php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #52162 for NSAPI module, custom request header variables with numbers are removed
Submitted: 2010-06-23 19:02 UTC Modified: 2011-03-22 09:31 UTC
From: srinatar@php.net Assigned: thetaphi
Status: Assigned Package: iPlanet related
PHP Version: 5.3.2 OS: Linux
Private report: No CVE-ID:
Have you experienced this issue?
Rate the importance of this bug to you:

 [2010-06-23 19:02 UTC] srinatar@php.net
Description:
------------
for example, if u try to request print-header.php (which contains the following)

<?
  print "\nContents of \$_SERVER:\n";
  foreach ($_SERVER as $k => $v) {
     print "   $k = $v\n";
  }
  print "</pre>\n";
?>


by doing some thing like
$ telnet localhost 80
Trying 192.168.20.126...
Connected to s10u7x.
Escape character is '^]'.
GET /print-header.php HTTP/1.0
X-T3crawler: foobar

u get output as 
HTTP_X_T_CRAWLER = foobar -> unexpected result

what do u expect is 

HTTP_X_T3_CRAWLER = foobar -> expected result

Expected result:
----------------
HTTP_X_T3_CRAWLER = foobar -> expected result

Actual result:
--------------
u get output as 
HTTP_X_T_CRAWLER = foobar -> unexpected result


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2010-06-23 20:04 UTC] srinatar@php.net
here is the suggested patch to address this issue


[sn123202@mbelshe]'PHP_5_3'>svn diff sapi/nsapi/nsapi.c 
Index: sapi/nsapi/nsapi.c
===================================================================
--- sapi/nsapi/nsapi.c  (revision 300702)
+++ sapi/nsapi/nsapi.c  (working copy)
@@ -687,7 +687,7 @@
                                if (value) {
                                        for(p = value + pos; *p; p++) {
                                                *p = toupper(*p);
-                                               if (*p < 'A' || *p > 'Z') {
+                                               if (!isalnum(*p)) {
                                                        *p = '_';
                                                }
                                        }


if no one has any issues, i can commit this patch..
 [2010-06-23 20:06 UTC] srinatar@php.net
-Summary: custom request header variables with numbers are removed +Summary: for NSAPI module, custom request header variables with numbers are removed
 [2010-06-23 20:06 UTC] srinatar@php.net
mark the bug as specific to a given SAPI only.
 [2010-06-23 20:28 UTC] thetaphi@php.net
-Assigned To: +Assigned To: thetaphi
 [2010-06-23 20:28 UTC] thetaphi@php.net
I will fix that! Thanks for reporting. Uwe
 [2010-06-23 20:30 UTC] thetaphi@php.net
I think this problem also affects other SAPIs that parse headers to ENV-style variables? I will scan other sapis and fix their code, too, if needed.
 [2010-06-23 21:06 UTC] srinatar@php.net
Automatic comment from SVN on behalf of srinatar
Revision: http://svn.php.net/viewvc/?view=revision&amp;revision=300707
Log: - Fixed bug #52162 (custom request header variables with numbers are removed)
 [2010-06-23 21:41 UTC] thetaphi@php.net
From the CGI/1.1 spec in RFC3875:
   Meta-variables with names beginning with "HTTP_" contain values read
   from the client request header fields, if the protocol used is HTTP.
   The HTTP header field name is converted to upper case, has all
   occurrences of "-" replaced with "_" and has "HTTP_" prepended to
   give the meta-variable name.  The header data can be presented as
   sent by the client, or can be rewritten in ways which do not change
   its semantics.  If multiple header fields with the same field-name
   are received then the server MUST rewrite them as a single value
   having the same semantics.  Similarly, a header field that spans
   multiple lines MUST be merged onto a single line.  The server MUST,
   if necessary, change the representation of the data (for example,
   the character set) to be appropriate for a CGI meta-variable.

So I tend to remove the check explicitely and only specifically handle the "-" character as described in the specs.
 
PHP Copyright © 2001-2014 The PHP Group
All rights reserved.
Last updated: Mon Apr 21 00:02:04 2014 UTC