You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2019/09/18 08:34:18 UTC
[Bug 63753] New: unnecessary websocket request host header port
number checking
https://bz.apache.org/bugzilla/show_bug.cgi?id=63753
Bug ID: 63753
Summary: unnecessary websocket request host header port number
checking
Product: Tomcat 9
Version: 9.0.x
Hardware: All
OS: All
Status: NEW
Severity: trivial
Priority: P2
Component: WebSocket
Assignee: dev@tomcat.apache.org
Reporter: jongfighter@gmail.com
Target Milestone: -----
WsWebSocketContainer::createRequestHeaders intends to check whether the port
number is -1 or not.
// Host header
List<String> hostValues = new ArrayList<>(1);
if (port == -1) {
hostValues.add(host);
} else {
hostValues.add(host + ':' + port);
}
However, before createRequestHeaders method is called, the port number is set
to 80 and 443 in connectToServerRecursive method. The value of port cannot be
-1.
if (port == -1) {
if ("ws".equalsIgnoreCase(scheme)) {
port = 80;
} else {
// Must be wss due to scheme validation above
port = 443;
}
}
I think it is side effect of revision 230c1083fd9f10ec50ccd1d15032f2df29e4de2c.
(git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1780109
13f79535-47bb-0310-9956-ffa450edef68). It is better to remove the code.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
[Bug 63753] unnecessary websocket request host header port number
checking
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63753
Mark Thomas <ma...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #1 from Mark Thomas <ma...@apache.org> ---
The original purpose of the code was to include the port in the HTTP host
header if a non-standard port was used. That requirement still exists but the
refactoring to support proxing broke the previous implementation. I have now
fixed this. Thanks for reporting this issue.
Fixed in:
- master for 9.0.27 onwards
- 8.5.x for 8.5.47 onwards
- 7.0.x for 7.0.97 onwards
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org