On 2 Aug 2013, at 20:02, Rizzo, Christopher wrote: > The Apache HTTP server is rejecting the request (with "400 Bad Request") due > to this Hostname value in the header before a registered IPP Apache module > even sees it.
A quick check confirms what you say. > Is it possible to write a hook or filter that would prevent Apache from > rejecting this request and allowing this Hostname Host Header value to pass > thru, or does the Apache base source code need to change for this? This fairly clearly wants a patch to the core code. Its comment suggest it's not trying to be strict, but just to filter out characters that couldn't feature in a Host: header (at the time the code was written) and save having to think about security of filesystem-sensitive characters. > and the Apache code that is logging this error appears to be fix_hostname() > in ./server/vhost.c Yep, that's the one. Looks like the protocol you're using is NOTIMPL. I'd suggest filing a new bug in bugzilla, referencing the protocol you want to support and what characters/patterns should be allowed but are currently blocked. Best chance of getting it dealt with quickly may be if you also supply a patch, but make sure to address the security concerns hinted at in the comments if you do that. You'd also want to move any further discussion to the dev list. -- Nick Kew
