ID: 45947
Updated by: [EMAIL PROTECTED]
Reported By: regis dot leroy at makina-corpus dot com
-Status: Bogus
+Status: Closed
Bug Type: Apache2 related
Operating System: Linux Debian
PHP Version: 5.2.6
New Comment:
I don't think this one is bogus. Ilia was wrong in 13961. Only the
value is copied, not the key there. And in 39927 I replied to the last
commenter who seemed to want to disable the . -> _ munging when
register_globals is off, but missed the original point of the code
modifying the passed in key. We dropped the ball multiple times on this
one.
I'll commit a fix in a bit.
Previous Comments:
------------------------------------------------------------------------
[2008-08-30 16:17:50] [EMAIL PROTECTED]
Jani, which bug is it? Or do you mean that #13961 is actually bogus?
As it is fine to change the name in PHP, it should not change the
apache (or more generally the server/system's) one.
------------------------------------------------------------------------
[2008-08-30 16:03:23] [EMAIL PROTECTED]
Please do not submit the same bug more than once. An existing
bug report already describes this very problem. Even if you feel
that your issue is somewhat different, the resolution is likely
to be the same.
Thank you for your interest in PHP.
------------------------------------------------------------------------
[2008-08-29 13:37:18] regis dot leroy at makina-corpus dot com
Description:
------------
reopening Bug #39927 and Bug #13961 which seems to have been marked
Bogus because of a Bogus reviewer.
Apache Env set by, for example:
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0
force-response-1.0
Is treaten in PHP to become downgrade-1_0 with an "_". that's OK, its'
for security reasons.
But it is changed in Apache, and so Apache will not modify the response
to make his 'forced downgrade to HTTP/1.0'.
That's REALLY BAAAD.
This breaks Apache mechanism to handle bad browser which do not
understand well HTTP/1.1 (with chunked responses on bad Java soap parses
for exemple).
I reedit the bug to give a workaround for people interested:
in PHP write such things:
"""
if ($_SERVER['downgrade-1_0']){
apache_setenv('downgrade-1.0','true');
}
"""
Beware of safe mode allowed env vars if you're in safe mode.
Now you have to right behaviour $_SERVER contains only strings without
dots but Apache have the right env to behave well.
Shame on PHP....
Reproduce code:
---------------
see previous bugs
Expected result:
----------------
response in HTTP/1.0
Actual result:
--------------
response in HTTP/1.1
------------------------------------------------------------------------
--
Edit this bug report at http://bugs.php.net/?id=45947&edit=1
