starlette icon indicating copy to clipboard operation
starlette copied to clipboard
verified publisher icon encode

Validating host header

Open lieryan opened this issue 3 years ago • 0 comments

This is one way this issue could be addressed in Starlette. This basically change the type of the headers value for host to a marker class that inherits from bytes (TrustedHost) once the header is validated by TrustedHostMiddleware. This may cause compatibility issues with middlewares/applications that expects host to be exactly bytes.

There are other approaches this could have been addressed, such as:

  • adding the validation marker into the scope, e.g. scope["host_validated"] = "blah.com"
  • simply validating host against a regex pattern (must only contain characters that are allowed for a domain name), you can still be redirected to an unexpected malicious domain, but at least it would prevent most of the funkier attacks
  • since raising a hard error here is necessarily backwards incompatible, maybe this should just print a warning instead for a few versions

Let me know if you think that another approach should be taken instead.

  • [x] Initially raised as discussion #1854, and ticket #1855

lieryan avatar Sep 12 '22 00:09 lieryan