diff --git a/ext/standard/http_fopen_wrapper.c b/ext/standard/http_fopen_wrapper.c index b8676bbba4d..4605e7494fa 100644 --- a/ext/standard/http_fopen_wrapper.c +++ b/ext/standard/http_fopen_wrapper.c @@ -84,6 +84,30 @@ #define HTTP_WRAPPER_HEADER_INIT 1 #define HTTP_WRAPPER_REDIRECTED 2 +static inline void strip_header(char *header_bag, char *lc_header_bag, + const char *lc_header_name) +{ + char *lc_header_start = strstr(lc_header_bag, lc_header_name); + char *header_start = header_bag + (lc_header_start - lc_header_bag); + + if (lc_header_start + && (lc_header_start == lc_header_bag || *(lc_header_start-1) == '\n') + ) { + char *lc_eol = strchr(lc_header_start, '\n'); + char *eol = header_start + (lc_eol - lc_header_start); + + if (lc_eol) { + size_t eollen = strlen(lc_eol); + + memmove(lc_header_start, lc_eol+1, eollen); + memmove(header_start, eol+1, eollen); + } else { + *lc_header_start = '\0'; + *header_start = '\0'; + } + } +} + php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper, char *path, char *mode, int options, char **opened_path, php_stream_context *context, int redirect_max, int flags STREAMS_DC TSRMLS_DC) /* {{{ */ { php_stream *stream = NULL; @@ -425,40 +449,17 @@ finish: if (tmp && strlen(tmp) > 0) { char *s; - if (!header_init) { /* Remove post headers for redirects */ - int l = strlen(tmp); - char *s2, *tmp_c = estrdup(tmp); - - php_strtolower(tmp_c, l); - if ((s = strstr(tmp_c, "content-length:"))) { - if ((s2 = memchr(s, '\n', tmp_c + l - s))) { - int b = tmp_c + l - 1 - s2; - memmove(tmp, tmp + (s2 + 1 - tmp_c), b); - memmove(tmp_c, s2 + 1, b); - - } else { - tmp[s - tmp_c] = *s = '\0'; - } - l = strlen(tmp_c); - } - if ((s = strstr(tmp_c, "content-type:"))) { - if ((s2 = memchr(s, '\n', tmp_c + l - s))) { - memmove(tmp, tmp + (s2 + 1 - tmp_c), tmp_c + l - 1 - s2); - } else { - tmp[s - tmp_c] = '\0'; - } - } - - efree(tmp_c); - tmp_c = php_trim(tmp, strlen(tmp), NULL, 0, NULL, 3 TSRMLS_CC); - efree(tmp); - tmp = tmp_c; - } - user_headers = estrdup(tmp); /* Make lowercase for easy comparison against 'standard' headers */ php_strtolower(tmp, strlen(tmp)); + + if (!header_init) { + /* strip POST headers on redirect */ + strip_header(user_headers, tmp, "content-length:"); + strip_header(user_headers, tmp, "content-type:"); + } + if ((s = strstr(tmp, "user-agent:")) && (s == tmp || *(s-1) == '\r' || *(s-1) == '\n' || *(s-1) == '\t' || *(s-1) == ' ')) { diff --git a/ext/standard/tests/http/bug61548.phpt b/ext/standard/tests/http/bug61548.phpt new file mode 100644 index 00000000000..138b15a338c --- /dev/null +++ b/ext/standard/tests/http/bug61548.phpt @@ -0,0 +1,118 @@ +--TEST-- +Bug #61548 (content-type must appear at the end of headers) +--INI-- +allow_url_fopen=1 +--SKIPIF-- + +--FILE-- + [ + 'method' => 'POST', + 'header' => $header, + 'follow_location' => true, + ], + ]; + + $ctx = stream_context_create($options); + + $responses = [ + "data://text/plain,HTTP/1.1 201\r\nLocation: /foo\r\n\r\n", + "data://text/plain,HTTP/1.1 200\r\nConnection: close\r\n\r\n", + ]; + $pid = http_server('tcp://127.0.0.1:12342', $responses, $output); + + $fd = fopen('http://127.0.0.1:12342/', 'rb', false, $ctx); + fseek($output, 0, SEEK_SET); + echo stream_get_contents($output); + + http_server_kill($pid); +} + +do_test("First:1\nSecond:2\nContent-type: text/plain"); +do_test("First:1\nSecond:2\nContent-type: text/plain\n"); +do_test("First:1\nSecond:2\nContent-type: text/plain\nThird:"); +do_test("First:1\nContent-type:text/plain\nSecond:2"); +do_test("First:1\nContent-type:text/plain\nSecond:2\n"); +do_test("First:1\nContent-type:text/plain\nSecond:2\nThird:"); + +?> +Done +--EXPECT-- +POST / HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Second:2 +Content-type: text/plain + +GET /foo HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Second:2 + + +POST / HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Second:2 +Content-type: text/plain + +GET /foo HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Second:2 + + +POST / HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Second:2 +Content-type: text/plain +Third: + +GET /foo HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Second:2 +Third: + +POST / HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Content-type:text/plain +Second:2 + +GET /foo HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Second:2 + +POST / HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Content-type:text/plain +Second:2 + +GET /foo HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Second:2 + +POST / HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Content-type:text/plain +Second:2 +Third: + +GET /foo HTTP/1.0 +Host: 127.0.0.1:12342 +First:1 +Second:2 +Third: + +Done + diff --git a/sapi/cgi/cgi_main.c b/sapi/cgi/cgi_main.c index 4f3d5040e1b..4c78fcafec0 100644 --- a/sapi/cgi/cgi_main.c +++ b/sapi/cgi/cgi_main.c @@ -154,7 +154,6 @@ static const opt_struct OPTIONS[] = { {'?', 0, "usage"},/* help alias (both '?' and 'usage') */ {'v', 0, "version"}, {'z', 1, "zend-extension"}, - {'W', 1, "warmup"}, {'T', 1, "timing"}, {'-', 0, NULL} /* end of args */ }; @@ -1755,7 +1754,6 @@ int main(int argc, char *argv[]) int fcgi_fd = 0; fcgi_request *request = NULL; int repeats = 1; - int warmup_repeats = 0; int benchmark = 0; #if HAVE_GETTIMEOFDAY struct timeval start, end; @@ -2105,9 +2103,6 @@ consult the installation file that came with this distribution, or visit \n\ time(&start); #endif break; - case 'W': - warmup_repeats = atoi(php_optarg); - break; case 'h': case '?': if (request) { @@ -2521,24 +2516,12 @@ fastcgi_request_done: if (!fastcgi) { if (benchmark) { - if (warmup_repeats) { - warmup_repeats--; - if (!warmup_repeats) { -#ifdef HAVE_GETTIMEOFDAY - gettimeofday(&start, NULL); -#else - time(&start); -#endif - } + repeats--; + if (repeats > 0) { + script_file = NULL; + php_optind = orig_optind; + php_optarg = orig_optarg; continue; - } else { - repeats--; - if (repeats > 0) { - script_file = NULL; - php_optind = orig_optind; - php_optarg = orig_optarg; - continue; - } } } break;