php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Doc Bug #66539 [RU] [ZH] http fopen wrapper advises to use header injection via user_agent
Submitted: 2014-01-22 02:43 UTC Modified: 2014-12-26 19:28 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: vovan-ve at yandex dot ru Assigned: irker (profile)
Status: Closed Package: Translation problem
PHP Version: Irrelevant OS:
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If this is not your bug, you can add a comment by following this link.
If this is your bug, but you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: vovan-ve at yandex dot ru
New email:
PHP Version: OS:

 

 [2014-01-22 02:43 UTC] vovan-ve at yandex dot ru 
Description:
------------
Some documentation translations about HTTP fopen wrapper (http://php.net/manual/ru/wrappers.http.php) has Example 2, which advises to use header injection via 'user_agent' ini option:

    ini_set('user_agent', "PHP\r\nX-MyCustomHeader: Foo");

I think, it is not good practice to do such things in official documentation.

Affected translations are Russian and Chinese. Other translations has no Example 2.

Also there are bug reports about injection in user_agent: #52979 and #60668. Its status is "Not a bug". But it IS a bug. But it is another story.

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2014-01-23 17:28 UTC] yannick@php.net
-Summary: [ru,zh] http fopen wrapper advises to use header injection via user_agent +Summary: [RU] [ZH] http fopen wrapper advises to use header injection via user_agent
 [2014-12-26 19:28 UTC] irker@php.net
-Status: Open +Status: Closed -Assigned To: +Assigned To: irker
 [2014-12-26 19:28 UTC] irker@php.net 
This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation better.
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved. 		Last updated: Mon Apr 29 17:01:29 2024 UTC