Claude Agent abb3c4b189 Rootstock: hosts = ["*"] - allow all Host headers (was []) ...

VETIVER-9.0.1 enforces rpc.providers.web.http.hosts as a whitelist;
empty list / default rejects everything except 'Host: localhost'.

The traefik route uses 'customrequestheaders.Host=localhost' middleware
to rewrite the Host header, but that middleware appears not to be
applied for the rootstock route - real requests still arrive at rskj
with Host: rpc-de-XX.stakesquid.eu and rskj returns 400 Bad Request,
which traefik translates to 502 Bad Gateway.

Wildcard whitelist is fine here because traefik (with ipallowlist
middleware) is the actual gatekeeper.

Confirmed empirically: 'wget --header=Host:localhost' returns valid
JSON-RPC, anything else returns 400.

2026-05-05 18:56:08 +00:00

994 B

Raw Blame History

View Raw