PHP :: Bug #60054 :: get_headers() Redirect ../../ error

[2011-10-13 15:18 UTC] greenrover33 at gmail dot com

Description:
------------
When i open with: get_headers() 
http://www.zebis.ch/Unterricht/Fach/Unterrichtsmaterialien/dateizeigen.php?id=4070&vz=ME4gDDrhrBwBKVWwrrubqqAFR9r4Hv&file=symmetrien.doc

I got 302 Found
Location => ../../schublade/ME4gDDrhrBwBKVWwrrubqqAFR9r4Hv/docs/symmetrien.doc

PHP try open:
GET /Unterricht/Fach/Unterrichtsmaterialien//../../schublade/ME4gDDrhrBwBKVWwrrubqqAFR9r4Hv/docs/symmetrien.doc

But it should be:
GET /Unterricht/schublade/ME4gDDrhrBwBKVWwrrubqqAFR9r4Hv/docs/symmetrien.doc

Browsers can handle that (ie, ff, chrome)

this means:
get_headers()  dont execute ../ like browser will do.



Test script:
---------------
<?PHP 
$url = 'http://www.zebis.ch/Unterricht/Fach/Unterrichtsmaterialien/dateizeigen.php?id=4070&vz=ME4gDDrhrBwBKVWwrrubqqAFR9r4Hv&file=symmetrien.doc';
$headers = get_headers($url, 1);
print_r($headers);


Expected result:
----------------
GET /Unterricht/schublade/ME4gDDrhrBwBKVWwrrubqqAFR9r4Hv/docs/symmetrien.doc


Actual result:
--------------
GET /Unterricht/Fach/Unterrichtsmaterialien//../../schublade/ME4gDDrhrBwBKVWwrrubqqAFR9r4Hv/docs/symmetrien.doc

[2011-11-29 13:33 UTC] iliaa@php.net

-Status: Open +Status: Feedback

[2011-11-29 13:33 UTC] iliaa@php.net

Please try using this snapshot:

  http://snaps.php.net/php5.3-latest.tar.gz
 
For Windows:

  http://windows.php.net/snapshots/

With newer version of PHP I get the following, expected output:


Array
(
    [0] => HTTP/1.1 302 Found
    [Date] => Array
        (
            [0] => Tue, 29 Nov 2011 13:32:43 GMT
            [1] => Tue, 29 Nov 2011 13:32:43 GMT
        )

    [Server] => Array
        (
            [0] => Apache
            [1] => Apache
        )

    [X-Powered-By] => PHP/5.2.9
    [Set-Cookie] => Array
        (
            [0] => PHPSESSID=40ca678b4b35ce5370d0d3ae68739e9e; path=/
            [1] => aktiviert=1322573563; expires=Sat, 16-Jun-2012 13:32:43 GMT; 
path=/
        )

    [Expires] => Thu, 19 Nov 1981 08:52:00 GMT
    [Cache-Control] => no-store, no-cache, must-revalidate, post-check=0, pre-
check=0
    [Pragma] => no-cache
    [location] => 
http://www.zebis.ch/Unterricht/schublade/ME4gDDrhrBwBKVWwrrubqqAFR9r4Hv/docs/sym
metrien.doc
    [Connection] => Array
        (
            [0] => close
            [1] => close
        )

    [Content-Type] => Array
        (
            [0] => text/html; charset=ISO-8859-1
            [1] => application/msword
        )

    [Content-Language] => Array
        (
            [0] => de
            [1] => de
        )

    [1] => HTTP/1.1 200 OK
    [Last-Modified] => Thu, 12 Nov 2009 09:48:20 GMT
    [ETag] => "6101f5-53600-47829717f4100"
    [Accept-Ranges] => bytes
    [Content-Length] => 341504
)

[2013-02-18 00:35 UTC] php-bugs at lists dot php dot net

No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Open". Thank you.

[2013-02-18 04:49 UTC] greenrover33 at gmail dot com

The problem does still exist.

Here i provide the test againe:

http://www.file-upload.net/download-7225004/tests_60054.zip.html


Download, unzip and run  test.php  (with a browser)

To validate open:  a/b/redirect.php  (with a browser)

Hope that will helps to reproduce.

Patches

Pull Requests

History

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Tue Apr 16 10:01:29 2024 UTC