Page MenuHomePhabricator

Properly Set Host Header in Conduit Client
ClosedPublic

Authored by michaeljs1990 on Aug 27 2016, 10:10 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Mar 24, 8:58 PM
Unknown Object (File)
Wed, Mar 20, 10:15 PM
Unknown Object (File)
Sat, Mar 16, 6:51 PM
Unknown Object (File)
Wed, Mar 13, 10:05 PM
Unknown Object (File)
Sun, Mar 10, 2:01 AM
Unknown Object (File)
Feb 6 2024, 8:39 AM
Unknown Object (File)
Feb 6 2024, 8:39 AM
Unknown Object (File)
Feb 6 2024, 8:35 AM
Tokens
"Mountain of Wealth" token, awarded by epriestley.

Details

Summary

The conduit client was not properly setting the Host header according to https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.23 which shows the port being part of the spec and defaults to 80 or 443 depending on the protocol being used if not set.

Q473 contains more background on this than you likely care about but contains all steps to reproduce.

Test Plan

Built a docker container that server phab on port 8080 and tryed to install the cert before and after this patch using the following steps.

  1. Obtain a fresh copy of ubuntu server 14.04 / 16.06 will likely work exactly the same outside of going through a different install process for php5.
  2. sudo apt-get install lighttpd git php5 php5-cgi php5-fpm php5-mysql
  3. mkdir /srv/httpd & cd /srv/httpd
  4. clone arc, libphutil, phab into this directory
  5. modify /etc/lighttpd/lighttpd.conf with the output provided
  6. service lighttpd restart && service lighttpd force-reload
  7. add lightphab.dev to the /etc/hosts file of the computer you want to run arc from.
# lighttpd.conf file

server.modules = (
	"mod_access",
	"mod_alias",
	"mod_compress",
 	"mod_redirect",
        "mod_rewrite",
)

server.document-root        = "/srv/httpd"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/var/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 8080


index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny             = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

compress.cache-dir          = "/var/cache/lighttpd/compress/"
compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

# default listening port for IPv6 falls back to the IPv4 port
## Use ipv6 if available
#include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"

$HTTP["host"] =~ "lightphab.dev:8080" {
  server.document-root = "/srv/httpd/phabricator/webroot"
  url.rewrite-once = (
    "^(/rsrc/.*)$" => "$1",
    "^(/favicon.ico)$" => "$1",
    # This simulates QSA (query string append) mode in Apache
    "^(/[^?]*)\?(.*)" => "/index.php?__path__=$1&$2",
    "^(/.*)$" => "/index.php?__path__=$1",
  )
}

Before this patch you would get the following.

arc install-cert http://lightphab.dev:8080
 CONNECT  Connecting to "http://lightphab.dev:8080/api/"...
Usage Exception: Failed to connect to server (http://lightphab.dev:8080/api/): [HTTP/404] Not Found
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
         "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
  <title>404 - Not Found</title>
 </head>
 <body>
  <h1>404 - Not Found</h1>
 </body>
</html>

After this patch you get this.... Which is actually OK because It's a half setup pabricator server so I could reproduce the issue with lighttpd.

arc install-cert http://lightphab.dev:8080
Usage Exception: Failed to connect to server (http://lightphab.dev:8080/api/): [HTTP/500] Internal Server Error
This install has a fatal setup error, access the web interface to view details and resolve it.

Diff Detail

Repository
rPHU libphutil
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

michaeljs1990 retitled this revision from to Properly Set Host Header in Conduit Client.
michaeljs1990 updated this object.
michaeljs1990 edited the test plan for this revision. (Show Details)
michaeljs1990 added reviewers: epriestley, chad.
michaeljs1990 added subscribers: gracicot, avivey.
michaeljs1990 edited edge metadata.
epriestley edited edge metadata.

Thanks for hunting this down! I think your analysis is correct.

This revision is now accepted and ready to land.Aug 29 2016, 4:27 PM
This revision was automatically updated to reflect the committed changes.

Interestingly, I can't see the contents of this diff... I just see "No data available" under "Revision Contents" and nothing under "Diff 39613".

Looks like a minor deploy issue. I'm going to see if I can manually fix this with bin/differential attach in a moment.

This revision was automatically updated to reflect the committed changes.Aug 30 2016, 2:39 PM
ubuntu@secure001:/core$ /core/lib/phabricator/bin/differential attach-commit rPHU491ebc74d816dbe2fc8bbbbc992e8a14f8c613be D16464
Attached "rPHU491ebc74d816dbe2fc8bbbbc992e8a14f8c613be" to "D16464".

Seems OK.

The css was fine when packaged, just broken when not.