php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Bug #49932 Content-Location header is not overwritten
Submitted: 2009-10-20 11:43 UTC Modified: 2009-10-30 01:00 UTC
From: sjoerd-php at linuxonly dot nl Assigned:
Status: No Feedback Package: Apache2 related
PHP Version: 5.2.11 OS: Linux
Private report: No CVE-ID: None
View Developer Edit
 [2009-10-20 11:43 UTC] sjoerd-php at linuxonly dot nl 
Description:
------------
If you access a script by a name other than its filename, it generates a Content-Location HTTP header. For example, if you request '/a' instead of '/a.php', the Content-Location header contains 'a.php'.

If you try to override the Content-Location header in the script, like in the code example below, the response contains two Content-Location headers.

Reproduce code:
---------------
<?php
header('Content-Location: http://www.example.org/a.php');
?>

Expected result:
----------------
One Content-Location header in result:
Content-Location: http://www.example.org/a.php

Actual result:
--------------
Two Content-Location headers in result:
Content-Location: a.php
Content-Location: http://www.example.org/a.php

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2009-10-22 13:44 UTC] jani@php.net 
IIRC, you can only override headers set by PHP itself. I'd guess that header is set by Apache..? You propably should turn off Multiviews..or whatever that was again. What I'm guessing here is that the header is injected after PHP code is run.
 [2009-10-30 01:00 UTC] php-bugs at lists dot php dot net 
No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Thu Mar 27 00:01:30 2025 UTC