RFC Errata
RFC 7230, "Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing", June 2014
Note: This RFC has been obsoleted by RFC 9110, RFC 9112
Note: This RFC has been updated by RFC 8615
Source of RFC: httpbis (wit)
Errata ID: 5216
Status: Rejected
Type: Technical
Publication Format(s) : TEXT
Reported By: Jingcheng Zhang
Date Reported: 2017-12-25
Rejected by: Alexey Melnikov
Date Rejected: 2018-07-26
Section 5.4. says:
A client MUST send a Host header field in all HTTP/1.1 request messages. If the target URI includes an authority component, then a client MUST send a field-value for Host that is identical to that authority component, excluding any userinfo subcomponent and its "@" delimiter (Section 2.7.1). If the authority component is missing or undefined for the target URI, then a client MUST send a Host header field with an empty field-value.
It should say:
A client MUST send a Host header field in all HTTP/1.1 request messages. If the target URI includes an authority component, then a client MUST send a field-value for Host that is identical to that authority component, excluding any userinfo subcomponent and its "@" delimiter (Section 2.7.1). If the authority component is missing or undefined for the target URI, then a recipient MUST reject this request.
Notes:
First,
If the target URI includes an authority component, then a
client MUST send a field-value for Host that is identical to that
authority component.
Secondly, section 2.7.1 said:
A sender MUST NOT generate an "http" URI with an empty host
identifier. A recipient that processes such a URI reference MUST
reject it as invalid.
So a recipient MUST reject a request with empty authority.
--VERIFIER NOTES--
As per Roy T. Fielding: Reject. A target URI can be any URI scheme.