iliaa Tue Mar 4 11:04:07 2003 EDT Modified files: /php4/ext/standard http_fopen_wrapper.c Log: Added support for http redirects to ftp. Fixed bug #22508 (Added protection against circular HTML redirects). Index: php4/ext/standard/http_fopen_wrapper.c diff -u php4/ext/standard/http_fopen_wrapper.c:1.68 php4/ext/standard/http_fopen_wrapper.c:1.69 --- php4/ext/standard/http_fopen_wrapper.c:1.68 Thu Feb 27 13:16:34 2003 +++ php4/ext/standard/http_fopen_wrapper.c Tue Mar 4 11:04:05 2003 @@ -18,7 +18,7 @@ | Wez Furlong <[EMAIL PROTECTED]> | +----------------------------------------------------------------------+ */ -/* $Id: http_fopen_wrapper.c,v 1.68 2003/02/27 18:16:34 wez Exp $ */ +/* $Id: http_fopen_wrapper.c,v 1.69 2003/03/04 16:04:05 iliaa Exp $ */ #include "php.h" #include "php_globals.h" @@ -80,8 +80,10 @@ #include "php_fopen_wrappers.h" #define HTTP_HEADER_BLOCK_SIZE 1024 +#define PHP_URL_REDIRECT_MAX 20 -php_stream *php_stream_url_wrap_http(php_stream_wrapper *wrapper, char *path, char *mode, int options, char **opened_path, php_stream_context *context STREAMS_DC TSRMLS_DC) + +php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper, char *path, char *mode, int options, char **opened_path, php_stream_context *context, int redirect_max STREAMS_DC TSRMLS_DC) { php_stream *stream = NULL; php_url *resource = NULL; @@ -102,14 +104,25 @@ char *transport_string, *errstr = NULL; int transport_len; + if (redirect_max < 1) { + php_error_docref(NULL TSRMLS_CC, E_WARNING, "Circular redirect, aborting."); + return NULL; + } + if (strpbrk(mode, "awx+")) { php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "HTTP wrapper does not support writeable connections."); return NULL; } resource = php_url_parse(path); - if (resource == NULL) + if (resource == NULL) { return NULL; + } + + if (strncasecmp(resource->scheme, "http", sizeof("http")) && strncasecmp(resource->scheme, "https", sizeof("https"))) { + php_url_free(resource); + return php_stream_open_wrapper_ex(path, mode, ENFORCE_SAFE_MODE | REPORT_ERRORS, NULL, context); + } use_ssl = resource->scheme && (strlen(resource->scheme) > 4) && resource->scheme[4] == 's'; /* choose default ports */ @@ -349,7 +362,11 @@ char loc_path[HTTP_HEADER_BLOCK_SIZE]; *new_path='\0'; - if (strlen(location)<8 || (strncasecmp(location, "http://", sizeof("http://")-1) && strncasecmp(location, "https://", sizeof("https://")-1))) { + if (strlen(location)<8 || (strncasecmp(location, "http://", sizeof("http://")-1) && + strncasecmp(location, "https://", sizeof("https://")-1) && + strncasecmp(location, "ftp://", sizeof("ftp://")-1) && + strncasecmp(location, "ftps://", sizeof("ftps://")-1))) + { if (*location != '/') { if (*(location+1) != '\0' && resource->path) { char *s = strrchr(resource->path, '/'); @@ -377,7 +394,7 @@ } else { strlcpy(new_path, location, sizeof(new_path)); } - stream = php_stream_url_wrap_http(NULL, new_path, mode, options, opened_path, context STREAMS_CC TSRMLS_CC); + stream = php_stream_url_wrap_http_ex(NULL, new_path, mode, options, opened_path, context, --redirect_max STREAMS_CC TSRMLS_CC); if (stream && stream->wrapperdata) { entryp = &entry; MAKE_STD_ZVAL(entry); @@ -433,6 +450,11 @@ } return stream; +} + +php_stream *php_stream_url_wrap_http(php_stream_wrapper *wrapper, char *path, char *mode, int options, char **opened_path, php_stream_context *context STREAMS_DC TSRMLS_DC) +{ + return php_stream_url_wrap_http_ex(wrapper, path, mode, options, opened_path, context, PHP_URL_REDIRECT_MAX STREAMS_CC TSRMLS_CC); } static int php_stream_http_stream_stat(php_stream_wrapper *wrapper,
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php