diff options
author | rayjlinden <42587610+rayjlinden@users.noreply.github.com> | 2022-01-12 13:24:22 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-01-12 14:24:22 -0700 |
commit | 850e1605df140a0b52d7bd4c3a1c3567a67699e1 (patch) | |
tree | 0f4c3197c4b1587b7fc4bbef429d7314ed26bbcd | |
parent | af1ac9cd2ecf95deabb194095cf5c5e66ee2fe86 (diff) |
caddyhttp: Return HTTP 421 for mismatched Host header (#4023)
Potential fix for #4017 although the consensus is unclear.
Made change to return status code 421 instead of 403 when StrictSNIHost matching is on.
-rw-r--r-- | modules/caddyhttp/server.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/caddyhttp/server.go b/modules/caddyhttp/server.go index 98fd962..e302c36 100644 --- a/modules/caddyhttp/server.go +++ b/modules/caddyhttp/server.go @@ -302,7 +302,7 @@ func (s *Server) enforcementHandler(w http.ResponseWriter, r *http.Request, next err := fmt.Errorf("strict host matching: TLS ServerName (%s) and HTTP Host (%s) values differ", r.TLS.ServerName, hostname) r.Close = true - return Error(http.StatusForbidden, err) + return Error(http.StatusMisdirectedRequest, err) } } return next.ServeHTTP(w, r) |