frankenphp icon indicating copy to clipboard operation
frankenphp copied to clipboard
verified publisher icon php

Embedded app: ./my-app run doesn't correctly match host names

Open henderkes opened this issue 1 year ago • 0 comments

What happened?

Embedded an app with frankenphp. Trying to run it with ./my-app php-server, it works under localhost:80.

Creating a Caddyfile and using ./my-app run has a few problems:

  • Need to specify /tmp/frankenphp.... directory manually, as using root public/ uses the cwd/public directory, which makes no sense
  • The hostname is never matched, even if it should be
2024/06/11 13:32:42.892 INFO    http.log.access NOP    {
   "request":{
      "remote_ip":"192.168.100.33",
      "remote_port":"49281",
      "client_ip":"192.168.100.33",
      "proto":"HTTP/2.0",
      "method":"GET",
      "host":"my.valid.server",
      "uri":"/seminar_type/",
      "headers":{
         "Sec-Fetch-Site":[
            "none"
         ],
         "Sec-Fetch-Mode":[
            "navigate"
         ],
         "Accept-Encoding":[
            "gzip, deflate, br, zstd"
         ],
         "Accept-Language":[
            "en,de;q=0.9"
         ],
         "Cache-Control":[
            "max-age=0"
         ],
         "Sec-Ch-Ua":[
            "\"Google Chrome\";v=\"125\", \"Chromium\";v=\"125\", \"Not.A/Brand\";v=\"24\""
         ],
         "Sec-Ch-Ua-Mobile":[
            "?0"
         ],
         "Upgrade-Insecure-Requests":[
            "1"
         ],
         "Cookie":[
            "REDACTED"
         ],
         "Sec-Ch-Ua-Platform":[
            "\"Windows\""
         ],
         "Sec-Fetch-Dest":[
            "document"
         ],
         "Priority":[
            "u=0, i"
         ],
         "User-Agent":[
            "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36"
         ],
         "Accept":[
            "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7"
         ],
         "Sec-Fetch-User":[
            "?1"
         ]
      },
      "tls":{
         "resumed":false,
         "version":772,
         "cipher_suite":4865,
         "proto":"h2",
         "server_name":"my.valid.server"
      }
   },
   "bytes_read":0,
   "user_id":"",
   "duration":0.0000027,
   "size":0,
   "status":0,
   "resp_headers":{
      "Server":[
         "Caddy"
      ],
      "Alt-Svc":[
         "h3=\":443\"; ma=2592000"
      ]
   }
}

What's interesting is the http.log.access NOP, which should usually be http.log.access handled request.

Example Caddyfile:

{
        debug
        frankenphp {
#               worker /tmp/frankenphp_c407ab7817f4cae00ecbd8679d4f2d09/public/index.php
        }
}

my.valid.server { # not matched
        tls /etc/pki/tls/certs/myvalid.cer /etc/pki/tls/private/myvalid.key # works

        log # works

        encode zstd gzip

        root * /tmp/frankenphp_c407ab7817f4cae00ecbd8679d4f2d09/public/ # better way to do this?

        php_server # commenting this out changes nothing

        file_server # commenting this out changes nothing

        respond "Not Found" 404 # doesn't do anything
}

# :443 { # would be matched
#         respond "Not Found" 405 # would respond
# }

Build Type

Standalone binary

Worker Mode

No

Operating System

GNU/Linux

CPU Architecture

x86_64

PHP configuration

-not important-

Relevant log output

-see above-

henderkes avatar Jun 11 '24 13:06 henderkes