Ensure we include the port when parsing authority #2242
Conversation
|
Hey @bouk long time no see! (we worked together very briefly a few years ago) What a coincidence that you would open your first PR here just before I open my first PR :) One suggestion I have here is to add a test case to validate the split you are doing on |
|
Hey @waynr! Good suggestion, added another test case |
|
Added it to the changelog |
|
maybe also add a link to the rfc in the code comment ? https://www.rfc-editor.org/rfc/rfc9110.html#name-host-and-authority |
bouk
force-pushed
the
bouk/extract-host-from-uri-port
branch
from
3c141be to
ed7d490
Compare
|
I've rebased to latest main and updated the comment to link to the RFC |
axum/src/extract/host.rs
Outdated
| let mut parts = Request::new(()).into_parts().0; | ||
| parts.uri = "https://127.0.0.1:1234/image.jpg".parse().unwrap(); | ||
| let host = Host::from_request_parts(&mut parts, &()).await.unwrap(); | ||
| assert_eq!(host.0, "127.0.0.1:1234"); | ||
|
|
||
| parts.uri = "http://cool:user@[::1]:456/file.txt".parse().unwrap(); | ||
| let host = Host::from_request_parts(&mut parts, &()).await.unwrap(); | ||
| assert_eq!(host.0, "[::1]:456"); |
There was a problem hiding this comment.
Why did you completely rewrite this example to not use the test client?
There was a problem hiding this comment.
I've re-introduced the test client in e4a109e
|
@bouk would you have time to address the comments and rebase your changes? If not, I can take over. |
|
@yanns I don't, feel free to take over this PR |
|
@jplatte the PR is ready for review again |
axum/CHANGELOG.md
Outdated
| @@ -7,6 +7,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 | |||
|
|
|||
| # Unreleased | |||
|
|
|||
| - **fixed:** Include port number when parsing authority ([#2242]) | |||
There was a problem hiding this comment.
This should be in axum-extra's changelog, no? Also, it should mention that this affects the Host extractor, it's currently very hard to tell what this is about.
There was a problem hiding this comment.
true, the merge moved the files into axum-extra, but not the changelog :) good catch!
Motivation
The 'Host' header should include the port number. When extracting the host from
uriwe useuri.host()however, which strips off the port number to only include the hostname.The existing test also didn't test the right thing, because the request would still include a Host header—it's added automatically by
hyperand there's no way to turn that off from reqwest.Solution
Re-implement the authority parsing method directly. This code is copied from the
httpcrate, just without the port stripping: https://github.com/hyperium/http/blob/1a04e715f49c9ac3fe8195583e8c9959cbd368d3/src/uri/authority.rs#L487-L505