Authority (host:port) not acessible when using HTTP/2Β #24420
Description
A note for the community
- Please vote on this issue by adding a π reaction to the original issue to help the community and maintainers prioritize this request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Problem
In the http_server source, the hostname and port from the URL is not accessible when HTTP/2 is used. HTTP/2 puts the hostname and port in the :authority pseudo-header, not in the Host header.
In the config.yaml file below, the http source tries to include the host header in the log event, and also use the host header in the authentication logic. This works with HTTP/1.1, but not HTTP/2.
When running vector locally with the config.yaml below:
- This works:
curl localhost:8080 -d '{"foo":"bar"}' - This doesn't:
curl --http2-prior-knowledge localhost:8080 -d '{"foo":"bar"}'
Configuration
sources:
http_server:
type: http_server
address: 0.0.0.0:8080
method: POST
headers:
- host
auth:
strategy: custom
source: |-
.headers.host == "localhost:8080"
sinks:
console:
type: console
inputs:
- http_server
encoding:
codec: json
Version
vector 0.53.0 (aarch64-apple-darwin)
Debug Output
Example Data
No response
Additional Context
Warp makes the host available via the warp::host::optional() filter. This transparently handles all the places where the host:port could be found:
Hostheader in HTTP/1.1:authoritypsedo-header in HTTP/2- absoluteURIs in HTTP/1.1 request line (should only be used with proxies, but RFC 2616 sec 5.1.2 says that all servers should handle this case).
I suspect the best way forward is to put the result from warp::host::optional() into the Host header since that it most likely where existing vector.dev deployments will look for it.
Faking one of the headers feels a little hacky though, so an alternative would be to turn this into a feature, and make the authority available separately in all places that might need it.
References
No response