php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

  Showing 1-30 of 171 Show Next 30 Entries »
Bugs for HTTP related
ID# Date Last Modified Type Status PHP Version OS Summary Assigned
81727
(edit)		 2022-08-12 09:44 UTC 2022-09-29 18:57 UTC Sec Bug Closed Irrelevant Any $_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities derick
80449
(edit)		 2020-12-01 08:32 UTC 2020-12-09 12:17 UTC Doc Closed Irrelevant all setcookie doc improvement cmb
80209
(edit)		 2020-10-09 12:58 UTC 2020-10-09 14:34 UTC Doc Closed 7.3.23   setcookie() is not fully RFC 6265 compliant cmb
79699
(edit)		 2020-06-14 19:37 UTC 2020-09-29 06:12 UTC Sec Bug Closed 7.4.7 macOS (but should affect any) PHP parses encoded cookie names so malicious `__Host-` cookies can be sent stas
79265
(edit)		 2020-02-12 16:47 UTC 2021-10-11 12:08 UTC Bug Closed master-Git-2020-02-12 (Git) Linux Improper injection of Host header when using fopen for http requests cmb
78719
(edit)		 2019-10-22 13:36 UTC 2021-02-08 17:24 UTC Bug Closed 7.3.10   fopen() http wrapper silently ignores long Location headers cmb
77612
(edit)		 2019-02-13 12:19 UTC 2019-02-14 09:28 UTC Bug Closed 7.3.2 Debian 9.7/Kernel 4.9.0 setcookie() sets incorrect SameSite header if all of its options filled nikic
76755
(edit)		 2018-08-16 23:01 UTC Not modified Bug Closed Next Minor Version Windows Server 2008 RC2 setcookie does not accept "double" type for expire time  
75981
(edit)		 2018-02-20 01:44 UTC 2018-04-16 16:10 UTC Sec Bug Closed 5.6.33 * stack-buffer-overflow while parsing HTTP response stas
75535
(edit)		 2017-11-17 04:35 UTC 2018-08-03 23:26 UTC Sec Bug Closed 7.2Git-2017-11-17 (Git) Ubuntu 17.04 Inappropriately parsing HTTP response leads to PHP segment fault! nikic
73882
(edit)		 2017-01-06 15:51 UTC 2017-01-08 10:56 UTC Bug Closed 5.6.29   Patch for php_stream_url_wrap_http_ex to support multiple spaces nikic
73805
(edit)		 2016-12-23 04:39 UTC 2021-08-02 15:06 UTC Doc Closed Irrelevant Irrelevant header() may not actually set header  
71719
(edit)		 2016-03-05 20:48 UTC 2016-10-05 06:29 UTC Sec Bug Closed 7.0.4 Linux Buffer overflow in HTTP url parsing functions mike
69364
(edit)		 2015-04-03 07:16 UTC 2015-05-21 05:00 UTC Sec Bug Closed Irrelevant all PHP Multipart/form-data remote dos Vulnerability stas
68978
(edit)		 2015-02-03 10:46 UTC 2015-02-06 04:25 UTC Sec Bug Closed Irrelevant   XSS in header() with Internet Explorer stas
68566
(edit)		 2014-12-08 12:08 UTC 2016-08-17 09:40 UTC Bug Closed 5.6.3   Operation timeouts contain misleading error description mike
67792
(edit)		 2014-08-05 18:50 UTC 2021-04-23 14:13 UTC Bug Closed 5.6Git-2014-08-05 (Git)   HTTP Authorization schema names are treated as case-sensitive cmb
67584
(edit)		 2014-07-07 13:40 UTC 2016-08-17 09:43 UTC Bug Closed 5.4.30 OS X Misleading error in pecl_http 2.0.x mike
67430
(edit)		 2014-06-12 22:59 UTC 2014-06-13 01:19 UTC Bug Closed 5.4.29 Irrelevant http:// wrapper doesn't follow 308 redirects aharvey
67428
(edit)		 2014-06-12 22:55 UTC 2014-06-13 00:43 UTC Bug Closed 5.4.29 Irrelevant header('Location: foo') will override a 308-399 response code aharvey
67137
(edit)		 2014-04-27 18:35 UTC 2014-07-14 20:48 UTC Bug Closed 5.4.27 Slackware 14.1 get_meta_tags() segmentation faults  
67131
(edit)		 2014-04-25 05:11 UTC 2015-08-24 20:58 UTC Bug Closed 5.5.11 Ubuntu 14.04 x64 setcookie() conditional for empty values not met cmb
66935
(edit)		 2014-03-19 20:26 UTC 2016-08-17 09:49 UTC Doc Closed 5.5.10 FreeBSD 9.2 documentation reflects of a version that is no longer available. mike
66418
(edit)		 2014-01-05 15:30 UTC 2014-01-07 12:02 UTC Bug Closed 5.5.7 Linux Segmentation fault while header_register_callback krakjoe
65634
(edit)		 2013-09-08 16:27 UTC 2013-09-11 21:17 UTC Bug Closed 5.5.3 Ubuntu 12.04 x64 HTTP wrapper is very slow with protocol_version 1.1 aharvey
63338
(edit)		 2012-10-23 08:50 UTC 2013-10-02 09:21 UTC Bug Closed 5.4.8 all php_stream_url_wrap_http_ex() function mike
61948
(edit)		 2012-05-05 06:05 UTC 2012-05-05 16:55 UTC Bug Closed 5.4.2 Ubuntu Server 12.04 CURLOPT_COOKIEFILE '' raises open_basedir restriction laruence
61605
(edit)		 2012-04-02 23:20 UTC 2012-04-04 08:44 UTC Bug Closed 5.4.0   header_remove() does not remove all headers laruence
61548
(edit)		 2012-03-28 22:14 UTC Not modified Bug Closed 5.3.10 linux content-type must appear at the end of headers for 201 Location to work in http  
60227
(edit)		 2011-11-06 07:04 UTC 2011-11-06 11:19 UTC Bug Closed trunk-SVN-2011-11-06 (SVN) Ubuntu Linux 11.10 header() cannot detect the multi-line header with CR(0x0D). hirokawa
  Showing 1-30 of 171 Show Next 30 Entries »
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Mon May 19 11:01:27 2025 UTC