PHP :: Bug #58962 :: Redirect URL corrupted

Bug #58962	Redirect URL corrupted
Submitted:	2009-11-24 12:42 UTC	Modified:	2009-11-26 21:45 UTC
From:	steve at rocketmobile dot com	Assigned:	datibbaw (profile)
Status:	Closed	Package:	oauth (PECL)
PHP Version:	5.1.6	OS:	Linux 2.6.18-164.el5
Private report:	No	CVE-ID:	None

View Developer Edit

[2009-11-24 12:42 UTC] steve at rocketmobile dot com

I have an issue with an OAuth::fetch() call for a host that sends a
redirect (twice).  OAuth intercepts the first redirect and sends another
GET.  The host sends a second redirect.  OAuth intercepts the redirect
and sends another GET, but this time there is extraneous data (looks
like there was no NULL termination of the second redirect URL when
constructing the response).

I noticed in the ChangeLog:

0.99.5 - Added support for multiple protocols (Tjerk Meesters)
- Signature generation fix for quoted values
- Added disableSSLChecks and enableSSLChecks (enabled by default)
- Added support for following and signing redirects

Reproduce code:
---------------
$rc = $oa->fetch($url, NULL, OAUTH_HTTP_METHOD_GET, $hdrs);

See trace below

Expected result:
----------------
On second redirect, it should have been

GET /p.p?p=0911060000018859362900 HTTP/1.1
Host: ota.example.com

instead it sent

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2009-11-26 21:45 UTC] datibbaw@php.net

This bug has been fixed in CVS.

In case this was a documentation problem, the fix will show up at the
end of next Sunday (CET) on pecl.php.net.

In case this was a pecl.php.net website problem, the change will show
up on the website in short time.
 
Thank you for the report, and for helping us make PECL better.

Fixed in SVN (trunk, rev: 291334)

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Fri May 09 08:01:35 2025 UTC