#70 Usage of header() is not HTTP/1.1 compliant

closed
None
5
2006-02-24
2003-01-04
No

Note: HTTP/1.1 requires an absolute URI as argument to
Location: including the scheme, hostname and absolute
path, but some clients accept relative URIs.

data/index.php uses something like:

<?php

//...

header("../index.php");

?>

which is not right ;-)

See http://www.php.net/manual/en/function.header.php
for further information.

Discussion

  • Thijs Kinkhorst

    Thijs Kinkhorst - 2003-01-04

    Logged In: YES
    user_id=285765

    You are right, but since the only goal of these pages is to
    limit people browsing directory contents, I don't really see it
    as a priority. However, other redirects should, and we will
    take a look at it in 1.5.

     
  • Thijs Kinkhorst

    Thijs Kinkhorst - 2003-01-04
    • milestone: 241848 -->
     
  • Christoph Thiel

    Christoph Thiel - 2003-01-04

    Logged In: YES
    user_id=510465

    I agree ... here is my suggestion for a fix:

    function redirect($relative_url) {

    header("Location: http://".$_SERVER['HTTP_HOST']
    .dirname($_SERVER['PHP_SELF'])
    ."/".$relative_url);

    }

     
  • Erin Schnabel

    Erin Schnabel - 2003-01-26
    • assigned_to: nobody --> ebullient
     
  • Thijs Kinkhorst

    Thijs Kinkhorst - 2003-03-06

    Logged In: YES
    user_id=285765

    In sm_init.php we should have a global set which contains
    the URL to the squirrelmail base dir:
    http://www.site.org/squirrelmail/
    to which you can append things like src/read_body or
    plugins/myplugin/doit.php .

     
  • Marc Groot Koerkamp

    • status: open --> pending
     
  • SourceForge Robot

    Logged In: YES
    user_id=1312539

    This Tracker item was closed automatically by the system. It was
    previously set to a Pending status, and the original submitter
    did not respond within 14 days (the time period specified by
    the administrator of this Tracker).

     
  • SourceForge Robot

    • status: pending --> closed
     

Log in to post a comment.