From: admin at angosso dot net Operating system: Migration Localhost->_Server PHP version: 5.3.15 Package: Built-in web server Bug Type: Bug Bug description:proxy_test.php
Description: ------------ User Agent: Mozilla/5.0 (Windows NT 6.0; rv:14.0) Gecko/20100101 Firefox/14.0.1 Build ID: 20120713134347 Steps to reproduce: user_pref("capability.policy.policynames", "strict"); user_pref("capability.policy.strict.sites", "http://www.hosting24.com http://www.srv47.hosting24.com"); user_pref("capability.policy.strict.Window.alert", "noAccess"); user_pref("capability.policy.strict.Window.confirm", "noAccess"); user_pref("capability.policy.strict.Window.prompt", "noAccess"); Test script: --------------- "v=spf1 +a +mx +ip4:212.1.208.183 +a:srv47.hosting24.com +mx:mail.angosso.net +mx:srv47.hosting24.com +include:angosso.net ?all" Expected result: ---------------- function _parse_uri() function _redirect( $uri ) { $location = $this->_parse_location( $uri ); if ( $location['host'] != $this->host || $location['port'] != $this->port ) { $this->host = $location['host']; $this->port = $location['port']; if ( !$this->_use_proxy) $this->disconnect(); } usleep( 100 ); $this->get( $location['request_file'] . '?' . $location['query_string'] ); foreach( $this->cookies as $cookie_name => $cookie_data ) { if ($cookie_data['expires'] > $none) { $new_cookies[$cookie_name] = $cookie_data; $domain = preg_quote( $cookie_data['angosso.net'] ); $path = preg_quote( $cookie_data['/home/angosson/public_html/www'] ); if ( preg_match( "'.*$domain$'i", $current_domain ) && preg_match( "'^$path.*'i", $current_path ) ) $cookie_str .= $cookie_name . '=' . $cookie_data['http://www.angosso.net/pub-page/economie.php'] . '; '; } } Actual result: -------------- Vulnerability -- Edit bug report at https://bugs.php.net/bug.php?id=62753&edit=1 -- Try a snapshot (PHP 5.4): https://bugs.php.net/fix.php?id=62753&r=trysnapshot54 Try a snapshot (PHP 5.3): https://bugs.php.net/fix.php?id=62753&r=trysnapshot53 Try a snapshot (trunk): https://bugs.php.net/fix.php?id=62753&r=trysnapshottrunk Fixed in SVN: https://bugs.php.net/fix.php?id=62753&r=fixed Fixed in SVN and need be documented: https://bugs.php.net/fix.php?id=62753&r=needdocs Fixed in release: https://bugs.php.net/fix.php?id=62753&r=alreadyfixed Need backtrace: https://bugs.php.net/fix.php?id=62753&r=needtrace Need Reproduce Script: https://bugs.php.net/fix.php?id=62753&r=needscript Try newer version: https://bugs.php.net/fix.php?id=62753&r=oldversion Not developer issue: https://bugs.php.net/fix.php?id=62753&r=support Expected behavior: https://bugs.php.net/fix.php?id=62753&r=notwrong Not enough info: https://bugs.php.net/fix.php?id=62753&r=notenoughinfo Submitted twice: https://bugs.php.net/fix.php?id=62753&r=submittedtwice register_globals: https://bugs.php.net/fix.php?id=62753&r=globals PHP 4 support discontinued: https://bugs.php.net/fix.php?id=62753&r=php4 Daylight Savings: https://bugs.php.net/fix.php?id=62753&r=dst IIS Stability: https://bugs.php.net/fix.php?id=62753&r=isapi Install GNU Sed: https://bugs.php.net/fix.php?id=62753&r=gnused Floating point limitations: https://bugs.php.net/fix.php?id=62753&r=float No Zend Extensions: https://bugs.php.net/fix.php?id=62753&r=nozend MySQL Configuration Error: https://bugs.php.net/fix.php?id=62753&r=mysqlcfg