Re: lower casing host names

On Dec 30, 2011, at 7:18 AM, Daniel Stenberg wrote:

> Hi friends,
> 
> I've walked into an issue I just wanted to bring here for attention and possibly some feedback.
> 
> A curl user noticed that when he reqeusted a URI with a mixed case host name, the site would redirect to the same host name with all letters in lower case. (And since curl would re-use the same connection and the same Host: header it resent the same mixed case request that again gets redirected... and it turns into a nice loop.)
> 
> I consider treating the host name differently only based on different casing a protocol violation of the target server/software in question, but curious about this I tried out chrome and firefox to see how they handle this case.
> 
> It turns out both browsers always unconditionally lower case the host name in URIs so they never send HTTP requests with mixed case.

That's new, I guess.  Mixed case used to be common.

> Why do they do this? Is this behavior of treating names differently based on
> case common? If so, should httpbis mention it?

It is an attempt to reduce the number of resource aliases and thus improve
cache reuse, SEO, etc.  It is a common use case for mod_rewrite.

> Unfortunately this will now also push curl towards this behavior. We haven't yet decided how to act, but forcibly lowercasing made it work fine against this particular host where this issue arose...

Why don't you send the correct Host header field on the second request?
Host is an attribute of the request URI, not the connection, so I'd have
to say the behavior of curl in sending the same Host header field after
the redirect from the client is wrong.

I would not do the lowercasing that those browsers do, since it will run
afoul of vanity host sites that do want to insist on mixed-cased domains
and would interfere with using curl as a testing tool.

....Roy

Received on Friday, 30 December 2011 18:40:44 UTC