Ticket #7224 (closed enhancement: duplicate)

Opened 5 months ago

Last modified 2 months ago

wp_get_http, discover_pingback_server_uri does not consider HTTP chuck format

Reported by: lilyfan Assigned to: jacobsantos
Priority: normal Milestone:
Component: General Version: 2.6
Severity: major Keywords:
Cc:

Description

wp_get_http() at wp-includes/functions.php, discover_pingback_server_uri() at wp-includes/comment.php speaks HTTP with fcoskopen(), fputs(), fgets(), fread(). But, thease codes does not consider HTTP chunk format. If the server returns chunk format, received data will be malformed. The chunk format is described in http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html

To handle chunk format, check Transfer-Encoding field in HTTP header, and read chunk-size and the content.

Attachments

pingback.patch (355 bytes) - added by lilyfan on 07/02/08 14:26:12.
Patch for discover_pingback_server_uri()
pingback.diff (355 bytes) - added by lilyfan on 07/02/08 14:28:08.
Patch for discover_pingback_server_uri()

Change History

07/02/08 14:26:12 changed by lilyfan

  • attachment pingback.patch added.

Patch for discover_pingback_server_uri()

07/02/08 14:28:08 changed by lilyfan

  • attachment pingback.diff added.

Patch for discover_pingback_server_uri()

07/03/08 18:57:24 changed by santosj

HTTP/1.0 does not understand chunked-encoding, therefore, should not accept the header and ignore it. If it is received, then the standard states that we must send a 501 response back.

07/03/08 18:57:31 changed by santosj

  • type changed from defect to enhancement.

07/04/08 00:19:10 changed by DD32

HTTP/1.0 does not understand chunked-encoding

The function in question should be set to use 1.0, I believe the function in question uses HTTP/1.1, which is probably the reason the server is returning that content type.

07/15/08 04:59:12 changed by lilyfan

  • milestone changed from 2.9 to 2.7.

07/15/08 12:38:43 changed by jacobsantos

  • owner changed from anonymous to jacobsantos.

07/15/08 12:38:47 changed by jacobsantos

  • status changed from new to assigned.

07/15/08 12:39:27 changed by jacobsantos

I think the easiest way to fix this problem is to use HTTP 1.0 instead.

08/13/08 19:49:04 changed by santosj

This can use the new HTTP API WP_Http method for decoding chunked transfer-encoding messages. I'm not sure if the team wants to convert those functions over to the new HTTP API yet. I think the HTTP API is stable enough, but there does seem to still be problems.

09/25/08 23:15:42 changed by jacobsantos

  • keywords deleted.
  • status changed from assigned to closed.
  • resolution set to duplicate.
  • milestone deleted.

Superceded by #7793.