Bug #62524 [Com]: fopen follows redirects for non-3xx statuses
Edit report at https://bugs.php.net/bug.php?id=62524edit=1
ID: 62524
Comment by: stormbyte at gmail dot com
Reported by:mike dot hall at twistdigital dot co dot uk
Summary:fopen follows redirects for non-3xx statuses
Status: Closed
Type: Bug
Package:Streams related
Operating System: Ubuntu 12.04
PHP Version:5.4.4
Block user comment: N
Private report: N
New Comment:
I saw git diff, and 308 permanent redirect is missing in the code:
/* we only care about Location for 300, 301, 302, 303 and 307 */
Since 308 is Permanent Redirect in http 1.1, it should be included also to be
followed and not ignored, otherwise, this bug might happen again on some
servers.
Previous Comments:
[2013-01-29 08:29:32] s...@php.net
Automatic comment on behalf of stas
Revision:
http://git.php.net/?p=php-src.git;a=commit;h=5382e156f925603ef0f65b9cc4fed29cbe2dce9b
Log: Fix bug #62524, only follow redirects in file streams for 3xx HTTP statuses
[2012-11-25 02:15:33] wes at serverdensity dot com
I've submitted a patch for this via Github pull request:
https://github.com/php/php-src/pull/236
[2012-07-12 14:34:17] Sjon at hortensius dot net
A more complete example confirms this behavior:
I also fixed some syntax errors
?php
header('Location: http://php.net', true, 201);
if (isset($_GET['waa']))
return;
$context = stream_context_create(array(
http = array(
method = POST,
header = Content-Length: 13,
content = {\foo\:\bar\},
),
));
$fp = fopen('http://'.$_SERVER['SERVER_NAME']. $_SERVER['PHP_SELF'] .'?waa=1',
'r', null, $context);
print(stream_get_contents($fp));
[2012-07-10 16:00:52] mike dot hall at twistdigital dot co dot uk
Description:
The HTTP location header can either be used to direct the user to another
resource (when accompanied by a 3xx status code) or to inform the user of the
location of the document they just created (with a 2xx) status code.
It doesn't make sense to treat the location header as a redirect in the second
context - the location header indicates a redirect only when accompanied by a
3xx
status code.
Currently, PHP follows Location headers as if they are redirects regardless of
the returned status code.
Test script:
---
$context = stream_context_create([
http = [
method = POST
header = Content-Length: 13
content = {\foo\:\bar\},
],
]);
// Returns HTTP/1.1 201 Created
// Location: http://example.com/mydb/documentid
//
// {status:ok}
$fp = fopen('http://example.com/mydb', 'r', null, $context);
$data = stream_get_contents($fp);
list($headers, $body) = explode(\r\n\r\n, $data, 2);
echo $body;
Expected result:
{status:ok}
Actual result:
--
{foo:bar}
--
Edit this bug report at https://bugs.php.net/bug.php?id=62524edit=1
Bug #62524 [Com]: fopen follows redirects for non-3xx statuses
Edit report at https://bugs.php.net/bug.php?id=62524edit=1
ID: 62524
Comment by: stormbyte at gmail dot com
Reported by:mike dot hall at twistdigital dot co dot uk
Summary:fopen follows redirects for non-3xx statuses
Status: Closed
Type: Bug
Package:Streams related
Operating System: Ubuntu 12.04
PHP Version:5.4.4
Block user comment: N
Private report: N
New Comment:
I attach a git diff with proposed changes:
diff --git a/ext/standard/http_fopen_wrapper.c
b/ext/standard/http_fopen_wrapper.c
index 870f904..a3f193b 100644
--- a/ext/standard/http_fopen_wrapper.c
+++ b/ext/standard/http_fopen_wrapper.c
@@ -731,9 +731,9 @@ finish:
http_header_line[http_header_line_length] = '\0';
if (!strncasecmp(http_header_line, Location: , 10)) {
- /* we only care about Location for 300, 301,
302, 303 and 307 */
+ /* we only care about Location for 300, 301,
302, 303, 307 and 308 */
/* see
http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.3.1 */
- if ((response_code = 300 response_code
304 || 307 == response_code) context
php_stream_context_get_option(context, http, follow_location, tmpzval) ==
SUCCESS) {
+ if ((response_code = 300 response_code
304 || 307 == response_code || 308 == response_code) context
php_stream_context_get_option(context, http, follow_location, tmpzval) ==
SUCCESS) {
SEPARATE_ZVAL(tmpzval);
convert_to_long_ex(tmpzval);
follow_location = Z_LVAL_PP(tmpzval);
Previous Comments:
[2013-03-05 07:27:02] stormbyte at gmail dot com
I saw git diff, and 308 permanent redirect is missing in the code:
/* we only care about Location for 300, 301, 302, 303 and 307 */
Since 308 is Permanent Redirect in http 1.1, it should be included also to be
followed and not ignored, otherwise, this bug might happen again on some
servers.
[2013-01-29 08:29:32] s...@php.net
Automatic comment on behalf of stas
Revision:
http://git.php.net/?p=php-src.git;a=commit;h=5382e156f925603ef0f65b9cc4fed29cbe2dce9b
Log: Fix bug #62524, only follow redirects in file streams for 3xx HTTP statuses
[2012-11-25 02:15:33] wes at serverdensity dot com
I've submitted a patch for this via Github pull request:
https://github.com/php/php-src/pull/236
[2012-07-12 14:34:17] Sjon at hortensius dot net
A more complete example confirms this behavior:
I also fixed some syntax errors
?php
header('Location: http://php.net', true, 201);
if (isset($_GET['waa']))
return;
$context = stream_context_create(array(
http = array(
method = POST,
header = Content-Length: 13,
content = {\foo\:\bar\},
),
));
$fp = fopen('http://'.$_SERVER['SERVER_NAME']. $_SERVER['PHP_SELF'] .'?waa=1',
'r', null, $context);
print(stream_get_contents($fp));
[2012-07-10 16:00:52] mike dot hall at twistdigital dot co dot uk
Description:
The HTTP location header can either be used to direct the user to another
resource (when accompanied by a 3xx status code) or to inform the user of the
location of the document they just created (with a 2xx) status code.
It doesn't make sense to treat the location header as a redirect in the second
context - the location header indicates a redirect only when accompanied by a
3xx
status code.
Currently, PHP follows Location headers as if they are redirects regardless of
the returned status code.
Test script:
---
$context = stream_context_create([
http = [
method = POST
header = Content-Length: 13
content = {\foo\:\bar\},
],
]);
// Returns HTTP/1.1 201 Created
// Location: http://example.com/mydb/documentid
//
// {status:ok}
$fp = fopen('http://example.com/mydb', 'r', null, $context);
$data = stream_get_contents($fp);
list($headers, $body) = explode(\r\n\r\n, $data, 2);
echo $body;
Expected result:
{status:ok}
Actual result:
--
{foo:bar}
--
Edit this bug report at https://bugs.php.net/bug.php?id=62524edit=1
Bug #62524 [Com]: fopen follows redirects for non-3xx statuses
Edit report at https://bugs.php.net/bug.php?id=62524edit=1
ID: 62524
Comment by: wes at serverdensity dot com
Reported by:mike dot hall at twistdigital dot co dot uk
Summary:fopen follows redirects for non-3xx statuses
Status: Open
Type: Bug
Package:Streams related
Operating System: Ubuntu 12.04
PHP Version:5.4.4
Block user comment: N
Private report: N
New Comment:
I've submitted a patch for this via Github pull request:
https://github.com/php/php-src/pull/236
Previous Comments:
[2012-07-12 14:34:17] Sjon at hortensius dot net
A more complete example confirms this behavior:
I also fixed some syntax errors
?php
header('Location: http://php.net', true, 201);
if (isset($_GET['waa']))
return;
$context = stream_context_create(array(
http = array(
method = POST,
header = Content-Length: 13,
content = {\foo\:\bar\},
),
));
$fp = fopen('http://'.$_SERVER['SERVER_NAME']. $_SERVER['PHP_SELF'] .'?waa=1',
'r', null, $context);
print(stream_get_contents($fp));
[2012-07-10 16:00:52] mike dot hall at twistdigital dot co dot uk
Description:
The HTTP location header can either be used to direct the user to another
resource (when accompanied by a 3xx status code) or to inform the user of the
location of the document they just created (with a 2xx) status code.
It doesn't make sense to treat the location header as a redirect in the second
context - the location header indicates a redirect only when accompanied by a
3xx
status code.
Currently, PHP follows Location headers as if they are redirects regardless of
the returned status code.
Test script:
---
$context = stream_context_create([
http = [
method = POST
header = Content-Length: 13
content = {\foo\:\bar\},
],
]);
// Returns HTTP/1.1 201 Created
// Location: http://example.com/mydb/documentid
//
// {status:ok}
$fp = fopen('http://example.com/mydb', 'r', null, $context);
$data = stream_get_contents($fp);
list($headers, $body) = explode(\r\n\r\n, $data, 2);
echo $body;
Expected result:
{status:ok}
Actual result:
--
{foo:bar}
--
Edit this bug report at https://bugs.php.net/bug.php?id=62524edit=1
Bug #62524 [Com]: fopen follows redirects for non-3xx statuses
Edit report at https://bugs.php.net/bug.php?id=62524edit=1
ID: 62524
Comment by: Sjon at hortensius dot net
Reported by:mike dot hall at twistdigital dot co dot uk
Summary:fopen follows redirects for non-3xx statuses
Status: Open
Type: Bug
Package:Streams related
Operating System: Ubuntu 12.04
PHP Version:5.4.4
Block user comment: N
Private report: N
New Comment:
A more complete example confirms this behavior:
I also fixed some syntax errors
?php
header('Location: http://php.net', true, 201);
if (isset($_GET['waa']))
return;
$context = stream_context_create(array(
http = array(
method = POST,
header = Content-Length: 13,
content = {\foo\:\bar\},
),
));
$fp = fopen('http://'.$_SERVER['SERVER_NAME']. $_SERVER['PHP_SELF'] .'?waa=1',
'r', null, $context);
print(stream_get_contents($fp));
Previous Comments:
[2012-07-10 16:00:52] mike dot hall at twistdigital dot co dot uk
Description:
The HTTP location header can either be used to direct the user to another
resource (when accompanied by a 3xx status code) or to inform the user of the
location of the document they just created (with a 2xx) status code.
It doesn't make sense to treat the location header as a redirect in the second
context - the location header indicates a redirect only when accompanied by a
3xx
status code.
Currently, PHP follows Location headers as if they are redirects regardless of
the returned status code.
Test script:
---
$context = stream_context_create([
http = [
method = POST
header = Content-Length: 13
content = {\foo\:\bar\},
],
]);
// Returns HTTP/1.1 201 Created
// Location: http://example.com/mydb/documentid
//
// {status:ok}
$fp = fopen('http://example.com/mydb', 'r', null, $context);
$data = stream_get_contents($fp);
list($headers, $body) = explode(\r\n\r\n, $data, 2);
echo $body;
Expected result:
{status:ok}
Actual result:
--
{foo:bar}
--
Edit this bug report at https://bugs.php.net/bug.php?id=62524edit=1
