Skip to content

Add support for lowercase headers #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Add support for lowercase headers #3

wants to merge 1 commit into from

Conversation

JosephusPaye
Copy link

This pull request adds support for lower-cased versions of the X-Proxy-Url and X-Proxy-Cookie headers.

Some systems (like the one I use) normalize all header names to lower case, and the HTTP spec (http://www.ietf.org/rfc/rfc2616.txt) says that header field names are case-insensitive:

4.2 Message Headers

... Each header field consists of a name followed by a colon (":") and the field value. Field names are case-insensitive. ...
@JosephusPaye
Add support for lowercase headers
b61945c 
This pull request adds support for lower-cased versions of the `X-Proxy-Url` and `X-Proxy-Cookie` headers. Some systems (like the one I use) normalize all header names to lower case, and the HTTP spec (http://www.ietf.org/rfc/rfc2616.txt) says that header field names are case-insensitive: > 4.2 Message Headers > > ... Each header field consists of a name followed by a colon (":") and the field value. Field names are case-insensitive. ...
@wernerkrauss wernerkrauss mentioned this pull request Oct 31, 2017
Closed
@Svish
Copy link
Owner

Svish commented Oct 31, 2017

Sorry about not replying to this until now. Not sure what happened... 😬 Anyways, this issue is solved now by converting all the header names to lower-case before checking for them, which should be more robust than adding a single variant like in this pull request. Thanks for caring though! And again, my apologizes for getting back to you sooo late... 😟
@Svish Svish closed this Oct 31, 2017
@JosephusPaye
Copy link
Author

Great to know! Thanks.
@JosephusPaye
Copy link
Author

JosephusPaye commented Jan 23, 2018
edited
Loading

Hi,

Sorry for reviving a closed pull request but it seems the normalization to lowercase is not done until after the method, URL and cookie headers are gotten (using the non-lowercase header names).

php-cross-domain-proxy/proxy.php

Lines 10 to 13 in ae663a3

$headers = getallheaders();
$method = $_SERVER['REQUEST_METHOD'] ?? 'GET';
$url = $headers['X-Proxy-Url'] ?? null;
$cookie = $headers['X-Proxy-Cookie'] ?? null;

When I make a request to the proxy, my HTTP client converts the X-Proxy-Url header name to lowercase x-proxy-url, which causes the URL check on line 18 to fail.

Perhaps the normalization on line 43 could be moved to just after the call to getallheaders() on line 10 and then the header names can use the all-lowercase versions?

I can update this pull request with the changes if needed.

Thanks for your time.
@Svish
Copy link
Owner

Svish commented Jan 23, 2018

No problem! 🙂

On my computer (running PHP 7.1 and Apache), the headers returned from getallheaders seem to already be normalized... But might be the browser (that I send the request through) does that for me too... 🤔

Either way, the normalization could definitely be moved to make it more resilient, so, did that just now and tagged it v2.1.7. Hope it works better for you now! 🙂
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants

@JosephusPaye @Svish