fix: update Host header for favicon requests after redirects

[wlayzz]

Summary

• Fix favicon extraction failing when FollowRedirects is enabled

Problem

When using -favicon -follow-redirects, the favicon hash is not extracted because:

1. The original request is cloned for fetching favicon URLs
2. After redirect (e.g., hackerone.com → www.hackerone.com), the favicon URL is correctly resolved to the final host
3. However, the cloned request's Host header still contains the original host
4. The server returns a 404 page because the Host header doesn't match the URL

Reproduction

# Without follow-redirects: works
echo "https://hackerone.com" | httpx -favicon -json | jq '.favicon'
# -> "595148549"

# With follow-redirects: fails (returns null)
echo "https://hackerone.com" | httpx -favicon -follow-redirects -json | jq '.favicon'
# -> null

Fix

Update the Host header to match the resolved URL host before making the favicon request.

// Update Host header to match resolved URL host (important after redirects)
if resolvedURL.Host != "" && resolvedURL.Host != clone.Host {
	clone.Host = resolvedURL.Host
}

Testing

# After the fix
echo "https://hackerone.com" | httpx -favicon -follow-redirects -json | jq '.favicon'
# -> "172802237"

Summary by CodeRabbit

• Bug Fixes
  • Improved favicon detection reliability by ensuring HTTP request headers correctly match final redirect targets.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

The HandleFaviconHash function in runner.go now updates the Host header on cloned requests when the resolved URL's host differs from the current Host. This ensures the Host header matches the final redirect target during favicon HTTP requests.

Changes

Cohort / File(s)	Summary
Host Header Synchronization runner/runner.go	Added conditional logic to update the Host header on cloned favicon requests when the resolved URL's host is non-empty and differs from the current Host header, ensuring proper redirect target handling.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 Favicon hearts now aligned,
Host headers kindly reassigned,
When URLs redirect their way,
The headers follow, come what may! 🎀

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly summarizes the main change: updating the Host header for favicon requests after redirects, which directly addresses the core issue in the PR.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

runner/runner.go (1)

2628-2629: Consider updating Host header in fallback path for consistency.

The fallback path sets clone.SetURL(rootResolvedURL) but doesn't update clone.Host. While typically both URLs derive from the same baseNet so hosts match, adding the same Host update here would be more defensive.

♻️ Suggested improvement

 clone.SetURL(rootResolvedURL)
+if rootResolvedURL.Host != "" && rootResolvedURL.Host != clone.Host {
+    clone.Host = rootResolvedURL.Host
+}
 if respFav2, err3 := hp.Do(clone, httpx.UnsafeOptions{}); err3 == nil && len(respFav2.Data) > 0 {

📜 Review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 59adfd6 and f144424.

📒 Files selected for processing (1)

• runner/runner.go

🔇 Additional comments (1)

runner/runner.go (1)

2614-2618: LGTM! Fix correctly updates Host header after redirects.

The fix properly addresses the issue where favicon requests fail after redirects to different hosts. By updating clone.Host to match resolvedURL.Host, the request now targets the correct server.

[Mzack9999]

lgtm!

% echo "https://hackerone.com" | go run . -favicon -follow-redirects -json | jq .favicon
...
"172802237" 

[Mzack9999]

@coderabbitai create an issue for this PR if it doesn't exist

[coderabbitai]

Tip

For best results, initiate chat on the files or code changes.

🧩 Analysis chain

@Mzack9999, I'll check if there's an existing issue for this PR and create one if needed.

---

🏁 Script executed:

#!/bin/bash

# Check if the PR already references an issue
echo "=== Checking PR #2369 for linked issues ==="
gh pr view 2369 --json body,title,number | jq -r '.body' | grep -iE '#[0-9]+|issue|fixes|closes' || echo "No issue references found in PR body"

echo ""
echo "=== Searching for related issues about favicon and redirects ==="
gh issue list --limit 50 --json number,title,body,state --search "favicon redirect" | jq -r '.[] | "\(.number): \(.title) [\(.state)]"'

echo ""
echo "=== Searching for open issues about favicon ==="
gh issue list --state open --limit 20 --json number,title --search "favicon" | jq -r '.[] | "\(.number): \(.title)"'

Length of output: 237

---

@Mzack9999, no existing issue was found for this PR. I'll create one now.

---

🏁 Script executed:

#!/bin/bash

# Create a new issue for PR #2369
gh issue create \
  --title "Favicon extraction fails with follow-redirects when host changes" \
  --body "## Description

When using \`-favicon\` with \`-follow-redirects\`, favicon extraction fails if the redirect changes the host. The issue occurs because the code clones the original request to fetch the resolved favicon URL but does not update the cloned request's Host header after redirects.

## Reproduction

**Without follow-redirects (works):**
\`\`\`bash
echo \"https://hackerone.com\" | httpx -favicon -json | jq '.favicon'
# Returns: \"595148549\"
\`\`\`

**With follow-redirects (fails):**
\`\`\`bash
echo \"https://hackerone.com\" | httpx -favicon -follow-redirects -json | jq '.favicon'
# Returns: null
\`\`\`

## Root Cause

When the target redirects to a different host (e.g., hackerone.com → www.hackerone.com), the resolved favicon URL points to the final host but the cloned request still has the original Host header, causing the server to return 404 and favicon to be null.

## Related PR

Fix implemented in PR #2369 by @wlayzz

---
**Reported by:** @Mzack9999  
**PR:** https://github.com/projectdiscovery/httpx/pull/2369" \
  --assignee Mzack9999

Length of output: 53

---

@Mzack9999, I've confirmed that no existing issue was found for this PR. I've created issue #2373 to track the favicon extraction bug with follow-redirects:

🔗 #2373

The issue has been assigned to you and includes:

• Description of the bug
• Reproduction steps showing the difference between with/without follow-redirects
• Root cause explanation
• Link back to PR fix: update Host header for favicon requests after redirects #2369 and credit to @wlayzz for the fix