php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #52162 for NSAPI module, custom request header variables with numbers are removed
Submitted: 2010-06-23 19:02 UTC Modified: 2015-06-29 09:05 UTC
From: srinatar@php.net Assigned: thetaphi (profile)
Status: Closed Package: iPlanet related
PHP Version: 5.3.2 OS: Linux
Private report: No CVE-ID: None
 [2010-06-23 19:02 UTC] srinatar@php.net
Description:
------------
for example, if u try to request print-header.php (which contains the following)

<?
  print "\nContents of \$_SERVER:\n";
  foreach ($_SERVER as $k => $v) {
     print "   $k = $v\n";
  }
  print "</pre>\n";
?>


by doing some thing like
$ telnet localhost 80
Trying 192.168.20.126...
Connected to s10u7x.
Escape character is '^]'.
GET /print-header.php HTTP/1.0
X-T3crawler: foobar

u get output as 
HTTP_X_T_CRAWLER = foobar -> unexpected result

what do u expect is 

HTTP_X_T3_CRAWLER = foobar -> expected result

Expected result:
----------------
HTTP_X_T3_CRAWLER = foobar -> expected result

Actual result:
--------------
u get output as 
HTTP_X_T_CRAWLER = foobar -> unexpected result


Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-06-23 20:04 UTC] srinatar@php.net
here is the suggested patch to address this issue


[sn123202@mbelshe]'PHP_5_3'>svn diff sapi/nsapi/nsapi.c 
Index: sapi/nsapi/nsapi.c
===================================================================
--- sapi/nsapi/nsapi.c  (revision 300702)
+++ sapi/nsapi/nsapi.c  (working copy)
@@ -687,7 +687,7 @@
                                if (value) {
                                        for(p = value + pos; *p; p++) {
                                                *p = toupper(*p);
-                                               if (*p < 'A' || *p > 'Z') {
+                                               if (!isalnum(*p)) {
                                                        *p = '_';
                                                }
                                        }


if no one has any issues, i can commit this patch..
 [2010-06-23 20:06 UTC] srinatar@php.net
-Summary: custom request header variables with numbers are removed +Summary: for NSAPI module, custom request header variables with numbers are removed
 [2010-06-23 20:06 UTC] srinatar@php.net
mark the bug as specific to a given SAPI only.
 [2010-06-23 20:28 UTC] thetaphi@php.net
-Assigned To: +Assigned To: thetaphi
 [2010-06-23 20:28 UTC] thetaphi@php.net
I will fix that! Thanks for reporting. Uwe
 [2010-06-23 20:30 UTC] thetaphi@php.net
I think this problem also affects other SAPIs that parse headers to ENV-style variables? I will scan other sapis and fix their code, too, if needed.
 [2010-06-23 21:06 UTC] srinatar@php.net
Automatic comment from SVN on behalf of srinatar
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=300707
Log: - Fixed bug #52162 (custom request header variables with numbers are removed)
 [2010-06-23 21:41 UTC] thetaphi@php.net
From the CGI/1.1 spec in RFC3875:
   Meta-variables with names beginning with "HTTP_" contain values read
   from the client request header fields, if the protocol used is HTTP.
   The HTTP header field name is converted to upper case, has all
   occurrences of "-" replaced with "_" and has "HTTP_" prepended to
   give the meta-variable name.  The header data can be presented as
   sent by the client, or can be rewritten in ways which do not change
   its semantics.  If multiple header fields with the same field-name
   are received then the server MUST rewrite them as a single value
   having the same semantics.  Similarly, a header field that spans
   multiple lines MUST be merged onto a single line.  The server MUST,
   if necessary, change the representation of the data (for example,
   the character set) to be appropriate for a CGI meta-variable.

So I tend to remove the check explicitely and only specifically handle the "-" character as described in the specs.
 [2015-06-29 09:05 UTC] thetaphi@php.net
-Status: Assigned +Status: Closed
 [2015-06-29 09:05 UTC] thetaphi@php.net
The fix for this bug has been committed.

Snapshots of the sources are packaged every three hours; this change
will be in the next snapshot. You can grab the snapshot at
http://snaps.php.net/.

 For Windows:

http://windows.php.net/snapshots/
 
Thank you for the report, and for helping us make PHP better.

This was already fixed. The remaining change will not be done anymore, as the NSAPI module was retired for PHP 7.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Dec 30 14:01:28 2024 UTC