summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorrayjlinden <42587610+rayjlinden@users.noreply.github.com>2022-01-12 13:24:22 -0800
committerGitHub <noreply@github.com>2022-01-12 14:24:22 -0700
commit850e1605df140a0b52d7bd4c3a1c3567a67699e1 (patch)
tree0f4c3197c4b1587b7fc4bbef429d7314ed26bbcd
parentaf1ac9cd2ecf95deabb194095cf5c5e66ee2fe86 (diff)
caddyhttp: Return HTTP 421 for mismatched Host header (#4023)
Potential fix for #4017 although the consensus is unclear. Made change to return status code 421 instead of 403 when StrictSNIHost matching is on.
-rw-r--r--modules/caddyhttp/server.go2
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/caddyhttp/server.go b/modules/caddyhttp/server.go
index 98fd962..e302c36 100644
--- a/modules/caddyhttp/server.go
+++ b/modules/caddyhttp/server.go
@@ -302,7 +302,7 @@ func (s *Server) enforcementHandler(w http.ResponseWriter, r *http.Request, next
err := fmt.Errorf("strict host matching: TLS ServerName (%s) and HTTP Host (%s) values differ",
r.TLS.ServerName, hostname)
r.Close = true
- return Error(http.StatusForbidden, err)
+ return Error(http.StatusMisdirectedRequest, err)
}
}
return next.ServeHTTP(w, r)