simple-vhost.default-host and invalid hostnames

[Safari]

Shouldn't simple-vhost.default-host be used only when request is HTTP1.0 and Request-URI is not an absoluteURI, i.e. does not contain http://host.name ?

If vhost directory does not exist, lighttpd should return error 400. Now it attempts to fetch a file from the default_host directory instead.

Also, another bug: If I do: GET http://foo.bar/qux HTTP/1.1 Host: bar.qux

Host: header should be ignored (1. below), but instead, lighttpd says: request.c.445: (trace) Host header is duplicate (Status: 400)

http://www.w3.org/Protocols/rfc2616/rfc2616-sec5.html#sec5.2

An origin server that does differentiate resources based on the host requested (sometimes referred to as virtual hosts or vanity host names) MUST use the following rules for determining the requested resource on an HTTP/1.1 request:

1. If Request-URI is an absoluteURI, the host is part of the Request-URI. Any Host header field value in the request MUST be ignored.

2. If the Request-URI is not an absoluteURI, and the request includes a Host header field, the host is determined by the Host header field value.

3. If the host as determined by rule 1 or 2 is not a valid host on the server, the response MUST be a 400 (Bad Request) error message.

[Safari]

crude patch to give 400 error on bad Host