On 30/01/18 15:15, Konstantin Kolinko wrote: > -1. > > Reading the algorithm in Host.parse(Reader), I think that http://610.ru/en/ > and a number of popular Chinese web sites won't pass this validation. > https://www.chinacheckup.com/blogs/articles/chinese-website-names-numbers > > https://domains-index.com/nine-millions-domain-names-just-numbers/
ACK. The host header validation was written from the RFCs. Given that those sites all work, I'm assuming I missed something. Let me go back to the RFCs and figure out what. Once I have done that, I'll update the parser and/or this thread as appropriate. Mark > > Best regards, > Konstantin Kolinko > > > 2018-01-30 16:59 GMT+03:00 <[email protected]>: >> Author: markt >> Date: Tue Jan 30 13:59:11 2018 >> New Revision: 1822644 >> >> URL: http://svn.apache.org/viewvc?rev=1822644&view=rev >> Log: >> Enable strict host/port validation for all connectors. >> >> Modified: >> tomcat/trunk/java/org/apache/coyote/AbstractProcessor.java >> tomcat/trunk/java/org/apache/coyote/ajp/AjpProcessor.java >> tomcat/trunk/java/org/apache/coyote/http11/Http11Processor.java >> tomcat/trunk/java/org/apache/coyote/http11/LocalStrings.properties >> tomcat/trunk/java/org/apache/coyote/http2/LocalStrings.properties >> tomcat/trunk/java/org/apache/coyote/http2/Stream.java >> tomcat/trunk/java/org/apache/tomcat/util/http/parser/Host.java >> tomcat/trunk/webapps/docs/changelog.xml >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
