I use my own servlet engine for the vendor product. Our server has different proxies with different host names. Assuming host1.localhost.com and host2.localhost.com .
We have the following servlet
public class MyServlet { public void doGet(...) { response.getOutputStream.write(request.getServerName().getBytes()) } }
We encountered a problem that several times, if we make a request to host1.localhost.com/my/servlet , we see that we actually see host2.localhost.com/my/servlet in the response.
Decompiling the vendor product code showed that their servlet engine caches the host header while the socket is alive.
In an attempt to reproduce the problem, I wrote some low-level socket code to make HTTP requests:
Socket s = new Socket(); s.connect(new InetSocketAddress("host2.localhost.com", 8080)); OutputStream os = s.getOutputStream(); Thread t = new ResponsePrintThread(s.getInputStream()); t.start() os.write("GET /my/servlet/testservlet HTTP/1.1\r\n".getBytes()); os.write("Host: 12345\r\n".getBytes()); os.write("\r\n".getBytes()); os.flush(); os.write("GET /my/serlet/testservlet HTTP/1.1\r\n".getBytes()); os.write("Host: 7891011\r\n".getBytes()); os.write("\r\n".getBytes()); os.flush();
The above text will print
12345 12345
But I would expect
12345 7891011
My question is, does the servlet engine work properly by caching and returning the same host header for the same socket connection, or should it reanalyze the HTTP headers and update the header of the cached host? My thinking is that since HTTP was supposed to be stagnant, so any information in the HTTP request needs to be re-parsed and reloaded, even the host header.
source share