diff options
| author | Nikita Popov <nikita.ppv@gmail.com> | 2020-02-24 10:20:43 +0100 |
|---|---|---|
| committer | Nikita Popov <nikita.ppv@gmail.com> | 2020-02-24 10:20:43 +0100 |
| commit | c5128fb7fc5664e8c07e1d4e502d44733aebffc3 (patch) | |
| tree | 6d33d117e5bf4c612af21329313217ac0dc97ec5 | |
| parent | 8d451fd24e37d124ea371e65b98d4e829be24b3e (diff) | |
| parent | 56cdbe63c24b86c2f1d60bf2609fde113d12d235 (diff) | |
| download | php-git-c5128fb7fc5664e8c07e1d4e502d44733aebffc3.tar.gz | |
Merge branch 'PHP-7.3' into PHP-7.4
* PHP-7.3:
Don't treat any WS as start of header
| -rw-r--r-- | ext/standard/http_fopen_wrapper.c | 5 | ||||
| -rw-r--r-- | ext/standard/tests/http/bug79265_2.phpt | 38 |
2 files changed, 40 insertions, 3 deletions
diff --git a/ext/standard/http_fopen_wrapper.c b/ext/standard/http_fopen_wrapper.c index 966890ac0b..bf0363fd3c 100644 --- a/ext/standard/http_fopen_wrapper.c +++ b/ext/standard/http_fopen_wrapper.c @@ -108,7 +108,7 @@ static inline void strip_header(char *header_bag, char *lc_header_bag, static zend_bool check_has_header(const char *headers, const char *header) { const char *s = headers; while ((s = strstr(s, header))) { - if (s == headers || *(s-1) == '\r' || *(s-1) == '\n' || *(s-1) == '\t' || *(s-1) == ' ') { + if (s == headers || *(s-1) == '\n') { return 1; } s++; @@ -494,8 +494,7 @@ finish: /* remove Proxy-Authorization header */ if (use_proxy && use_ssl && (s = strstr(t, "proxy-authorization:")) && - (s == t || *(s-1) == '\r' || *(s-1) == '\n' || - *(s-1) == '\t' || *(s-1) == ' ')) { + (s == t || *(s-1) == '\n')) { char *p = s + sizeof("proxy-authorization:") - 1; while (s > t && (*(s-1) == ' ' || *(s-1) == '\t')) s--; diff --git a/ext/standard/tests/http/bug79265_2.phpt b/ext/standard/tests/http/bug79265_2.phpt new file mode 100644 index 0000000000..d2f5bc1e38 --- /dev/null +++ b/ext/standard/tests/http/bug79265_2.phpt @@ -0,0 +1,38 @@ +--TEST-- +Bug #79265 variation: "host:" not at start of header +--INI-- +allow_url_fopen=1 +--SKIPIF-- +<?php require 'server.inc'; http_server_skipif('tcp://127.0.0.1:12342'); ?> +--FILE-- +<?php +require 'server.inc'; + +$responses = array( + "data://text/plain,HTTP/1.0 200 OK\r\n\r\n", +); + +$pid = http_server("tcp://127.0.0.1:12342", $responses, $output); + +$opts = array( + 'http'=>array( + 'method'=>"GET", + 'header'=>"RandomHeader: host:8080\r\n" . + "Cookie: foo=bar\r\n" + ) +); +$context = stream_context_create($opts); +$fd = fopen('http://127.0.0.1:12342/', 'rb', false, $context); +fseek($output, 0, SEEK_SET); +echo stream_get_contents($output); +fclose($fd); + +http_server_kill($pid); + +?> +--EXPECT-- +GET / HTTP/1.0 +Host: 127.0.0.1:12342 +Connection: close +RandomHeader: host:8080 +Cookie: foo=bar |