Skip to content

Fix hostname support #864

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
emontnemery merged 12 commits into from
Mar 17, 2025
Merged

Fix hostname support #864

Changes from 1 commit
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
03f214e
fix: unset host header for status requests
DerEnderKeks Feb 24, 2024
dfa61b5
Update dial.py
emontnemery Mar 14, 2025
557d0ca
Update dial.py
emontnemery Mar 14, 2025
d69829c
Update dial.py
emontnemery Mar 14, 2025
576e57e
Update dial.py
emontnemery Mar 14, 2025
afeb7ff
Update dial.py
emontnemery Mar 14, 2025
7a6a887
Update dial.py
emontnemery Mar 14, 2025
7b3d38b
Update dial.py
emontnemery Mar 14, 2025
85d0752
Update dial.py
emontnemery Mar 14, 2025
2e8976c
Refactor
emontnemery Mar 14, 2025
2908b04
Accept suggestions from code review
emontnemery Mar 17, 2025
a106bb9
Update dial.py
emontnemery Mar 17, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion pychromecast/dial.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -90,7 +90,8 @@ def _get_status(
_LOGGER.debug("Resolved service %s to %s", service, host)
break

headers = {"content-type": "application/json"}
# unsetting the host header, as requests with a domain would be blocked otherwise
Copy link
Copy Markdown
Collaborator

@emontnemery emontnemery Mar 20, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please better explain what this is intended to fix, I can't reproduce any case where this is blocked myself.

Maybe paste some examples using curl to craft the working and non-working requests?
Are you sure the problem you see is not caused by an issue in your network configuration?

Copy link
Copy Markdown
Contributor Author

@DerEnderKeks DerEnderKeks Mar 20, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When requesting the /setup/eureka_info endpoint using a hostname (instead of a plain IP), the request is blocked. I can reproduce this both with an Nvidia Shield and a Google Home Mini. I doubt my network influences this, as the devices are on the same L2 and L3 network and can communicate directly. Here are some simple curl commands for reproduction:

Working

$ curl https://x.x.x.x:8443/setup/eureka_info -k -v
*   Trying x.x.x.x:8443...
* Connected to x.x.x.x (x.x.x.x) port 8443
* schannel: disabled automatic use of client certificate
* schannel: using IP address, SNI is not supported by OS.
* ALPN: curl offers http/1.1
* ALPN: server did not agree on a protocol. Uses default.
* using HTTP/1.x
> GET /setup/eureka_info HTTP/1.1
> Host: x.x.x.x:8443
> User-Agent: curl/8.4.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Access-Control-Allow-Headers:Content-Type
< Cache-Control:no-cache
< Content-Length:1274
< Content-Type:application/json
<
{...json...}* Connection #0 to host x.x.x.x left intact

$ curl -H 'Host:' https://homeminitest:8443/setup/eureka_info -k -v
*   Trying x.x.x.x:8443...
* Connected to homeminitest (x.x.x.x) port 8443
* schannel: disabled automatic use of client certificate
* ALPN: curl offers http/1.1
* ALPN: server did not agree on a protocol. Uses default.
* using HTTP/1.x
> GET /setup/eureka_info HTTP/1.1
> User-Agent: curl/8.4.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Access-Control-Allow-Headers:Content-Type
< Cache-Control:no-cache
< Content-Length:1274
< Content-Type:application/json
<
{...json...}* Connection #0 to host homeminitest left intact

Blocked

$ curl https://homeminitest:8443/setup/eureka_info -k -v
*   Trying x.x.x.x:8443...
* Connected to homeminitest (x.x.x.x) port 8443
* schannel: disabled automatic use of client certificate
* ALPN: curl offers http/1.1
* ALPN: server did not agree on a protocol. Uses default.
* using HTTP/1.x
> GET /setup/eureka_info HTTP/1.1
> Host: homeminitest:8443
> User-Agent: curl/8.4.0
> Accept: */*
>
< HTTP/1.1 403 Forbidden
< Content-Length:0
<
* Connection #0 to host homeminitest left intact

headers = {"host": "", "content-type": "application/json"}
Copy link
Copy Markdown
Collaborator

@elupus elupus Dec 1, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this end up setting it to an empty string. I am not sure that is such a good idea.

"A Host header field must be sent in all HTTP/1.1 request messages. A 400 Bad Request status code may be sent to any HTTP/1.1 request message that lacks or contains more than one Host header field."

So it likely need to be set to the IP address of the request.

Copy link
Copy Markdown
Collaborator

@emontnemery emontnemery Dec 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would still like an example showing where this is a problem and how this PR fixes it.

Copy link
Copy Markdown
Collaborator

@elupus elupus Dec 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suspect just setting a manual dns (ie not mdns) hostname for a chromecast instead of an IP would cause it.

Copy link
Copy Markdown
Collaborator

@elupus elupus Dec 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just realized that it might only be possible with the changes for ipv6 that was posted that does a getaddrinfo lookup.

Copy link
Copy Markdown
Contributor Author

@DerEnderKeks DerEnderKeks Dec 3, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My usecase is indeed to have a custom DNS name for a cast device, as I can't use mDNS in my setup, since the cast devices are in a different L2/L3 network than Home Assistant.

I do agree with setting the Host header to the resolved IP, that's a cleaner way to solve this.

Copy link
Copy Markdown

@tbnobody tbnobody Mar 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As mentioned here: home-assistant/core#135024 (comment)

Adding the IP of the chromecast in the host header fixes the issue

Copy link
Copy Markdown
Collaborator

@emontnemery emontnemery Mar 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I changed the PR to do something inbetween; if the HTTP get fails with FORBIDDEN, we retry with an empty host header.

The reason I suggest this simplified approach is to avoid doing the name resolution via socket.getaddrinfo, and then iterating over the returned list.


if secure:
url = FORMAT_BASE_URL_HTTPS.format(host) + path
Expand Down