char buf[SAPI_CGI_MAX_HEADER_LENGTH];
sapi_header_struct *h;
zend_llist_position pos;
+ zend_bool ignore_status = 0;
if (SG(request_info).no_headers == 1) {
return SAPI_HEADER_SENT_SUCCESSFULLY;
if (!has_status) {
PHPWRITE_H(buf, len);
+ ignore_status = 1;
}
}
while (h) {
/* prevent CRLFCRLF */
if (h->header_len) {
- PHPWRITE_H(h->header, h->header_len);
- PHPWRITE_H("\r\n", 2);
+ if (h->header_len > sizeof("Status:")-1 &&
+ strncasecmp(h->header, "Status:", sizeof("Status:")-1) == 0) {
+ if (!ignore_status) {
+ ignore_status = 1;
+ PHPWRITE_H(h->header, h->header_len);
+ PHPWRITE_H("\r\n", 2);
+ }
+ } else {
+ PHPWRITE_H(h->header, h->header_len);
+ PHPWRITE_H("\r\n", 2);
+ }
}
h = (sapi_header_struct*)zend_llist_get_next_ex(&sapi_headers->headers, &pos);
}
--- /dev/null
+--TEST--
+Bug #45860 (header() function fails to correctly replace all Status lines)
+--SKIPIF--
+<?php include "skipif.inc"; ?>
+--FILE--
+<?php
+
+include "include.inc";
+
+$php = get_cgi_path();
+reset_env_vars();
+
+$f = tempnam(sys_get_temp_dir(), 'cgitest');
+
+putenv("TRANSLATED_PATH=".$f."/x");
+putenv("SCRIPT_FILENAME=".$f."/x");
+file_put_contents($f, '<?php
+header("HTTP/1.1 403 Forbidden");
+header("Status: 403 Also Forbidden");
+?>');
+
+echo (`$php -n $f`);
+
+file_put_contents($f, '<?php
+header("HTTP/1.1 403 Forbidden");
+?>');
+
+echo (`$php -n $f`);
+
+file_put_contents($f, '<?php
+header("Status: 403 Also Forbidden");
+?>');
+
+echo (`$php -n $f`);
+
+echo "Done\n";
+
+@unlink($f);
+?>
+--EXPECTF--
+Status: 403 Forbidden
+X-Powered-By: PHP/%s
+Content-type: text/html%s
+
+Status: 403 Forbidden
+X-Powered-By: PHP/%s
+Content-type: text/html%s
+
+X-Powered-By: PHP/%s
+Status: 403 Also Forbidden
+Content-type: text/html%s
+
+Done
projects / php / commitdiff