From: [EMAIL PROTECTED] Operating system: redhat 7.1 glibc2.2.4 kernel2.4 PHP version: 4.1.1 PHP Bug Type: Apache related Bug description: [critical!] mozilla downloads source of .php files
I don't exactly understand how this happens, but with a Apache+mod_ssl server, Mozilla 0.9.7 is able to retrieve the source of a .php file, probably by sending non-standard headers. Software used: - Apache 1.3.22 - mod_ssl 2.8.5 - php 4.1.1 - VirtualHost on port 443 with SSLEngine On. - "AddHandler application/x-httpd-php .php" Test URL: https://secure.mkmgmbh.com/horde/test.php Using Internet Explorer 6, you get the compiled page, using Mozilla 0.9.7 it downloads the source, same url, different behaviour. Please note that the server uses a non-standard certificate (signed by our own CA). [Configure line: './configure' '--prefix=/httpd/php' '--with-apxs=/httpd/bin/apxs' '--with-config-file-path=/httpd/conf' '--with-gdbm=/usr' '--with-mysql=/usr' '--with-openssl=/usr' '--with-vpopmail=/home/vpopmail' '--with-gettext' '--with-xml' '--with-mcrypt=/usr' '--with-imap=/projects/serverupd/imap/imap-2001a' '--with-zlib=/usr'] -- Edit bug report at: http://bugs.php.net/?id=14751&edit=1 -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
