https://redmine.lighttpd.net/https://redmine.lighttpd.net/favicon.ico?13667327412018-04-29T11:49:16Zlighty labsLighttpd - Feature #2885: Log error if Host name is illegal (e.g. contains an underscore)https://redmine.lighttpd.net/issues/2885?journal_id=114282018-04-29T11:49:16Zstbuehler
<ul></ul><p>There is <code>debug.log-request-header-on-error = "enable"</code>, although it's not clear to me why a separate debug flag is used for this; <code>debug.log-request-handling</code> should include this imho.</p>
<p>Also the error is very generic: "<code>Invalid Hostname -> 400</code>" - this could be improved.</p> Lighttpd - Feature #2885: Log error if Host name is illegal (e.g. contains an underscore)https://redmine.lighttpd.net/issues/2885?journal_id=114322018-04-29T12:41:43Zgstrauss
<ul><li><strong>Category</strong> deleted (<del><i>core</i></del>)</li><li><strong>Status</strong> changed from <i>New</i> to <i>Wontfix</i></li><li><strong>Target version</strong> deleted (<del><i>1.4.x</i></del>)</li></ul><p>Please see comments in <a class="external" href="https://redmine.lighttpd.net/boards/2/topics/8013">https://redmine.lighttpd.net/boards/2/topics/8013</a></p> Lighttpd - Feature #2885: Log error if Host name is illegal (e.g. contains an underscore)https://redmine.lighttpd.net/issues/2885?journal_id=114332018-04-29T12:50:24Zgstrauss
<ul></ul><p>stbuehler: <code>debug.log-request-header-on-error</code> has been around since the first commit to lighttpd 1.4 branch back in 2005: <a class="changeset" title="moved everything below trunk/ and added branches/ and tags/ git-svn-id: svn://svn.lighttpd.net/..." href="https://redmine.lighttpd.net/projects/lighttpd/repository/14/revisions/bcdc6a3bbcde8e66da41aa2311642e53f4fc7c9b">bcdc6a3b</a></p> Lighttpd - Feature #2885: Log error if Host name is illegal (e.g. contains an underscore)https://redmine.lighttpd.net/issues/2885?journal_id=114342018-04-29T13:03:06Zstbuehler
<ul></ul><p>gstrauss wrote:</p>
<blockquote>
<p>stbuehler: <code>debug.log-request-header-on-error</code> has been around since the first commit to lighttpd 1.4 branch back in 2005: <a class="changeset" title="moved everything below trunk/ and added branches/ and tags/ git-svn-id: svn://svn.lighttpd.net/..." href="https://redmine.lighttpd.net/projects/lighttpd/repository/14/revisions/bcdc6a3bbcde8e66da41aa2311642e53f4fc7c9b">bcdc6a3b</a></p>
</blockquote>
<p>Doesn't mean it was a good idea or has to stay that way; we both didn't think about it when reading the config in the forum.</p>
<p>Also the debug output could certainly be improved; I think printing the invalid hostname and the reason why it is considered invalid would be helpful.</p> Lighttpd - Feature #2885: Log error if Host name is illegal (e.g. contains an underscore)https://redmine.lighttpd.net/issues/2885?journal_id=114352018-04-29T13:29:35Zgstrauss
<ul></ul><blockquote>
<p>we both didn't think about it when reading the config in the forum.</p>
</blockquote>
<p>That's only because he <strong>corrupted</strong> his own detailed error report, posting <code>$HTTP["host"] == "myhost.lan"</code> instead of arachne_nova.lan (until a subsequent post)</p>
<p>I posted on IRC to you with the suggestion that maybe <code>debug.log-request-handling = "enable"</code> should enable <code>debug.log-request-header-on-error</code>. I do think this additional trace info should be with <code>debug.log-request-header-on-error</code> since the error is with the headers, so you likely need both headers and error message for complete context.</p> Lighttpd - Feature #2885: Log error if Host name is illegal (e.g. contains an underscore)https://redmine.lighttpd.net/issues/2885?journal_id=114392018-05-01T12:22:17Zbwechner
<ul></ul><p>stbuehler wrote:</p>
<blockquote>
<p>Doesn't mean it was a good idea or has to stay that way; we both didn't think about it when reading the config in the forum.</p>
<p>Also the debug output could certainly be improved; I think printing the invalid hostname and the reason why it is considered invalid would be helpful.</p>
</blockquote>
<p>Agreed. I think there's room to improve the feedback here.</p>
<p>gstrauss wrote:</p>
<blockquote>
<p>That's only because he <strong>corrupted</strong> his own detailed error report, posting <code>$HTTP["host"] == "myhost.lan"</code> instead of arachne_nova.lan (until a subsequent post)</p>
</blockquote>
<p>True, but that doesn't invalidate the experience or that the refusal to respond to the invalid host name is a fatal error that should be logged IMHO with some clarification when it happens regardless of the log configs. It's likely to almost never happen, but when it does, helpful output that leads to resolution autonomously within minutes is pretty desirable.</p> Lighttpd - Feature #2885: Log error if Host name is illegal (e.g. contains an underscore)https://redmine.lighttpd.net/issues/2885?journal_id=114402018-05-01T12:35:57Zstbuehler
<ul></ul><p>bwechner wrote:</p>
<blockquote>
<p>[...], but that doesn't invalidate the experience or that the refusal to respond to the invalid host name is a fatal error that should be logged IMHO with some clarification when it happens regardless of the log configs. It's likely to almost never happen, but when it does, helpful output that leads to resolution autonomously within minutes is pretty desirable.</p>
</blockquote>
<p>As gstrauss wrote in the forum:</p>
<blockquote>
<p>Bad requests happen all the time on publicly facing servers. Do you run a high-capacity site that would lend some weight to that opinion of yours? tldr: You must enable the extra diagnostics if you want all that noise in your error log.</p>
</blockquote>
<p>I fully agree with that statement; in general a server should imho only log things as error that indicate problems on the server, not on the client. It would be nice though if we had one debug flag to log all errors related to clients (bad requests, bad ssl stuff, connection aborts, timeouts, auth, ...); there shouldn't be more than one message per request generated this way though.</p> Lighttpd - Feature #2885: Log error if Host name is illegal (e.g. contains an underscore)https://redmine.lighttpd.net/issues/2885?journal_id=114412018-05-02T03:06:44Zbwechner
<ul></ul><p>stbuehler wrote:</p>
<blockquote>
<p>bwechner wrote:</p>
<blockquote>
<p>[...], but that doesn't invalidate the experience or that the refusal to respond to the invalid host name is a fatal error that should be logged IMHO with some clarification when it happens regardless of the log configs. It's likely to almost never happen, but when it does, helpful output that leads to resolution autonomously within minutes is pretty desirable.</p>
</blockquote>
<p>As gstrauss wrote in the forum:</p>
<blockquote>
<p>Bad requests happen all the time on publicly facing servers. Do you run a high-capacity site that would lend some weight to that opinion of yours? tldr: You must enable the extra diagnostics if you want all that noise in your error log.</p>
</blockquote>
<p>I fully agree with that statement; in general a server should imho only log things as error that indicate problems on the server, not on the client. It would be nice though if we had one debug flag to log all errors related to clients (bad requests, bad ssl stuff, connection aborts, timeouts, auth, ...); there shouldn't be more than one message per request generated this way though.</p>
</blockquote>
<p>But surely if the host name is malformed the request never reaches the server? The instances where a malformed hostname reaches the server are surely very few, or? Am curious. I have found this one instance, where a DNS accepts _ in the host name, which is not valid. Given it's not valid, are there really lots of doamins out there with _ in them? Recalling that it is only names that a DNS supports that are not legal, that will ever reach the server, or?</p>