MFH: When automatically redirecting an HTTP request, use the GET meth…

…od when the original method was not HEAD or GET (fixes #45540) # # The RFC says that in case of 3xx code, "The action required MAY be # carried out [...] *only if the method used in the second request is GET or # HEAD*". # # This may not break anything as actually POST requests replying # with a Location header never worked as the redirecting request was sent using # the POST method, but without Entity-Body (and without Content-Length header, # which caused the server to reply with a "411 Length Required" or to treat # the request as GET). #
php · Jul 28, 2008 · 0f9026d · 0f9026d
1 parent 49aa0fe
commit 0f9026d
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 4 deletions.
diff --git a/NEWS b/NEWS
@@ -253,6 +253,7 @@ PHP                                                                        NEWS
   prop of wrapped object). (robin_fernandes at uk dot ibm dot com, Arnaud)
 - Fixed bug #45571 (ReflectionClass::export() shows superclasses' private
   static methods). (robin_fernandes at uk dot ibm dot com)
+- Fixed bug #45540 (stream_context_create creates bad http request). (Arnaud)
 - Fixed bug #45430 (windows implementation of crypt is not thread safe).
   (Pierre)
 - Fixed bug #45345 (SPLFileInfo::getPathInfo() returning dir info instead of

diff --git a/ext/standard/http_fopen_wrapper.c b/ext/standard/http_fopen_wrapper.c
@@ -252,10 +252,17 @@ php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper, char *path,
 
 	if (context && php_stream_context_get_option(context, "http", "method", &tmpzval) == SUCCESS) {
 		if (Z_TYPE_PP(tmpzval) == IS_STRING && Z_STRLEN_PP(tmpzval) > 0) {
-			scratch_len = strlen(path) + 29 + Z_STRLEN_PP(tmpzval);
-			scratch = emalloc(scratch_len);
-			strlcpy(scratch, Z_STRVAL_PP(tmpzval), Z_STRLEN_PP(tmpzval) + 1);
-			strcat(scratch, " ");
+			/* As per the RFC, automatically redirected requests MUST NOT use other methods than
+			 * GET and HEAD unless it can be confirmed by the user */
+			if (redirect_max == PHP_URL_REDIRECT_MAX
+				|| (Z_STRLEN_PP(tmpzval) == 3 && memcmp("GET", Z_STRVAL_PP(tmpzval), 3) == 0)
+				|| (Z_STRLEN_PP(tmpzval) == 4 && memcmp("HEAD",Z_STRVAL_PP(tmpzval), 4) == 0)
+			) {
+				scratch_len = strlen(path) + 29 + Z_STRLEN_PP(tmpzval);
+				scratch = emalloc(scratch_len);
+				strlcpy(scratch, Z_STRVAL_PP(tmpzval), Z_STRLEN_PP(tmpzval) + 1);
+				strcat(scratch, " ");
+			}
 		}
 	}