.Host and not from request.URL.Host.

What did you expect to see?

Using the following request:

POST /gen_204?atyp=csi&ei=xxx&s=jsa&jsi=s,t.0,et.focus,n.iDPoPb,cn.1&zx=xxxHTTP/1.1
Host: blah

I expect to see:

POST http://google.com/gen_204?atyp=csi&ei=_UMjXuLAHvLL5gKQ872YBw&s=jsa&jsi=s,t.0,et.focus,n.iDPoPb,cn.1&zx=1579369468594 HTTP/1.1
Host: blah

when I force request.URL.Host to "google.com" and request.URL.Scheme to "http"

What did you see instead?

Instead this is what's going on:

POST http://blah/gen_204?atyp=csi&ei=_UMjXuLAHvLL5gKQ872YBw&s=jsa&jsi=s,t.0,et.focus,n.iDPoPb,cn.1&zx=1579369468594 HTTP/1.1
Host: blah

Comments

The offending path is here: https://github.com/golang/go/blob/master/src/net/http/request.go#L560 where as you can see, the r.Host is used first.
I think it would make more sense to have the same behavior as the request in the doc: https://golang.org/pkg/net/http/#Request

    // For client requests, the URL's Host specifies the server to
    // connect to, while the Request's Host field optionally
    // specifies the Host header value to send in the HTTP
    // request.
    URL *url.URL

Which is what the proxy is going to do in direct mode. Use the URI first, then the header if not present.
@ALTree ALTree changed the title Bad host for WriteProxy for HTTP schemes net/http: bad host for WriteProxy for HTTP schemes Feb 3, 2020
@ALTree ALTree added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Feb 3, 2020
@odeke-em odeke-em self-assigned this Feb 5, 2020
@seankhliao
Copy link
Member

seankhliao commented Sep 13, 2021
edited

Duplicate of #16265

@seankhliao seankhliao marked this as a duplicate of #30775 Sep 13, 2021
@seankhliao seankhliao marked this as not a duplicate of #30775 Sep 13, 2021
@seankhliao seankhliao marked this as a duplicate of #16265 Sep 13, 2021
@golang golang locked and limited conversation to collaborators Jun 23, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@tehmoon @ALTree @odeke-em @gopherbot @seankhliao