[
https://issues.apache.org/jira/browse/HTTPCLIENT-1744?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15293058#comment-15293058
]
Oleg Kalnichevski commented on HTTPCLIENT-1744:
-----------------------------------------------
Input parameters should be validated and normalized by public methods whose
input the library has no control over. In case of DefaultHostnameVerifier
argument validation and normalization should most likely be done by #verify
methods.
Oleg
> code treats domain names or hostnames case sensitive. This will cause
> verification to fail because FQDN are case insensitive.
> -----------------------------------------------------------------------------------------------------------------------------
>
> Key: HTTPCLIENT-1744
> URL: https://issues.apache.org/jira/browse/HTTPCLIENT-1744
> Project: HttpComponents HttpClient
> Issue Type: Bug
> Components: HttpClient, HttpConn
> Affects Versions: 4.5.1, 4.5.2, 5.0 Alpha1
> Reporter: James Kelley
>
> in class DefaultHostnameVerifier in the method static boolean
> matchDomainRoot(final String host, final String domainRoot); and maybe else
> where the code treats domain names or hostnames case sensitive. This will
> cause verification to fail because FQDN are case insensitive.
> host.endsWith(domainRoot)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
