Safari mal-forms IPv6 addresses in HTTP HOST header
| Originator: | derek.morr.test | ||
| Number: | rdar://7015651 | Date Originated: | 29-Jun-2009 11:28 AM |
| Status: | Open | Resolved: | |
| Product: | Safari | Product Version: | 4.x |
| Classification: | Serious Bug | Reproducible: | Always |
29-Jun-2009 11:28 AM Derek Morr: Summary: When connecting to an HTTP server over IPv6, if an IPv6 literal address is used, Safari mal-forms the HTTP 1.1 Host header. This can break certain web sites. The problem is exacerbated if a non-standard TCP port is used, such as 8080. Steps to Reproduce: 1) Ensure that IPv6 is enabled. OS X enables it default. 2) Open Safari, connect to an IPv6-reachable web site via its literal address. For example, http://[2001:200::8002:203:47ff:fea5:3085]/ for www.kame.net Expected Results: The HTTP 1.1 Host header should include brackets around a literal address (the so-called RFC 2732 style). In the example above, the Host header should be this: Host: [2001:200:0:8002:203:47ff:fea5:3085]\r\n Actual Results: The Host header is this: Host: 2001:200:0:8002:203:47ff:fea5:3085\r\n Regression: Not technically a regression, but FireFox, IE and Opera all properly format the header. Notes: Our University is part of Google's IPv6 pilot program (see http://www.google.com/ipv6). This bug broke Google's "Cached" links when accessing Google over IPv6 using Safari 3.2.x and 4.0 on Windows and Mac OS X. Google has since fixed the problem by liberalizing their parser, but the issue should be fixed in the browser as well. If a non-standard port is used, such as 8080, this problem is made worse. This is what Safari 4.0 will send: When connecting to: http://[2610:8:6800:1::408]:8080/~dvm105/ It sends: Host: 2610:8:6800:1::408:8080 This header is ambiguous. The parser has no clear way to tell if "8080" is part of the address or a port number. Although RFC 2732 applies to URLs not the Host header, its syntax should be adopted in Safari, as it has been for other browsers. If desired, I can send packet captures for any of the above sites, platforms and browser combinations. 12-Aug-2009 05:48 PM Derek Morr: This appears to be fixed on OS X as of 4.0.3. It still appears on the Windows builds, however. 20-Aug-2009 06:49 PM KIT CHEUNG : Engineering has provided the following feedback regarding this issue: Yes, we have a completely separate CFURL on windows. 21-Aug-2009 04:18 PM KIT CHEUNG : Engineering has provided the following feedback regarding this issue: We have a completely separate CFURL on windows.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!