0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2024-12-30 22:34:15 -05:00

caddyhttp: Return HTTP 421 for mismatched Host header (#4023)

Potential fix for #4017 although the consensus is unclear.

Made change to return status code 421 instead of 403 when StrictSNIHost matching is on.
This commit is contained in:
rayjlinden 2022-01-12 13:24:22 -08:00 committed by GitHub
parent af1ac9cd2e
commit 850e1605df
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -302,7 +302,7 @@ func (s *Server) enforcementHandler(w http.ResponseWriter, r *http.Request, next
err := fmt.Errorf("strict host matching: TLS ServerName (%s) and HTTP Host (%s) values differ",
r.TLS.ServerName, hostname)
r.Close = true
return Error(http.StatusForbidden, err)
return Error(http.StatusMisdirectedRequest, err)
}
}
return next.ServeHTTP(w, r)