RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 7230, "Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing", June 2014

Source of RFC: httpbis (app)

Errata ID: 5216
Status: Rejected
Type: Technical

Reported By: Jingcheng Zhang
Date Reported: 2017-12-25
Rejected by: Alexey Melnikov
Date Rejected: 2018-07-26

Section 5.4. says:

A client MUST send a Host header field in all HTTP/1.1 request
messages.  If the target URI includes an authority component, then a
client MUST send a field-value for Host that is identical to that
authority component, excluding any userinfo subcomponent and its "@"
delimiter (Section 2.7.1).  If the authority component is missing or
undefined for the target URI, then a client MUST send a Host header
field with an empty field-value.

It should say:

A client MUST send a Host header field in all HTTP/1.1 request
messages.  If the target URI includes an authority component, then a
client MUST send a field-value for Host that is identical to that
authority component, excluding any userinfo subcomponent and its "@"
delimiter (Section 2.7.1).  If the authority component is missing or
undefined for the target URI, then a recipient MUST reject this
request.

Notes:

First,

If the target URI includes an authority component, then a
client MUST send a field-value for Host that is identical to that
authority component.

Secondly, section 2.7.1 said:

A sender MUST NOT generate an "http" URI with an empty host
identifier. A recipient that processes such a URI reference MUST
reject it as invalid.

So a recipient MUST reject a request with empty authority.
--VERIFIER NOTES--
As per Roy T. Fielding: Reject. A target URI can be any URI scheme.

Report New Errata