php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Request #77314 When doing a http-post-request with a redirect, the post-data is not sent again
Submitted: 2018-12-17 20:52 UTC Modified: 2018-12-18 17:45 UTC
Votes:1
Avg. Score:3.0 ± 0.0
Reproduced:0 of 0 (0.0%)
From: cyberbeat at gmx dot de Assigned:
Status: Open Package: *Network Functions
PHP Version: 7.2.13 OS: Opensuse
Private report: No CVE-ID: None
View Add Comment Developer Edit
Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.
(description)
Block user comment
Status: Assign to:
Package:
Bug Type:
Summary:
From: cyberbeat at gmx dot de
New email:
PHP Version: OS:

 

 [2018-12-17 20:52 UTC] cyberbeat at gmx dot de
Description:
------------
I make a post request to an url, and get a redirect (to the https version of the page) as a response. In such case, the post data should be sent again to the https-url. But the post data seems not to be sent in the second request.

With CURL (with follow-location-option) this case is handled as expected.

Test script:
---------------
<?php

$postdata = http_build_query(
    array(
        'var1' => 'some content',
        'var2' => 'doh'
    )
);

$opts = array('http' =>
    array(
        'method'  => 'POST',
        'header'  => 'Content-type: application/x-www-form-urlencoded',
        'content' => $postdata
    )
);

$context = stream_context_create($opts);

$result = file_get_contents('http://example.com/submit.php', false, $context);

?>


Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2018-12-17 20:59 UTC] spam2 at rhsoft dot net
that simply can't work predictable because params in the redirect-url and hidden fields of the previous post request collides - who should win and why and what result would be the outcome?

what when the page redirects to a 3rd party for whatever reason and you submit sensible post data there?
 [2018-12-17 21:19 UTC] requinix@php.net
-Type: Bug +Type: Feature/Change Request
 [2018-12-17 21:19 UTC] requinix@php.net
As far as I know, cURL will not automatically re-POST data to the new URL - you have to opt-into that with the CURLOPT_POSTREDIR flag.
Since the pure PHP version operates at a lower level than what the cURL API provides, the equivalent would be checking the response code and repeating the request with the new location.
 [2018-12-18 17:45 UTC] cyberbeat at gmx dot de
Oh, you are right, I have set CURLOPT_POSTREDIR=7, sorry. But perhaps such an option would make sense for php http contexts, too?
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Thu Mar 28 15:01:29 2024 UTC