|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2016-05-17 17:20 UTC] Jim dot Nickerson at Gmail dot com
[2021-03-10 13:22 UTC] cmb@php.net
-Status: Open
+Status: Closed
-Assigned To:
+Assigned To: cmb
[2021-03-10 13:22 UTC] cmb@php.net
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Sun Dec 07 15:00:01 2025 UTC |
Description: ------------ headers() sends the header lines out of order. Content-Type: is sent before all others. Test script: --------------- <?php //jim header order test $str = "php version " . phpversion() . "\r\n" . file_get_contents(__FILE__); $dataToSend = htmlspecialchars($str); $HeaderLine = 'Content-Disposition: attachment; filename="helloworld.txt"; modification-date="' . date('r', $mtime) . '";'; header( $HeaderLine ); // Set the length so the browser can set the download timers $HeaderLine = "Content-Length: " . strlen($dataToSend); header( $HeaderLine ); // $HeaderLine = 'Content-Type: application/octet-stream'; header( $HeaderLine ); //with php 5.6 on 1and1 this header is sent first echo $dataToSend; exit(); ?> Expected result: ---------------- Content-Disposition: attachment; filename="helloworld.txt"; modification-Content-Length: 736 Content-Type: application/octet-stream I asked for Content-Disposition: first Content-Type was sent first. In previous versions the sequence was as expected. I will change my code which was sequence dependent to deal with this change. As I read the RFCs the header sequence is not defined. I do not mind if it is different but it would have been kind to mention it. Actual result: -------------- GET /test/jimheaderordertest.php HTTP/1.1 Host: jimnickerson.com Connection: keep-alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 Accept-Encoding: gzip, deflate, sdch Accept-Language: en-US,en;q=0.8 Cookie: __utma=22519968.1492443519.1459950119.1461599126.1462887119.4; __utmz=22519968.1459950119.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); PHPSESSID=2a5ad476d63ffddf1e55afa4f3723f90 HTTP/1.1 200 OK Date: Tue, 17 May 2016 16:29:51 GMT Content-Type: application/octet-stream Content-Length: 736 Connection: keep-alive Keep-Alive: timeout=15 Server: Apache X-Powered-By: PHP/5.6.21 Content-Disposition: attachment; filename="helloworld.txt"; modification-date="Wed, 31 Dec 1969 19:00:00 -0500"; php version 5.6.21 <?php //jim header order test $str = "php version " . phpversion() . "\r\n" . file_get_contents(__FILE__); $dataToSend = htmlspecialchars($str); $HeaderLine = 'Content-Disposition: attachment; filename="helloworld.txt"; modification-date="' . date('r', $mtime) . '";'; header( $HeaderLine ); // Set the length so the browser can set the download timers $HeaderLine = "Content-Length: " . strlen($dataToSend); header( $HeaderLine ); // $HeaderLine = 'Content-Type: application/octet-stream'; header( $HeaderLine ); //with php 5.6 on 1and1 this header is sent first echo $dataToSend; exit(); ?>