>Number: 5689 >Category: general >Synopsis: malformed Host header >Confidential: no >Severity: critical >Priority: medium >Responsible: apache >State: open >Class: sw-bug >Submitter-Id: apache >Arrival-Date: Wed Feb 02 21:50:01 PST 2000 >Closed-Date: >Last-Modified: >Originator: [EMAIL PROTECTED] >Release: 1.3.11 >Organization: apache >Environment: WindowsNT local area using >Description: ---client request--- GET / HTTP/1.0 Referer: Connection: Keep-Alive User-Agent: Mozilla/4.01 [ja] (Win95; I) Host: P_svr Accept: */* Accept-Language: ja Accept-Charset: iso-8859-1,*,utf-8
---server response--- HTTP/1.1 200 OK Date: Thu, 03 Feb 2000 05:24:51 GMT Server: Apache/1.3.9 (Win32) Last-Modified: Mon, 10 May 1999 14:30:48 GMT ETag: "0-11b5-3736ed98" Accept-Ranges: bytes Content-Length: 4533 Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html . . . OK ---client request--- GET / HTTP/1.0 Referer: Connection: Keep-Alive User-Agent: Mozilla/4.01 [ja] (Win95; I) Host: P_svr Accept: */* Accept-Language: ja Accept-Charset: iso-8859-1,*,utf-8 ---server response--- HTTP/1.1 400 Bad Request Date: Thu, 03 Feb 2000 05:31:01 GMT Server: Apache/1.3.11 (Win32) Connection: close Content-Type: text/html <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <HTML><HEAD> <TITLE>400 Bad Request</TITLE> </HEAD><BODY> <H1>Bad Request</H1> Your browser sent a request that this server could not understand.<P> Client sent malformed Host header<P> <HR> <ADDRESS>Apache/1.3.11 Server at P_svr Port 80</ADDRESS> </BODY></HTML> . . . why? >How-To-Repeat: none >Fix: none >Release-Note: >Audit-Trail: >Unformatted: [In order for any reply to be added to the PR database, you need] [to include <[EMAIL PROTECTED]> in the Cc line and make sure the] [subject line starts with the report component and number, with ] [or without any 'Re:' prefixes (such as "general/1098:" or ] ["Re: general/1098:"). If the subject doesn't match this ] [pattern, your message will be misfiled and ignored. The ] ["apbugs" address is not added to the Cc line of messages from ] [the database automatically because of the potential for mail ] [loops. If you do not include this Cc, your reply may be ig- ] [nored unless you are responding to an explicit request from a ] [developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]
