Unexpected redirection while sending Host header with wget

While testing check-mirrors with torsocks in experimental (#8074 (closed)) I noticed that wget is having a weird behaviour that it didn’t had in the past when sending explicit Host headers. It adds an unexpected redirection that bypasses the Host header (and fetches from a different IP address in the context of check-mirrors).

Success without Host header:

amnesia@amnesia:~$ wget http://78.47.150.61/tails/stable/tails-i386-1.2.2/tails-i386-1.2.2.iso.sig --spider --max-redirect=0
Spider mode enabled. Check if remote file exists.
--2015-01-07 20:27:25--  http://78.47.150.61/tails/stable/tails-i386-1.2.2/tails-i386-1.2.2.iso.sig
Connecting to 78.47.150.61:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 836 [application/pgp-signature]
Remote file exists.

Failure with Host header:

amnesia@amnesia:~$ wget http://78.47.150.61/tails/stable/tails-i386-1.2.2/tails-i386-1.2.2.iso.sig --spider --max-redirect=0 --header="Host: dl.amnesia.boum.org"
Spider mode enabled. Check if remote file exists.
--2015-01-07 20:28:03--  http://78.47.150.61/tails/stable/tails-i386-1.2.2/tails-i386-1.2.2.iso.sig
Connecting to 78.47.150.61:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 836 [application/pgp-signature]
Remote file exists.

Spider mode enabled. Check if remote file exists.
--2015-01-07 20:28:04--  http://dl.amnesia.boum.org/
Resolving dl.amnesia.boum.org (dl.amnesia.boum.org)... 50.254.151.65
Connecting to dl.amnesia.boum.org (dl.amnesia.boum.org)|50.254.151.65|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://cime.net/ [following]
0 redirections exceeded.

Second failure with Host header but no —max-redirect, note that the redirected IP address of the imaginary redirection changes:

amnesia@amnesia:~$ torsocks /usr/bin/wget http://176.9.53.178/tails/stable/tails-i386-1.2.2/tails-i386-1.2.2.iso.sig --spider --header=Host: dl.amnesia.boum.org
Spider mode enabled. Check if remote file exists.
--2015-01-07 20:36:14--  http://176.9.53.178/tails/stable/tails-i386-1.2.2/tails-i386-1.2.2.iso.sig
Connecting to 176.9.53.178:80... connected.
HTTP request sent, awaiting response... 400 Bad Request
Remote file does not exist -- broken link!!!

Spider mode enabled. Check if remote file exists.
--2015-01-07 20:36:15--  http://dl.amnesia.boum.org/
Resolving dl.amnesia.boum.org (dl.amnesia.boum.org)... 96.126.119.95
Connecting to dl.amnesia.boum.org (dl.amnesia.boum.org)|96.126.119.95|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 90 [text/html]
Remote file exists and could contain further links,
but recursion is disabled -- not retrieving.

Feature Branch: bugfix/quote-wrappers-arguments

Attachments

trace

Related issues

Related to #8074 (closed)
Related to #6623 (closed)
Blocked by #8830 (closed)

Original created by @sajolida on 8603 (Redmine)

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information