disabling it is probably not what you actually want. https://www.linkedin.com/pulse/host-header-injection-depth-utkarsh-tiwari
but we can improve it and that is the noted jira. we can do 1.6.0 voting anytime. ill discuss that on dev. thanks joe On Feb 16, 2018 8:50 AM, "Dênis Vilela" <[email protected]> wrote: > I think it will work only with https. > > On 16 Feb 2018, at 11:46, Sean Marciniak <[email protected]> wrote: > > What would be amazing is the ability to disable host header checks. Is > this feature in there? > > On Fri, Feb 16, 2018 at 1:08 PM, Dênis Vilela <[email protected]> > wrote: > >> Hello, Sean! >> >> Did you see https://issues.apache.org/jira/browse/NIFI-4761?src=confmacro >> and https://github.com/apache/nifi/pull/2427/files? I think they will >> fix this problem in the next Release. >> >> Cheers >> >> On 16 Feb 2018, at 11:03, Sean Marciniak <[email protected]> wrote: >> >> Hi Mike, >> >> I have set the `wifi.web.http.host` to be equals to the vm’s public IP >> address and it fails to bind according to the stack trace. >> >> 2018-02-16 12:59:07,684 WARN [main] org.apache.nifi.web.server.JettyServer >> Failed to start web server... shutting down. >> java.net.BindException: Cannot assign requested address >> at sun.nio.ch.Net.bind0(Native Method) >> at sun.nio.ch.Net.bind(Net.java:433) >> at sun.nio.ch.Net.bind(Net.java:425) >> at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelI >> mpl.java:223) >> at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor. >> java:74) >> at org.eclipse.jetty.server.ServerConnector.open(ServerConnecto >> r.java:298) >> at org.eclipse.jetty.server.AbstractNetworkConnector.doStart(Ab >> stractNetworkConnector.java:80) >> at org.eclipse.jetty.server.ServerConnector.doStart(ServerConne >> ctor.java:236) >> at org.eclipse.jetty.util.component.AbstractLifeCycle.start( >> AbstractLifeCycle.java:68) >> at org.eclipse.jetty.server.Server.doStart(Server.java:431) >> at org.eclipse.jetty.util.component.AbstractLifeCycle.start( >> AbstractLifeCycle.java:68) >> at org.apache.nifi.web.server.JettyServer.start(JettyServer.jav >> a:798) >> at org.apache.nifi.NiFi.<init>(NiFi.java:160) >> at org.apache.nifi.NiFi.main(NiFi.java:268) >> 2018-02-16 12:59:07,687 INFO [Thread-1] org.apache.nifi.NiFi Initiating >> shutdown of Jetty web server... >> 2018-02-16 12:59:07,692 INFO [Thread-1] >> o.eclipse.jetty.server.AbstractConnector >> Stopped ServerConnector@1e9f8705{HTTP/1.1,[http/1.1]}{x.x.x.x:8080} >> 2018-02-16 12:59:07,692 INFO [Thread-1] org.eclipse.jetty.server.session >> Stopped scavenging >> >> Is there anything else that would need to be set? >> >> On 16 February 2018 at 12:46:33 pm, Mike Thomsen ([email protected]) >> wrote: >> >> IP address should work. >> >> On Fri, Feb 16, 2018 at 7:14 AM, Sean Marciniak <[email protected]> wrote: >> Does URL need to be a FQDN? Can it not just accept the host IP address? >> >> >> On 16 February 2018 at 12:13:55 pm, Mike Thomsen ([email protected]) >> wrote: >> >> 1.5 introduced a new property: nifi.web.http.host >> >> Set that to the URL you want to use for accessing it. >> >> On Fri, Feb 16, 2018 at 6:19 AM, Sean Marciniak <[email protected]> wrote: >> Hey team, >> >> I have NiFi running on a standalone VM and I try to directly connect to >> it over http and I get this message: >> >> >> ``` >> System Error >> >> The request contained an invalid host header [x.x.x.x:8080] in the >> request [/]. Check for request manipulation or third-party intercept. >> >> ``` >> I am trying to connect to it using the host machine’s IP address. This >> error has only occurred oncer we had bumped to version 1.5 >> Has there been a regression or is there an issue in progress to solve >> this? >> >> Thank you, >> >> Sean. >> >> >> > > > -- > <https://www.beamery.com/> > > Sean Marciniak > > [email protected] > > > www.beamery.com > > Are you ready for GDPR? *GDPR: The Complete Guide for Recruiting Teams > <https://beamery.com/academy/gdpr-for-recruiting-teams>* > > >
