Add _ to host validation (#372)

amphp · Dec 10, 2024 · 97a40cc · 97a40cc
1 parent c5bad9b
commit 97a40cc
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/src/Driver/Http1Driver.php b/src/Driver/Http1Driver.php
@@ -250,7 +250,7 @@ public function handleClient(
                     throw new ClientException($this->client, "Bad Request: multiple host headers", HttpStatus::BAD_REQUEST);
                 }
 
-                if (!\preg_match("#^([A-Z\d.\-]+|\[[\d:]+])(?::([1-9]\d*))?$#i", $headers["host"][0], $matches)) {
+                if (!\preg_match("#^([A-Z\d._\-]+|\[[\d:]+])(?::([1-9]\d*))?$#i", $headers["host"][0], $matches)) {
                     throw new ClientException($this->client, "Bad Request: invalid host header", HttpStatus::BAD_REQUEST);
                 }
 
@@ -317,7 +317,7 @@ public function handleClient(
                             );
                         }
 
-                        if (!\preg_match("#^([A-Z\d.\-]+|\[[\d:]+]):([1-9]\d*)$#i", $target, $matches)) {
+                        if (!\preg_match("#^([A-Z\d._\-]+|\[[\d:]+]):([1-9]\d*)$#i", $target, $matches)) {
                             throw new ClientException(
                                 $this->client,
                                 "Bad Request: invalid connect target",

diff --git a/src/Driver/Http2Driver.php b/src/Driver/Http2Driver.php
@@ -967,7 +967,7 @@ public function handleHeaders(int $streamId, array $pseudo, array $headers, bool
         [':method' => $method, ':path' => $target, ':scheme' => $scheme, ':authority' => $host] = $pseudo;
         $query = null;
 
-        if (!\preg_match("#^([A-Z\d.\-]+|\[[\d:]+])(?::([1-9]\d*))?$#i", $host, $matches)) {
+        if (!\preg_match("#^([A-Z\d._\-]+|\[[\d:]+])(?::([1-9]\d*))?$#i", $host, $matches)) {
             throw new Http2StreamException(
                 "Invalid authority (host) name",
                 $streamId,