ID: 14280
Updated by: hholzgra
Reported By: [EMAIL PROTECTED]
Status: Bogus
Bug Type: Session related
Operating System: Sun Solaris
PHP Version: 4.0.6
New Comment:
sorry, but i don't see the point in
rewriting the Location header
if you do a redirect by header() you
should know pretty well what you are
doing, *including* whether you need a
session id in it or not
it's just adding the SID constant in
*one* place instead of all over a
html document that might even be
maintained by someone else
if you *realy* think header() shoud be
that magical, then submit a feature request
PS: that some browsers accept relative
Location headers and that some people
out there make use if this does *not at all*
imply that this is correct usage
(you should have seen the note about that
if you'd had a look at the header()
manual page lately as suggest in my
first reply)
Previous Comments:
------------------------------------------------------------------------
[2001-11-29 10:57:33] [EMAIL PROTECTED]
The HTTP standard does not allow relative paths / files in the Location: header.
You should always use this form:
Location: http://servername.domain.nl/file.php
Derick
------------------------------------------------------------------------
[2001-11-29 10:43:51] [EMAIL PROTECTED]
it does put in a hidden field, I was to quick there, sorry
about that.
about the header function:
it works saying header("Location: test.php");
you don't have to specify an absolute path, so that means
a lot of people out there don't. Maybe thats a bug (or a
feature) in itself.
So whats the story about the header-function, bug? Or if
not, should'nt it be possible to rewrite the header it its
relative?
------------------------------------------------------------------------
[2001-11-29 09:20:30] [EMAIL PROTECTED]
please check for an added hidden field in <form>.
reopen the bug report if you do not find one
for the "Location:" header:
- trans-sid does only rewrite the HTML content,
not the headers
- relative URLs are not allowed in Location: headers
(see php.net/header for further info)
------------------------------------------------------------------------
[2001-11-29 09:12:36] [EMAIL PROTECTED]
when compiling php version 4.06 with '--enable-trans-sid' and thereafter setting
'session.use_cookies off' in php.ini or in Apache's virtual host container.
Does anyone know why the url rewriting works like this:
- when it encounters a 'href' it do rewrite
- when it encounters a header("Location: test.php"); it does not rewrite
- when it encounters a <form action=test.php > it does not rewrite
im not sure its a bug, but if it is not - then there is'nt much fun in using url
rewriting at all for sessions.
'./configure' '--with-apache=../apache_1.3.20' '--with-config-file-path=/etc'
'--without-system-regex' '--enable-versioning' '--enable-track-vars'
'--enable-trans-sid' '--with-oci8=/home/oracle/product/8.1.7/'
'--with-mysql=/opt/mysql-3.23.32'
------------------------------------------------------------------------
Edit this bug report at http://bugs.php.net/?id=14280&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
