php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #59672 String 'Location: ' removed from HTTP-Response Header
Submitted: 2011-03-18 10:01 UTC Modified: 2011-05-31 05:26 UTC
Votes:3
Avg. Score:5.0 ± 0.0
Reproduced:3 of 3 (100.0%)
Same Version:2 (66.7%)
Same OS:1 (33.3%)
From: matheis dot stefan at googlemail dot com Assigned:
Status: Open Package: oauth (PECL)
PHP Version: 5.3.2 OS: Ubuntu 10.04.1 LTS
Private report: No CVE-ID: None
 [2011-03-18 10:01 UTC] matheis dot stefan at googlemail dot com
Description:
------------
After creating an OAuth-Instance, executing an POST-Request, i 
checked the (raw) HTTP-Headers [see attached Response].

On the last line the 'Location: ' Part is removed.

(OAuth-Ext, source version: $Id: oauth.c 307506 2011-01-16 
00:44:43Z felipe $)

Reproduce code:
---------------
$oauth = new OAuth('CONSUMER', 'PASSWORD', OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_FORM);
$oauth->setRequestEngine(OAUTH_REQENGINE_CURL);
$oauth->setVersion('1.0a');
$oauth->enableSSLChecks();
$oauth->enableDebug();
$oauth->setAuthType();

$oauth->fetch('https://oauth-endpoint/statusMessage', array('statusMessage' => 'TEST'), OAUTH_HTTP_METHOD_POST);
var_dump($oauth->getLastResponseInfo());

Expected result:
----------------
array(21) {
  // ...
  ["headers_recv"]=>
  string(587) "HTTP/1.1 201 Created
Server: nginx/0.7.67
Date: Fri, 18 Mar 2011 14:46:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.2-1ubuntu4.2
Set-Cookie: K=jioyhz7sPry9MOwCP5foEbCDvp8; expires=Fri, 18-
Mar-2011 15:46:45 GMT; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-
check=0, pre-check=0
Pragma: no-cache
Set-Cookie: K=jioyhz7sPry9MOwCP5foEbCDvp8; expires=Fri, 18-
Mar-2011 15:46:45 GMT; path=/; httponly
Location: /redirect-url
"
}


Actual result:
--------------
array(21) {
  // ...
  ["headers_recv"]=>
  string(587) "HTTP/1.1 201 Created
Server: nginx/0.7.67
Date: Fri, 18 Mar 2011 14:46:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.2-1ubuntu4.2
Set-Cookie: K=jioyhz7sPry9MOwCP5foEbCDvp8; expires=Fri, 18-
Mar-2011 15:46:45 GMT; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-
check=0, pre-check=0
Pragma: no-cache
Set-Cookie: K=jioyhz7sPry9MOwCP5foEbCDvp8; expires=Fri, 18-
Mar-2011 15:46:45 GMT; path=/; httponly
/redirect-url
"
}

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2011-03-18 10:21 UTC] matheis dot stefan at googlemail dot com
The Bug is also valid, while setting $oauth-
>disableRedirects().
 [2011-03-18 11:28 UTC] jawed@php.net
Can you try trunk? Can you also please let us know whether you are using 
the cURL or streams request engine?

- JJ
 [2011-03-18 12:02 UTC] matheis dot stefan at googlemail dot com
i made the request using curl as request-engine. also i 
updated to trunk ($Id: oauth.c 308838 2011-03-02 03:59:38Z 
jawed $) and the issue is still existing
 [2011-03-29 06:38 UTC] matheis dot stefan at googlemail dot com
jawed, any progress on this issue? need further information? 
updating again seems useless, since there are no new commits 
:)
 [2011-03-29 10:32 UTC] jawed@php.net
I'll look at this ASAP.

- JJ
 [2011-03-29 10:45 UTC] jawed@php.net
matheis, can you share the full output of var_dump($oauth-
>getLastResponseInfo()) ... the Location header should be in "redirect_url".

- JJ
 [2011-03-29 10:53 UTC] matheis dot stefan at googlemail dot com
jawed, there you go:

array(21) {
  ["http_code"]=>
  int(201)
  ["content_type"]=>
  string(9) "text/html"
  ["url"]=>
  string(27) "https://host/requested/path"
  ["header_size"]=>
  int(599)
  ["request_size"]=>
  int(799)
  ["filetime"]=>
  int(-1)
  ["ssl_verify_result"]=>
  int(0)
  ["redirect_count"]=>
  int(0)
  ["total_time"]=>
  float(11.496584)
  ["namelookup_time"]=>
  float(10.310927)
  ["connect_time"]=>
  float(10.448256)
  ["pretransfer_time"]=>
  float(10.911969)
  ["size_upload"]=>
  float(592)
  ["size_download"]=>
  float(0)
  ["speed_download"]=>
  float(0)
  ["speed_upload"]=>
  float(51)
  ["download_content_length"]=>
  float(-1)
  ["upload_content_length"]=>
  float(0)
  ["starttransfer_time"]=>
  float(11.496518)
  ["redirect_time"]=>
  float(0)
  ["headers_recv"]=>
  string(587) "HTTP/1.1 201 Created
Server: nginx/0.7.67
Date: Tue, 29 Mar 2011 15:50:17 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.2-1ubuntu4.2
Set-Cookie: K=%2CwUnuTt3k4YYOdAvudUc-1bAGl0; expires=Tue, 29-Mar-2011 16:50:17 GMT; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: K=%2CwUnuTt3k4YYOdAvudUc-1bAGl0; expires=Tue, 29-Mar-2011 16:50:17 GMT; path=/; httponly
/go/and/do/a/redirect/to/this/location
"
}

short note: 'url' and 'headers_recv' are modified (masking the urls & paths) so the var_dump() strlen 
count's are no longer correct, but that should not matter.
 [2011-04-05 12:27 UTC] matheis dot stefan at googlemail dot com
jawed, was the full output helpful? if you'll need additional 
information, please let me know.
 [2011-04-28 04:56 UTC] matheis dot stefan at googlemail dot com
any progress on this issue?
 [2011-05-28 12:41 UTC] jawed@php.net
Can you trunk?

- JJ
 [2011-05-31 05:26 UTC] matheis dot stefan at googlemail dot com
jawed, now we have the location in "headers_recv" but still 
no "location" nor "redirect_url":

array(21) {
  ["http_code"]=>
  int(201)
  ["content_type"]=>
  string(9) "text/html"
  ["url"]=>
  string(78) "https://host/requested/path"
  ["header_size"]=>
  int(595)
  ["request_size"]=>
  int(806)
  ["filetime"]=>
  int(-1)
  ["ssl_verify_result"]=>
  int(0)
  ["redirect_count"]=>
  int(0)
  ["total_time"]=>
  float(10.529923)
  ["namelookup_time"]=>
  float(10.094448)
  ["connect_time"]=>
  float(10.101692)
  ["pretransfer_time"]=>
  float(10.179523)
  ["size_upload"]=>
  float(591)
  ["size_download"]=>
  float(0)
  ["speed_download"]=>
  float(0)
  ["speed_upload"]=>
  float(56)
  ["download_content_length"]=>
  float(-1)
  ["upload_content_length"]=>
  float(0)
  ["starttransfer_time"]=>
  float(10.529863)
  ["redirect_time"]=>
  float(0)
  ["headers_recv"]=>
  string(593) "HTTP/1.1 201 Created
Server: nginx/0.7.67
Date: Tue, 31 May 2011 09:20:42 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.2-1ubuntu4.9
Set-Cookie: K=jPMCBG4VxfLJnOgQob-s667Ayna; expires=Tue, 31-
May-2011 10:20:41 GMT; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-
check=0, pre-check=0
Pragma: no-cache
Set-Cookie: K=jPMCBG4VxfLJnOgQob-s667Ayna; expires=Tue, 31-
May-2011 10:20:41 GMT; path=/; httponly
Location: /go/and/do/a/redirect/to/this/location
"
}

Used Version: $Id: oauth.c 311533 2011-05-28 16:48:54Z jawed 
$
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Nov 21 23:01:29 2024 UTC