go to bug id or search bugs for
If an invalid Content-Length header is sent with a request, attempting to read the
request body via file_get_contents('php://input') results in a delay of 10 seconds
while, I assume, a timeout is waited on.
Add a Patch
Add a Pull Request
This is not a bug in PHP, it's a bug in the client that sent the incorrect
> This is not a bug in PHP, it's a bug in the client that sent the incorrect
I would imagine this to be a security vulnerability akin to a slowloris attack. The "client" sending the incorrect header can be malicious.
How do we address this bug?
See here for more info / PoC code http://stackoverflow.com/questions/14295901/php-file-get-contentsphp-input-very-slow