php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #27345 Status header with PHP CGI
Submitted: 2004-02-22 05:10 UTC Modified: 2004-04-08 11:10 UTC
From: php_bugs at ecora dot de Assigned:
Status: Not a bug Package: CGI/CLI related
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Developer Edit
 [2004-02-22 05:10 UTC] php_bugs at ecora dot de 
Description:
------------
Hi,

<Documentation>
header("HTTP/1.0 404 Not Found");
[...]
Note: In PHP 3, this only works when PHP is compiled as an Apache module. You can achieve the same effect using the Status header. 
header("Status: 404 Not Found");
</Documentation>

IMHO this is not correct. Because the HTTP-status-header (also Content-Type- and Location-Header) is always a server parsed header, when PHP (PHP3, PHP4, PHP5 or also Perl or Python, ...) runs via CGI. 

The official CGI Specification (see http://www.w3.org/CGI/):
http://hoohoo.ncsa.uiuc.edu/cgi/out.html

That means not only in PHP3 also in PHP4 or PHP5: When PHP runs via CGI, then you have to write:
header("Status: 404 Not Found"); instead of header("HTTP/1.0 404 Not Found");




Reproduce code:
---------------
When i try to send a header("HTTP/1.0 404 Not Found"); on my installation (Apache 1.3.29 + PHP 4.2.3 CGI on Linux) then i receive a 500 internal server error

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2004-02-22 05:49 UTC] nlopess@php.net 
I couldn't reproduce this in PHP 5.

header("HTTP/1.0 404 Not Found"); print "Status: 404"

and

header("Status: 404 Not Found"); prints "Status: 404 Not Found"


Can anybody check this in PHP 4?
 [2004-02-22 06:09 UTC] et@php.net 
This is a bug, but not a documentation one.
Both PHP4 and PHP5 just send
"HTTP/1.1 404\r\n"...
when doing header('HTTP/1.0 404 Not found');
which isn't conforming to RFC 2616 (There has to be at least one space after 404). That may cause Webservers to error out. This is definitively a bug. 
I don't think the "reason-phrase" should be discarded at all.
 [2004-02-22 06:11 UTC] et@php.net 
Well, to be correct, PHP just sends "Status: 404\r\n".
 [2004-02-22 09:32 UTC] php_bugs at ecora dot de 
I don't know. Maybe there is also a PHP Bug, but IMHO there is at least a documentation bug. When you send a HTTP-Status-Header via the common gateway interface to the http-server, then you have to write:

Status: ddd string

instead of

HTTP/1.1 ddd string

Please take a look at the CGI-Specification :
http://hoohoo.ncsa.uiuc.edu/cgi/out.html

PARSED HEADERS
The output of scripts begins with a small header. This header consists of text lines, in the same format as an HTTP header, terminated by a blank line (a line with only a linefeed or CR/LF). 
[..]
Status
This is used to give the server an HTTP/1.0 status line to send to the client. The format is nnn xxxxx, where nnn is the 3-digit status code, and xxxxx is the reason string, such as "Forbidden".
 [2004-02-22 15:41 UTC] et@php.net 
Nope, that's simply not true.
It doesn't matter what you pass to header().
What matters is the output created by PHP, and if you use header("HTTP/1.0 404 Foo Bar"); PHP parses that and turns it into a Status: line if you use CGI.
 [2004-02-22 17:35 UTC] edink@php.net 
See cgi.rfc2616_headers php.ini directive.
 [2004-02-22 19:19 UTC] et@php.net 
There's no reason for the CGI sapi cutting of the reason-phrase when creating the Status: line, is there?
The Status: header that it's outputting is invalid.
 [2004-02-23 02:50 UTC] php_bugs at ecora dot de 
> PHP parses that and turns it into a Status: line if you use CGI.

Ok, my mistake. I don't know, that PHP will parse the headers when running via CGI. And because of the 500 Internal server error (see the first posting) i believed that there is a documentation bug.

OK, there is no documentation bug, there is a small PHP bug.

Thank you for your great and very fast support!
 [2004-04-08 11:10 UTC] sniper@php.net 
Something like this was fixed in 4.3.5, AFAICT..and we don't have such PHP version as "Irrelevant"..
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sun Nov 02 01:00:02 2025 UTC