You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Detlev Beutner <db...@acg-gmbh.de> on 2000/02/10 15:10:55 UTC

mod_jserv/5736: "Client sent malformed Host header" on Servlets

>Number:         5736
>Category:       mod_jserv
>Synopsis:       "Client sent malformed Host header" on Servlets
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    jserv
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Thu Feb 10 06:20:00 PST 2000
>Closed-Date:
>Last-Modified:
>Originator:     dbeutner@acg-gmbh.de
>Release:        1.3.11
>Organization:
apache
>Environment:
JServ 1.1
WinNT 4.0 SP5
JDK 1.2.2
JSDK 2.0
>Description:
Calling servlets via JServ, most times (if a servlet produces this error, it
will produce it every time it is called) they are producing the error
"Client sent malformed Host header" (while JServ.log reports that the servlet
has been initiated successfully).
>How-To-Repeat:
The following class produces the error "Client sent malformed Host header"
in all four frames - that means also in the clean html-frames (there is one
jsp-frame, but this is not responsible for the error).

<------------------------------------------------------------------------------<

import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;

public class ListeServlet extends HttpServlet {

  public void init(ServletConfig config) throws ServletException {
    super.init(config);
  }


	public void destroy(){
		super.destroy();
	}

  
  public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    String sLocalHost = "http://"+request.getServerName()+"/";
    String sLocalLocal = new String();
    sLocalLocal = sLocalHost+"mitarbeit/aktuell/";

    String sGetAll = request.getParameter("getall");
    String sRegion = request.getParameter("Region");
    String sBranche = request.getParameter("Branche");
    String sStichwort = request.getParameter("Stichwort");
    String sVerkn�pfung = request.getParameter("Verknuepfung");

    response.setContentType("text/html");
    response.setHeader("pragma", "no-cache");
    ServletOutputStream out = response.getOutputStream();
    out.print("<HTML><!-- (c)1999 Lighthouse Multimedia GmbH, Darmstadt, 06151/82630, M.R. --><HEAD><TITLE>ACG - Freie Mitarbeit - Aktuelle Projekte</TITLE></HEAD><FRAMESET COLS=\"610,*\" FRAMEBORDER=\"0\" FRAMESPACING=\"0\" BORDER=\"0\"><FRAMESET ROWS=\"59,*,50\" FRAMEBORDER=\"0\" FRAMESPACING=\"0\" BORDER=\"0\">");
    if (sGetAll.equals("false")){
      out.print("<FRAME NAME=\"aktoben\" SRC=\""+sLocalLocal+"aktobengef.htm\" MARGINWIDTH=\"0\" MARGINHEIGHT=\"0\" FRAMESPACING=\"0\" FRAMEBORDER=\"0\" SCROLLING=\"No\" NORESIZE>");
    }
    else{
      out.print("<FRAME NAME=\"aktoben\" SRC=\""+sLocalLocal+"aktobenges.htm\" MARGINWIDTH=\"0\" MARGINHEIGHT=\"0\" FRAMESPACING=\"0\" FRAMEBORDER=\"0\" SCROLLING=\"No\" NORESIZE>");
    }
    out.print("<FRAME NAME=\"liste\" SRC=\""+sLocalLocal+"akthaupt.jsp?getall="+sGetAll+"&Region="+sRegion+"&Branche="+sBranche.replace(' ','_')+"&Stichwort="+sStichwort.replace(' ','_')+"&Verknuepfung="+sVerkn�pfung);
    out.print("\" MARGINWIDTH=\"0\" MARGINHEIGHT=\"0\" FRAMESPACING=\"0\" FRAMEBORDER=\"0\" SCROLLING=\"Auto\" NORESIZE><FRAME NAME=\"aktunten\" SRC=\""+sLocalLocal+"aktunten.htm\" MARGINWIDTH=\"0\" MARGINHEIGHT=\"0\" FRAMESPACING=\"0\" FRAMEBORDER=\"0\" SCROLLING=\"No\" NORESIZE></FRAMESET><FRAME NAME=\"aktrechts\" SRC=\""+sLocalLocal+"aktrechts.htm\" MARGINWIDTH=\"0\" MARGINHEIGHT=\"0\" FRAMESPACING=\"0\" FRAMEBORDER=\"0\" SCROLLING=\"No\" NORESIZE></FRAMESET><BODY BGCOLOR=\"#FFFFFF\"></BODY></HTML>");
    out.close();
  }
}
>Fix:
This error has not appeared so far. I tested this with 1.3.3 upwards, it works
great with 1.3.9.
>Release-Note:
>Audit-Trail:
>Unformatted:
 [In order for any reply to be added to the PR database, you need]
 [to include <ap...@Apache.Org> in the Cc line and make sure the]
 [subject line starts with the report component and number, with ]
 [or without any 'Re:' prefixes (such as "general/1098:" or      ]
 ["Re: general/1098:").  If the subject doesn't match this       ]
 [pattern, your message will be misfiled and ignored.  The       ]
 ["apbugs" address is not added to the Cc line of messages from  ]
 [the database automatically because of the potential for mail   ]
 [loops.  If you do not include this Cc, your reply may be ig-   ]
 [nored unless you are responding to an explicit request from a  ]
 [developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]