Skip to content

Commit f6ac08c

Browse files
coppolafabnielsdos
coppolafab
authored and
nielsdos
committed
php_cli_server: ensure single date header is present
Currently the PHP Development Server appends a Date header in the response, despite already set from user code. Added a check condition before append the header, and a test file. Closes GH-12363.
1 parent 36a87e6 commit f6ac08c

File tree

3 files changed

+62
-5
lines changed

3 files changed

+62
-5
lines changed

NEWS

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,9 @@ PHP NEWS
1010
. Fixed bug GH-12273 (__builtin_cpu_init check). (Freaky)
1111
. Fixed bug #80092 (ZTS + preload = segfault on shutdown). (nielsdos)
1212

13+
- CLI:
14+
. Ensure a single Date header is present. (coppolafab)
15+
1316
- CType:
1417
. Fixed bug GH-11997 (ctype_alnum 5 times slower in PHP 8.1 or greater).
1518
(nielsdos)

sapi/cli/php_cli_server.c

Lines changed: 20 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -348,18 +348,33 @@ static void append_http_status_line(smart_str *buffer, int protocol_version, int
348348
smart_str_appendl_ex(buffer, "\r\n", 2, persistent);
349349
} /* }}} */
350350

351-
static void append_essential_headers(smart_str* buffer, php_cli_server_client *client, int persistent) /* {{{ */
351+
static void append_essential_headers(smart_str* buffer, php_cli_server_client *client, int persistent, sapi_headers_struct *sapi_headers) /* {{{ */
352352
{
353353
char *val;
354354
struct timeval tv = {0};
355+
bool append_date_header = true;
356+
357+
if (sapi_headers != NULL) {
358+
zend_llist_position pos;
359+
sapi_header_struct *h = (sapi_header_struct*)zend_llist_get_first_ex(&sapi_headers->headers, &pos);
360+
while (h) {
361+
if (h->header_len > strlen("Date:")) {
362+
if (strncasecmp(h->header, "Date:", strlen("Date:")) == 0) {
363+
append_date_header = false;
364+
break;
365+
}
366+
}
367+
h = (sapi_header_struct*)zend_llist_get_next_ex(&sapi_headers->headers, &pos);
368+
}
369+
}
355370

356371
if (NULL != (val = zend_hash_str_find_ptr(&client->request.headers, "host", sizeof("host")-1))) {
357372
smart_str_appends_ex(buffer, "Host: ", persistent);
358373
smart_str_appends_ex(buffer, val, persistent);
359374
smart_str_appends_ex(buffer, "\r\n", persistent);
360375
}
361376

362-
if (!gettimeofday(&tv, NULL)) {
377+
if (append_date_header && !gettimeofday(&tv, NULL)) {
363378
zend_string *dt = php_format_date("D, d M Y H:i:s", sizeof("D, d M Y H:i:s") - 1, tv.tv_sec, 0);
364379
smart_str_appends_ex(buffer, "Date: ", persistent);
365380
smart_str_appends_ex(buffer, dt->val, persistent);
@@ -552,7 +567,7 @@ static int sapi_cli_server_send_headers(sapi_headers_struct *sapi_headers) /* {{
552567
append_http_status_line(&buffer, client->request.protocol_version, SG(sapi_headers).http_response_code, 0);
553568
}
554569

555-
append_essential_headers(&buffer, client, 0);
570+
append_essential_headers(&buffer, client, 0, sapi_headers);
556571

557572
h = (sapi_header_struct*)zend_llist_get_first_ex(&sapi_headers->headers, &pos);
558573
while (h) {
@@ -1997,7 +2012,7 @@ static int php_cli_server_send_error_page(php_cli_server *server, php_cli_server
19972012
/* out of memory */
19982013
goto fail;
19992014
}
2000-
append_essential_headers(&buffer, client, 1);
2015+
append_essential_headers(&buffer, client, 1, NULL);
20012016
smart_str_appends_ex(&buffer, "Content-Type: text/html; charset=UTF-8\r\n", 1);
20022017
smart_str_appends_ex(&buffer, "Content-Length: ", 1);
20032018
smart_str_append_unsigned_ex(&buffer, php_cli_server_buffer_size(&client->content_sender.buffer), 1);
@@ -2093,7 +2108,7 @@ static int php_cli_server_begin_send_static(php_cli_server *server, php_cli_serv
20932108
php_cli_server_log_response(client, 500, NULL);
20942109
return FAILURE;
20952110
}
2096-
append_essential_headers(&buffer, client, 1);
2111+
append_essential_headers(&buffer, client, 1, NULL);
20972112
if (mime_type) {
20982113
smart_str_appendl_ex(&buffer, "Content-Type: ", sizeof("Content-Type: ") - 1, 1);
20992114
smart_str_appends_ex(&buffer, mime_type, 1);

sapi/cli/tests/gh12363.phpt

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
--TEST--
2+
Ensure a single Date header is present
3+
--SKIPIF--
4+
<?php
5+
include "skipif.inc";
6+
?>
7+
--FILE--
8+
<?php
9+
include "php_cli_server.inc";
10+
php_cli_server_start(<<<'PHP'
11+
header('Date: Mon, 25 Mar 1985 00:20:00 GMT');
12+
PHP
13+
);
14+
15+
$host = PHP_CLI_SERVER_HOSTNAME;
16+
$fp = php_cli_server_connect();
17+
18+
if(fwrite($fp, <<<HEADER
19+
GET / HTTP/1.1
20+
Host: {$host}
21+
22+
23+
HEADER
24+
)) {
25+
while (!feof($fp)) {
26+
echo fgets($fp);
27+
}
28+
}
29+
30+
fclose($fp);
31+
?>
32+
--EXPECTF--
33+
HTTP/1.1 200 OK
34+
Host: %s
35+
Connection: close
36+
X-Powered-By: %s
37+
Date: Mon, 25 Mar 1985 00:20:00 GMT
38+
Content-type: text/html; charset=UTF-8
39+

0 commit comments

Comments
 (0)