Wasmtime GitHub notifications bot (Apr 22 2024 at 12:56): Wasmtime GitHub notifications bot (Apr 22 2024 at 12:56):lann opened issue #8430:
The outbound HTTP implementation will add a default port to the URI authority if not present:
As reported on Zulip and as a Spin issue, this causes breakage with AWS signed requests, which include the exact host header value in the signature payload.
I believe the current behavior is incorrect. Per the HTTP/1.1 spec:
If the target URI includes an authority component, then a client MUST send a field value for Host that is identical to that authority component
Wasmtime GitHub notifications bot (Apr 22 2024 at 17:41):alexcrichton commented on issue #8430:
cc @elliottt
Wasmtime GitHub notifications bot (Apr 22 2024 at 18:38):lann edited issue #8430:
The outbound HTTP implementation will add a default port to the URI authority if not present:
As reported on Zulip and as a Spin issue, this causes breakage with AWS signed requests, which include the exact host header value in the signature payload.
I believe the current behavior is incorrect. Per the HTTP/1.1 spec:
If the target URI includes an authority component, then a client MUST send a field value for Host that is identical to that authority component
Wasmtime GitHub notifications bot (May 06 2024 at 22:41):alexcrichton closed issue #8430:
The outbound HTTP implementation will add a default port to the URI authority if not present:
As reported on Zulip and as a Spin issue, this causes breakage with AWS signed requests, which include the exact host header value in the signature payload.
I believe the current behavior is incorrect. Per the HTTP/1.1 spec:
If the target URI includes an authority component, then a client MUST send a field value for Host that is identical to that authority component
Last updated: Oct 23 2024 at 20:03 UTC