Skip to content

Fix bug #69625 php-fpm return http 200 response without SCRIPT_FILENAME #1270

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 3 commits into from
Closed

Fix bug #69625 php-fpm return http 200 response without SCRIPT_FILENAME #1270

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1791e25
bug fixed . php-fpm return http 200 response on nginx without SCRIPT_…
May 12, 2015
12e0bd9
fix bug #69625 php-fpm return http 200 response on nginx without SCRI…
May 12, 2015
8f20684
reset error level
May 13, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 12 additions & 6 deletions sapi/fpm/fpm/fpm_main.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1836,13 +1836,25 @@ consult the installation file that came with this distribution, or visit \n\
/* check if request_method has been sent.
* if not, it's certainly not an HTTP over fcgi request */
if (!SG(request_info).request_method) {
zend_try {
zlog(ZLOG_ERROR, "SCRIPT_FILENAME env not found in cgi env");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why needs this log?
and actually, maybe it should be 400 (bad request)?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Easy to found problem.
and,I think http 500 is better than 400.because ,this is server's fault.
how do you think?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you should be able to find the info from access log, no needs log here.

I am not sure, but in fpm's side, it's bad request

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you should be able to find the info from access log, no needs log here.

no no no...access log will write less info into log aboout time ,script, http result status. But the bug is that it can't write errors info for system administrator. access log is useless. 😅

I am not sure, but in fpm's side, it's bad request

yep,that is bad request for fpm's side. but this request will return to browser side.
it is server's fault for browser.so I think 500 is suitable request http status.

SG(sapi_headers).http_response_code = 404;
PUTS("method not found.\n");
} zend_catch {
} zend_end_try();
goto fastcgi_request_done;
}

if (fpm_status_handle_request()) {
goto fastcgi_request_done;
}

if (fpm_php_limit_extensions(SG(request_info).path_translated)) {
SG(sapi_headers).http_response_code = 403;
PUTS("Access denied.\n");
goto fastcgi_request_done;
}

/* If path_translated is NULL, terminate here with a 404 */
if (!SG(request_info).path_translated) {
zend_try {
Expand All @@ -1854,12 +1866,6 @@ consult the installation file that came with this distribution, or visit \n\
goto fastcgi_request_done;
}

if (fpm_php_limit_extensions(SG(request_info).path_translated)) {
SG(sapi_headers).http_response_code = 403;
PUTS("Access denied.\n");
goto fastcgi_request_done;
}

/*
* have to duplicate SG(request_info).path_translated to be able to log errrors
* php_fopen_primary_script seems to delete SG(request_info).path_translated on failure
Expand Down