Handle CLI server request headers case insensitively.

LawnGnome · LawnGnome · commit 3c3b2b5bdc8e · 2013-09-09T16:24:49.000-07:00
Fixes bug #65633 (built-in server treat some http headers as case-sensitive).
diff --git a/NEWS b/NEWS
@@ -2,6 +2,10 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2013, PHP 5.4.21
 
+- CLI server:
+  . Fixed bug #65633 (built-in server treat some http headers as
+    case-sensitive). (Adam)
+
 ?? ??? 2013, PHP 5.4.20
 
 - Core:
diff --git a/sapi/cli/php_cli_server.c b/sapi/cli/php_cli_server.c
@@ -408,7 +408,7 @@ static void append_essential_headers(smart_str* buffer, php_cli_server_client *c
 {
 	{
 		char **val;
-		if (SUCCESS == zend_hash_find(&client->request.headers, "Host", sizeof("Host"), (void**)&val)) {
+		if (SUCCESS == zend_hash_find(&client->request.headers, "host", sizeof("host"), (void**)&val)) {
 			smart_str_appendl_ex(buffer, "Host", sizeof("Host") - 1, persistent);
 			smart_str_appendl_ex(buffer, ": ", sizeof(": ") - 1, persistent);
 			smart_str_appends_ex(buffer, *val, persistent);
@@ -558,7 +558,7 @@ static char *sapi_cli_server_read_cookies(TSRMLS_D) /* {{{ */
 {
 	php_cli_server_client *client = SG(server_context);
 	char **val;
-	if (FAILURE == zend_hash_find(&client->request.headers, "Cookie", sizeof("Cookie"), (void**)&val)) {
+	if (FAILURE == zend_hash_find(&client->request.headers, "cookie", sizeof("cookie"), (void**)&val)) {
 		return NULL;
 	}
 	return *val;
@@ -1556,12 +1556,9 @@ static int php_cli_server_client_read_request_on_header_value(php_http_parser *p
 		return 1;
 	}
 	{
-		char *header_name = client->current_header_name;
-		size_t header_name_len = client->current_header_name_len;
-		char c = header_name[header_name_len];
-		header_name[header_name_len] = '\0';
-		zend_hash_add(&client->request.headers, header_name, header_name_len + 1, &value, sizeof(char *), NULL);
-		header_name[header_name_len] = c;
+		char *header_name = zend_str_tolower_dup(client->current_header_name, client->current_header_name_len);
+		zend_hash_add(&client->request.headers, header_name, client->current_header_name_len + 1, &value, sizeof(char *), NULL);
+		efree(header_name);
 	}
 
 	if (client->current_header_name_allocated) {
@@ -1719,7 +1716,7 @@ static void php_cli_server_client_populate_request_info(const php_cli_server_cli
 	request_info->post_data = client->request.content;
 	request_info->content_length = request_info->post_data_length = client->request.content_len;
 	request_info->auth_user = request_info->auth_password = request_info->auth_digest = NULL;
-	if (SUCCESS == zend_hash_find(&client->request.headers, "Content-Type", sizeof("Content-Type"), (void**)&val)) {
+	if (SUCCESS == zend_hash_find(&client->request.headers, "content-type", sizeof("content-type"), (void**)&val)) {
 		request_info->content_type = *val;
 	}
 } /* }}} */
@@ -1957,7 +1954,7 @@ static int php_cli_server_begin_send_static(php_cli_server *server, php_cli_serv
 static int php_cli_server_request_startup(php_cli_server *server, php_cli_server_client *client TSRMLS_DC) { /* {{{ */
 	char **auth;
 	php_cli_server_client_populate_request_info(client, &SG(request_info));
-	if (SUCCESS == zend_hash_find(&client->request.headers, "Authorization", sizeof("Authorization"), (void**)&auth)) {
+	if (SUCCESS == zend_hash_find(&client->request.headers, "authorization", sizeof("authorization"), (void**)&auth)) {
 		php_handle_auth_data(*auth TSRMLS_CC);
 	}
 	SG(sapi_headers).http_response_code = 200;
diff --git a/sapi/cli/tests/bug65633.phpt b/sapi/cli/tests/bug65633.phpt
@@ -0,0 +1,48 @@
+--TEST--
+Bug #65633 (built-in server treat some http headers as case-sensitive)
+--SKIPIF--
+<?php
+include "skipif.inc";
+?>
+--FILE--
+<?php
+include "php_cli_server.inc";
+php_cli_server_start(<<<'PHP'
+var_dump($_COOKIE, $_SERVER['HTTP_FOO']);
+PHP
+);
+
+list($host, $port) = explode(':', PHP_CLI_SERVER_ADDRESS);
+$port = intval($port)?:80;
+
+$fp = fsockopen($host, $port, $errno, $errstr, 0.5);
+if (!$fp) {
+  die("connect failed");
+}
+
+if(fwrite($fp, <<<HEADER
+GET / HTTP/1.1
+cookie: foo=bar
+foo: bar
+
+
+HEADER
+)) {
+    while (!feof($fp)) {
+        echo fgets($fp);
+    }
+}
+
+fclose($fp);
+?>
+--EXPECTF--
+HTTP/1.1 200 OK
+Connection: close
+X-Powered-By: %s
+Content-type: text/html
+
+array(1) {
+  ["foo"]=>
+  string(3) "bar"
+}
+string(3) "bar"

Original file line number	Diff line number	Diff line change
`@@ -408,7 +408,7 @@ static void append_essential_headers(smart_str* buffer, php_cli_server_client *c`
`408`	`408`	`{`
`409`	`409`	`{`
`410`	`410`	`char **val;`
`411`		`- if (SUCCESS == zend_hash_find(&client->request.headers, "Host", sizeof("Host"), (void**)&val)) {`
	`411`	`+ if (SUCCESS == zend_hash_find(&client->request.headers, "host", sizeof("host"), (void**)&val)) {`
`412`	`412`	`smart_str_appendl_ex(buffer, "Host", sizeof("Host") - 1, persistent);`
`413`	`413`	`smart_str_appendl_ex(buffer, ": ", sizeof(": ") - 1, persistent);`
`414`	`414`	`smart_str_appends_ex(buffer, *val, persistent);`
`@@ -558,7 +558,7 @@ static char sapi_cli_server_read_cookies(TSRMLS_D) / {{{ */`
`558`	`558`	`{`
`559`	`559`	`php_cli_server_client *client = SG(server_context);`
`560`	`560`	`char **val;`
`561`		`- if (FAILURE == zend_hash_find(&client->request.headers, "Cookie", sizeof("Cookie"), (void**)&val)) {`
	`561`	`+ if (FAILURE == zend_hash_find(&client->request.headers, "cookie", sizeof("cookie"), (void**)&val)) {`
`562`	`562`	`return NULL;`
`563`	`563`	`}`
`564`	`564`	`return *val;`
`@@ -1556,12 +1556,9 @@ static int php_cli_server_client_read_request_on_header_value(php_http_parser *p`
`1556`	`1556`	`return 1;`
`1557`	`1557`	`}`
`1558`	`1558`	`{`
`1559`		`- char *header_name = client->current_header_name;`
`1560`		`- size_t header_name_len = client->current_header_name_len;`
`1561`		`- char c = header_name[header_name_len];`
`1562`		`- header_name[header_name_len] = '\0';`
`1563`		`- zend_hash_add(&client->request.headers, header_name, header_name_len + 1, &value, sizeof(char *), NULL);`
`1564`		`- header_name[header_name_len] = c;`
	`1559`	`+ char *header_name = zend_str_tolower_dup(client->current_header_name, client->current_header_name_len);`
	`1560`	`+ zend_hash_add(&client->request.headers, header_name, client->current_header_name_len + 1, &value, sizeof(char *), NULL);`
	`1561`	`+ efree(header_name);`
`1565`	`1562`	`}`
`1566`	`1563`
`1567`	`1564`	`if (client->current_header_name_allocated) {`
`@@ -1719,7 +1716,7 @@ static void php_cli_server_client_populate_request_info(const php_cli_server_cli`
`1719`	`1716`	`request_info->post_data = client->request.content;`
`1720`	`1717`	`request_info->content_length = request_info->post_data_length = client->request.content_len;`
`1721`	`1718`	`request_info->auth_user = request_info->auth_password = request_info->auth_digest = NULL;`
`1722`		`- if (SUCCESS == zend_hash_find(&client->request.headers, "Content-Type", sizeof("Content-Type"), (void**)&val)) {`
	`1719`	`+ if (SUCCESS == zend_hash_find(&client->request.headers, "content-type", sizeof("content-type"), (void**)&val)) {`
`1723`	`1720`	`request_info->content_type = *val;`
`1724`	`1721`	`}`
`1725`	`1722`	`} /* }}} */`
`@@ -1957,7 +1954,7 @@ static int php_cli_server_begin_send_static(php_cli_server *server, php_cli_serv`
`1957`	`1954`	`static int php_cli_server_request_startup(php_cli_server server, php_cli_server_client client TSRMLS_DC) { /* {{{ */`
`1958`	`1955`	`char **auth;`
`1959`	`1956`	`php_cli_server_client_populate_request_info(client, &SG(request_info));`
`1960`		`- if (SUCCESS == zend_hash_find(&client->request.headers, "Authorization", sizeof("Authorization"), (void**)&auth)) {`
	`1957`	`+ if (SUCCESS == zend_hash_find(&client->request.headers, "authorization", sizeof("authorization"), (void**)&auth)) {`
`1961`	`1958`	`php_handle_auth_data(*auth TSRMLS_CC);`
`1962`	`1959`	`}`
`1963`	`1960`	`SG(sapi_headers).http_response_code = 200;`