diff options
author | Ilia Alshanetsky <iliaa@php.net> | 2006-04-16 16:54:49 +0000 |
---|---|---|
committer | Ilia Alshanetsky <iliaa@php.net> | 2006-04-16 16:54:49 +0000 |
commit | 79d8f014da33ac2f28407311d42fae5583f84acc (patch) | |
tree | 1c53d262874f0c29e67cff4ee8b2b444d5c0dbb2 | |
parent | 29254a477d114a6f61bbd6c23cf89bb3370ec4b2 (diff) | |
download | php-git-79d8f014da33ac2f28407311d42fae5583f84acc.tar.gz |
Fixed bug #37045 (Fixed check for special chars for http redirects).
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | ext/standard/http_fopen_wrapper.c | 9 |
2 files changed, 6 insertions, 4 deletions
@@ -15,6 +15,7 @@ PHP NEWS - Fixed bug #37053 (html_errors with internal classes produces wrong links). (Tony) - Fixed bug #37046 (foreach breaks static scope). (Dmitry) +- Fixed bug #37045 (Fixed check for special chars for http redirects). (Ilia) - Fixed bug #37002 (Have to quote literals in INI when concatenating with vars). (Dmitry) - Fixed bug #36513 (comment will be outputed in last line). (Dmitry) diff --git a/ext/standard/http_fopen_wrapper.c b/ext/standard/http_fopen_wrapper.c index 04231cf6b9..771c9bc20d 100644 --- a/ext/standard/http_fopen_wrapper.c +++ b/ext/standard/http_fopen_wrapper.c @@ -639,10 +639,11 @@ php_stream *php_stream_url_wrap_http_ex(php_stream_wrapper *wrapper, char *path, } \ } \ /* check for control characters in login, password & path */ - CHECK_FOR_CNTRL_CHARS(resource->user) - CHECK_FOR_CNTRL_CHARS(resource->pass) - CHECK_FOR_CNTRL_CHARS(resource->path) - + if (strncasecmp(newpath, "http://", sizeof("http://") - 1) || strncasecmp(newpath, "https://", sizeof("https://") - 1) { + CHECK_FOR_CNTRL_CHARS(resource->user) + CHECK_FOR_CNTRL_CHARS(resource->pass) + CHECK_FOR_CNTRL_CHARS(resource->path) + } stream = php_stream_url_wrap_http_ex(wrapper, new_path, mode, options, opened_path, context, --redirect_max, 0 STREAMS_CC TSRMLS_CC); } else { php_stream_wrapper_log_error(wrapper, options TSRMLS_CC, "HTTP request failed! %s", tmp_line); |