lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index] 

The new RFC (7230) says very clearly:

> A client MUST send a Host header field in all HTTP/1.1 request
> messages.  If the target URI includes an authority component, then a
> client MUST send a field-value for Host that is identical to that
> authority component, excluding any userinfo subcomponent and its "@"
> delimiter (Section 2.7.1).  If the authority component is missing or
> undefined for the target URI, then a client MUST send a Host header
> field with an empty field-value.

What this means is that if the user writes:

    http.request("http://www.example.com:80";)

then the Host header must be: www.example.com:80

If the user writes:

    http.request("http://foo:bar@example.com/baz";)

then the Host header must be: example.com

This RFC was not out when I wrote that patch, otherwise
I would have implemented it this way, which is what Diego
proposes to do now. It solves the problem, in that if you
are dealing with a webserver that does not accept some
form of the header you can just change the URL. (Note:
even with LuaSocket as it is now you can always specify
the Host header manually as a temporary fix).

The only problematic case would be URIs that do not include
an authority part, but I think those are invalid for use with
the LuaSocket API anyway.

-- 
Pierre Chapuis