Redirects incorrectly set Location header in response when Host header is set in request
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
When Apache sends a 301 redirect and the Host header in the request has an implicit port, it incorrectly uses the Host header of the request and the port that Apache is running on to set the Location header.
Steps to reproduce:
* Get Apache to serve up a directory with a sub-directory "blah" on a particular port, say, 8080.
* Access the URL "http://
* Note that the Location header in the response is "Location: http://
Expected behaviour:
* A location header that uses the Host header only, rather than combining the Host header and the port Apache is running on.
If the Host header has a port explicitly set, Apache behaves correctly e.g. if the Host header is "Host: example.com:8090", then the Location header in the response is "Location: http://
$ apt-cache policy apache2
apache2:
Installed: 2.2.22-1ubuntu1
Candidate: 2.2.22-1ubuntu1
Version table:
*** 2.2.22-1ubuntu1 0
500 http://
100 /var/lib/
$ lsb_release -rd
Description: Ubuntu 12.04 LTS
Release: 12.04
Changed in apache2 (Ubuntu): | |
status: | New → Fix Released |
It looks like this has been fixed in a later version of Apache -- I've just compiled 2.4.2 from source and it doesn't appear to have the problem.