[Webkit-unassigned] [Bug 155378] New: Webkit sends malformed SNI host names

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri Mar 11 12:58:39 PST 2016 

https://bugs.webkit.org/show_bug.cgi?id=155378

            Bug ID: 155378
           Summary: Webkit sends malformed SNI host names
    Classification: Unclassified
           Product: WebKit
           Version: Other
          Hardware: Other
               URL: https://sni.velox.ch./
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Page Loading
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: bugs.webkit.org.+ at y.st
                CC: beidson at apple.com

To quote a couple specifications:
<https://tools.ietf.org/html/rfc6066#section-3> (SNI)
    "HostName" contains the fully qualified DNS hostname of the server,
    as understood by the client.  The hostname is represented as a byte
    string using ASCII encoding without a trailing dot.

<https://tools.ietf.org/html/rfc7230#section-5.4> (HTTP)
    A client MUST send a Host header field in all HTTP/1.1 request
    messages.  If the target URI includes an authority component, then a
    client MUST send a field-value for Host that is identical to that
    authority component, excluding any userinfo subcomponent and its "@"
    delimiter (Section 2.7.1).

That means that the SNI host name and HTTP Host header do not always match. The SNI host name must never have a trailing dot, but the HTTP Host header must reflect a host name that is identical to the host name of the URI, so if the URI's host has a trailing dot, the HTTP Host header must include that trailing dot.

For example, if the URI of a page is <https://sni.velox.ch./>, the following values should be sent by the Web browser:
SNI host: sni.velox.ch
HTTP host: sni.velox.ch.

However, Webkit sends "sni.velox.ch." as the SNI host name, causing the server to throw an error.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160311/8ee084ff/attachment.html>

More information about the webkit-unassigned mailing list