php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #48602 curl doesn't correct proxy authentication header
Submitted: 2009-06-19 11:04 UTC Modified: 2009-06-26 11:56 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: garakkio at gmail dot com Assigned:
Status: Not a bug Package: cURL related
PHP Version: 5.2.10 OS: Debian Lenny
Private report: No CVE-ID: None
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: garakkio at gmail dot com
New email:
PHP Version: OS:

 

 [2009-06-19 11:04 UTC] garakkio at gmail dot com
Description:
------------
If you try to get an url via a proxy with authentication, curl sends a "Server auth" header instead of "Proxy Auth", making authentication impossible.
If you try to get the same page using curl binary, the result is the expected one. The curl command corresponding to php reproduce code is:

curl -v -xexample.org:80 -Ufoo:bar -o /dev/null http://www.google.com

Reproduce code:
---------------
<?php

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://php.net');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_PROXY, 'http://example.org:80');
curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_BASIC); 
curl_setopt($ch, CURLOPT_USERPWD, 'foo:bar');
curl_setopt($ch, CURLOPT_VERBOSE, true);
curl_exec($ch);


Expected result:
----------------
* About to connect() to proxy example.org port 80 (#0)
*   Trying 208.77.188.166... * connected
* Connected to example.org (208.77.188.166) port 80 (#0)
* Proxy auth using Basic with user 'foo'
> GET http://php.net HTTP/1.1
Authorization: Basic Zm9vOmJhcg==
Host: php.net
Pragma: no-cache
Accept: */*
Proxy-Connection: Keep-Alive

[...]

Actual result:
--------------
* About to connect() to proxy example.org port 80 (#0)
*   Trying 208.77.188.166... * connected
* Connected to example.org (208.77.188.166) port 80 (#0)
* Server auth using Basic with user 'foo'
> GET http://php.net HTTP/1.1
Authorization: Basic Zm9vOmJhcg==
Host: php.net
Pragma: no-cache
Accept: */*
Proxy-Connection: Keep-Alive

[...]

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-06-25 11:44 UTC] sjoerd-php at linuxonly dot nl
Thank you for your bug report.

Do you try to authenticate to the proxy (example.org) or to the destination server (php.net)? Have you looked at the CURLOPT_PROXYUSERPWD option? In your bug report, the expected result and actual result appear to be the same text. Could you clarify this?
 [2009-06-26 07:22 UTC] garakkio at gmail dot com
Well, the key was exactly CURLOPT_PROXYUSERPWD option.
Using CURLOPT_PROXYUSERPWD, one header is sent differently (the difference between actual and expected result is the Authorization/Proxy-Authorization header (I mistakenly set "Authorization" in expected result).
I'm sorry for this.
I close the ticket.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Mon Oct 14 08:01:27 2024 UTC