Properly Set Host Header in Conduit Client


Properly Set Host Header in Conduit Client

The conduit client was not properly setting the Host header according to https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.23 which shows the port being part of the spec and defaults to 80 or 443 depending on the protocol being used if not set.

Q473 contains more background on this than you likely care about but contains all steps to reproduce.

Test Plan:
Built a docker container that server phab on port 8080 and tryed to install the cert before and after this patch using the following steps.

  1. Obtain a fresh copy of ubuntu server 14.04 / 16.06 will likely work exactly the same outside of going through a different install process for php5.
  2. sudo apt-get install lighttpd git php5 php5-cgi php5-fpm php5-mysql
  3. mkdir /srv/httpd & cd /srv/httpd
  4. clone arc, libphutil, phab into this directory
  5. modify /etc/lighttpd/lighttpd.conf with the output provided
  6. service lighttpd restart && service lighttpd force-reload
  7. add lightphab.dev to the /etc/hosts file of the computer you want to run arc from.
# lighttpd.conf file

server.modules = (

server.document-root        = "/srv/httpd"
server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
server.errorlog             = "/var/log/lighttpd/error.log"
server.pid-file             = "/var/run/lighttpd.pid"
server.username             = "www-data"
server.groupname            = "www-data"
server.port                 = 8080

index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny             = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

compress.cache-dir          = "/var/cache/lighttpd/compress/"
compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )

# default listening port for IPv6 falls back to the IPv4 port
## Use ipv6 if available
#include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"

$HTTP["host"] =~ "lightphab.dev:8080" {
  server.document-root = "/srv/httpd/phabricator/webroot"
  url.rewrite-once = (
    "^(/rsrc/.*)$" => "$1",
    "^(/favicon.ico)$" => "$1",
    # This simulates QSA (query string append) mode in Apache
    "^(/[^?]*)\?(.*)" => "/index.php?__path__=$1&$2",
    "^(/.*)$" => "/index.php?__path__=$1",

Before this patch you would get the following.

arc install-cert http://lightphab.dev:8080
 CONNECT  Connecting to "http://lightphab.dev:8080/api/"...
Usage Exception: Failed to connect to server (http://lightphab.dev:8080/api/): [HTTP/404] Not Found
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
  <title>404 - Not Found</title>
  <h1>404 - Not Found</h1>

After this patch you get this.... Which is actually OK because It's a half setup pabricator server so I could reproduce the issue with lighttpd.

arc install-cert http://lightphab.dev:8080
Usage Exception: Failed to connect to server (http://lightphab.dev:8080/api/): [HTTP/500] Internal Server Error
This install has a fatal setup error, access the web interface to view details and resolve it.

Reviewers: chad, Blessed Reviewers, epriestley

Reviewed By: Blessed Reviewers, epriestley

Subscribers: avivey, Korvin, gracicot, yelirekim

Differential Revision: https://secure.phabricator.com/D16464


michaeljs1990Authored on Aug 29 2016, 4:34 PM
industryPushed on Aug 29 2016, 4:34 PM
Blessed Reviewers
Differential Revision
D16464: Properly Set Host Header in Conduit Client
rPHU5fd1af8b4f2b: Sanitize UTF8 more aggressively to satisfy json_encode()
Build Status
Buildable 13488
Build 17346: Run Core Tests