PHP :: Request #51191 :: Request body is 0-size when chunked requests are used
php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #51191 Request body is 0-size when chunked requests are used
Submitted: 2010-03-03 05:55 UTC Modified: 2010-11-24 10:34 UTC
Votes:9
Avg. Score:4.9 ± 0.3
Reproduced:9 of 9 (100.0%)
Same Version:2 (22.2%)
Same OS:2 (22.2%)
From: evert at rooftopsolutions dot nl Assigned:
Status: Open Package: CGI/CLI related
PHP Version: 5.3.1 OS: *
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2010-03-03 05:55 UTC] evert at rooftopsolutions dot nl
Description:
------------
Disclaimer: I'm not 100% sure if this is a PHP-FCGI bug.

When (PUT-) HTTP requests are made and encoded as Transfer-Encoding: Chunked, PHP never receives the request body, e.g.:

echo strlen(fopen('php://input','r')); will yield 0.

Chunked Transfer Encoding is used by the OS/X Finder WebDAV client. It works correctly when mod_php is used, but fails with FastCGI.

Nginx and Lighttpd don't support this at all, and return 411 Length Required, which still sucks, but is better than silently failing.


Test script:
---------------
echo strlen(fopen('php://input','r'));

Expected result:
----------------
size of the request body

Actual result:
--------------
0

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-03-03 10:18 UTC] jani@php.net
-Operating System: Any +Operating System: *
 [2010-08-04 08:05 UTC] jpa at php dot mail dot kapsi dot fi
Here is a test case for the bug, using netcat to send the request:
http://koti.kapsi.fi/~jpa/stuff/other/php-chunked-test.tgz

A simple bash cgi script correctly receives the request, so the problem is with PHP's CGI and FCGI interfaces. Instead of requiring a CONTENT_LENGTH header, PHP should simply read to EOF on stdin when TRANSFER_ENCODING is chunked.
 [2010-08-04 09:14 UTC] evert at rooftopsolutions dot nl
I can confirm this is only happening for CGI and FastCGI.

Nginx and Lighttpd don't seem to support this feature at all, and simply return 411 Length Required, but with Apache the request goes through but PHP ends up with an empty request body.
 [2010-11-24 10:34 UTC] jani@php.net
-Package: Apache2 related +Package: CGI related
 
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Sat Aug 18 22:01:26 2018 UTC