Uploaded image for project: 'RESTEasy'
  1. RESTEasy
  2. RESTEASY-2300

Blank Host Name still throws exception

    XMLWordPrintable

    Details

      Description

      As initially discussed in RESTEASY-1174 I want to, again, raise the same issue as it still persists in current Version 4.1.1.Final:

      If RESTeasy receives an HTTP request with an empty Host field it will throw an exception. The HTTP 1.1 specification requires the Host entry field to be there and left blank if the hostname is unknown (See: http://tools.ietf.org/html/rfc2616#section-14.23).

      The code in question is (now) in line 310 of org.jboss.resteasy.specimpl.ResteasyUriBuilderImpl:

      @Override
      public UriBuilder host(String host) throws IllegalArgumentException
      {
         if (host != null && host.equals("")) throw new IllegalArgumentException(Messages.MESSAGES.invalidHost());
         this.host = host;
         return this;
      }
      

      To our understanding this is not in conformity with the RFC specification - as, if any, the check should be the other way around:

      if (host == null) throw new IllegalArgumentException(Messages.MESSAGES.invalidHost());
      

      Within the application stack, org.jboss.resteasy.plugins.server.netty.NettyUtil will set a null host to "unknown".

      I do not get the reason why the initial report was closed: Why is reasonable to treat a null host different, i.e. more robust than an empty host name?

      Best regards,
      Roland

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              istudens Ivo Studensky
              Reporter:
              roland.doepke Roland Doepke (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              4 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: