lbarnaud Thu May 14 16:15:38 2009 UTC Modified files: (Branch: PHP_5_2) /php-src/ext/standard http_fopen_wrapper.c Log: MFB: Fixed #45540 (stream_context_create creates bad http request) http://cvs.php.net/viewvc.cgi/php-src/ext/standard/http_fopen_wrapper.c?r1=1.99.2.12.2.16&r2=1.99.2.12.2.17&diff_format=u Index: php-src/ext/standard/http_fopen_wrapper.c diff -u php-src/ext/standard/http_fopen_wrapper.c:1.99.2.12.2.16 php-src/ext/standard/http_fopen_wrapper.c:1.99.2.12.2.17 --- php-src/ext/standard/http_fopen_wrapper.c:1.99.2.12.2.16 Thu May 14 13:49:50 2009 +++ php-src/ext/standard/http_fopen_wrapper.c Thu May 14 16:15:38 2009 @@ -19,7 +19,7 @@ | Sara Golemon <poll...@php.net> | +----------------------------------------------------------------------+ */ -/* $Id: http_fopen_wrapper.c,v 1.99.2.12.2.16 2009/05/14 13:49:50 jani Exp $ */ +/* $Id: http_fopen_wrapper.c,v 1.99.2.12.2.17 2009/05/14 16:15:38 lbarnaud Exp $ */ #include "php.h" #include "php_globals.h" @@ -81,7 +81,10 @@ #define HTTP_HEADER_CONTENT_LENGTH 16 #define HTTP_HEADER_TYPE 32 -php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper, char *path, char *mode, int options, char **opened_path, php_stream_context *context, int redirect_max, int header_init STREAMS_DC TSRMLS_DC) /* {{{ */ +#define HTTP_WRAPPER_HEADER_INIT 1 +#define HTTP_WRAPPER_REDIRECTED 2 + +php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper, char *path, char *mode, int options, char **opened_path, php_stream_context *context, int redirect_max, int flags STREAMS_DC TSRMLS_DC) /* {{{ */ { php_stream *stream = NULL; php_url *resource = NULL; @@ -106,6 +109,8 @@ int protocol_version_len = 3; /* Default: "1.0" */ struct timeval timeout; char *user_headers = NULL; + int header_init = ((flags & HTTP_WRAPPER_HEADER_INIT) != 0); + int redirected = ((flags & HTTP_WRAPPER_REDIRECTED) != 0); tmp_line[0] = '\0'; @@ -251,10 +256,17 @@ if (context && php_stream_context_get_option(context, "http", "method", &tmpzval) == SUCCESS) { if (Z_TYPE_PP(tmpzval) == IS_STRING && Z_STRLEN_PP(tmpzval) > 0) { - scratch_len = strlen(path) + 29 + Z_STRLEN_PP(tmpzval); - scratch = emalloc(scratch_len); - strlcpy(scratch, Z_STRVAL_PP(tmpzval), Z_STRLEN_PP(tmpzval) + 1); - strcat(scratch, " "); + /* As per the RFC, automatically redirected requests MUST NOT use other methods than + * GET and HEAD unless it can be confirmed by the user */ + if (!redirected + || (Z_STRLEN_PP(tmpzval) == 3 && memcmp("GET", Z_STRVAL_PP(tmpzval), 3) == 0) + || (Z_STRLEN_PP(tmpzval) == 4 && memcmp("HEAD",Z_STRVAL_PP(tmpzval), 4) == 0) + ) { + scratch_len = strlen(path) + 29 + Z_STRLEN_PP(tmpzval); + scratch = emalloc(scratch_len); + strlcpy(scratch, Z_STRVAL_PP(tmpzval), Z_STRLEN_PP(tmpzval) + 1); + strcat(scratch, " "); + } } } @@ -701,7 +713,7 @@ CHECK_FOR_CNTRL_CHARS(resource->pass) CHECK_FOR_CNTRL_CHARS(resource->path) } - stream = php_stream_url_wrap_http_ex(wrapper, new_path, mode, options, opened_path, context, --redirect_max, 0 STREAMS_CC TSRMLS_CC); + stream = php_stream_url_wrap_http_ex(wrapper, new_path, mode, options, opened_path, context, --redirect_max, HTTP_WRAPPER_REDIRECTED STREAMS_CC TSRMLS_CC); } else { php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "HTTP request failed! %s", tmp_line); } @@ -748,7 +760,7 @@ php_stream *php_stream_url_wrap_http(php_stream_wrapper *wrapper, char *path, char *mode, int options, char **opened_path, php_stream_context *context STREAMS_DC TSRMLS_DC) /* {{{ */ { - return php_stream_url_wrap_http_ex(wrapper, path, mode, options, opened_path, context, PHP_URL_REDIRECT_MAX, 1 STREAMS_CC TSRMLS_CC); + return php_stream_url_wrap_http_ex(wrapper, path, mode, options, opened_path, context, PHP_URL_REDIRECT_MAX, HTTP_WRAPPER_HEADER_INIT STREAMS_CC TSRMLS_CC); } /* }}} */
-- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php