-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 André,
On 5/18/2011 9:53 AM, André Warnier wrote: > But if we refer to Konstantin's earlier post, Tomcat would > nevertheless pick up that port, and pass it to the webapp/context (as > a request attribute ?). It's stored in the request object, available via the ServletRequest.getServerPort method. One could argue that the port number should be set to that which was user to actually receive the request as opposed to that which was specified in the Host header, but you have to think about things from the client's perspective. Hassan's introduction of a proxy server into the drives this point home: if the proxy listens on port 80 but the back-end server listens on port 1234, then setting the "local port" to 1234 might seriously confuse the software into producing a URL that might look like this: http://somehost:1234/a/file Since the client is probably expecting to go through the proxy to get to the back-end server (that is, the client has no knowledge of any proxying), the use of port 1234 is inappropriate. Instead, port 80 (or, in this case, none) is more appropriate. That's why Tomcat takes the port number from the Host header and not from the HTTP connection's socket information. Oh, and it's documented to do so in the Servlet API javadocs :) > So in fact this raises the question of what > Tomcat would do if the request looked like this : > > GET / HTTP/1.1 > Host: stimpy:9999 > > Would Tomcat pick up this fake port number and pass it to the > context anyway, although it has nothing to do with the actual port > onto which Tomcat listened for that request ? Yes. > Yes, but if you are developing something for HTTP, you are supposed to > know and abide by > the relevant RFCs. > Ignorance is not an excuse here. I'd like to see where it says that the port-of-receipt (1234 in my example above) shall be the "official port number" of the HTTP conversation. Can you point me to the right place in the RFC? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3T7ecACgkQ9CaO5/Lv0PDhXgCgm+oge99FLWiO/6iQCCxJ/tvZ HvAAn2T5EaG1l3CA5s3G3HEhlnAjFsKd =LU70 -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
