-
-
Notifications
You must be signed in to change notification settings - Fork 9.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[HttpFoundation] Fixed issue with empty headers #35809
Conversation
please add a test case |
@frankgasking Please can you provide the test case for your issue. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I agree this one is strange - why is key 0
unset? I'd be curious to see how this happens in practice.
Good to go on my side for the patch itself. Test case pending of course.
Apologies for the delay, here is my full test case and steps: These steps were done using a PHP 7.2 Homestead vagrant box instance:
Sample $headers content:Without any fixing to HeaderBag.php, during the Offset 0 error, $key was
Fixing
|
Are you able to provide a more isolated way to reproduce this? Like a single php file or a test case? |
Something just outside of Laravel? I can try, though it will have to be either later today or tomorrow. Web dev is only a small part of my role, so I don't get much time unfortunately. Will try and sort something asap. |
My apologies. I've tried to replicate outside of Laravel, but i'm unable to catch the issue at all standalone. Something really strange is going on, which I think is due to the inclusion of the SimpleSAMLPHP library within Laravel's Middleware phase - causing some kind of strange redirect or overwrite of values. I think I can only demonstrate it by having it shown as via my steps above. What is strange is when you look at what is being set and returned via this temporary code i've added before the
.... it comes back and suggests that
Hence the offset error. However,
Why it doesn't return this via the very first line |
I've had another fresh look this morning. Laravel seems to make calls to It seems to be on the 11th time At this point, the So it returns all of the headers (with no 0 value accessible) and hence the offset error. Checking the On my isolated test, i've tried repeating the calls multiple times, and it works fine. Not seen an issue like this before. Because |
I'm sorry completely missing how this can happen. |
Hi Nicolas, my apologies - it is a strange one and i'm not entirely sure
how my inclusion of SimpleSAMLPHP is causing it.
I'll set up a standalone Laravel + SimpleSAMLPhp instance with something
triggering the error hopefully before the end of the week and will post
here.
…On Wed, 4 Mar 2020 at 13:21, Nicolas Grekas ***@***.***> wrote:
I'm sorry completely missing how this can happen.
@frankgasking <https://github.com/frankgasking> can you please provide a
full reproducer - ie a repository on GitHub we could clone and that would
reproduce the issue?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#35809?email_source=notifications&email_token=AAPUC6PYWD2KXMHEQMWABSTRFZIU5A5CNFSM4KYV22P2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOENX2BKA#issuecomment-594518184>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAPUC6M3K6ST2AEXPGWIHKLRFZIU5ANCNFSM4KYV22PQ>
.
--
Cheers
Frank
----------------------------------------
Visit my retro blog at: http://fgasking.wordpress.com/
Also the GTW project -
http://www.gamesthatwerent.com (main)
http://www.gtw64.co.uk (c64)
|
Hi Nicolas, apologies for the delay - I have set up a repository with Laravel + SimpleSAMLPHP at https://github.com/frankgasking/bughighlight I've just ran this on a Homestead instance, but any PHP 7.2 stack should be fine. If you browse to laravel/public/ in a browser, then you'll see the offset error. This has been triggered by the following Middleware, which just simply includes SimpleSAMLPHP: |
Closing as explained in the linked issue. |
I was made aware of the issue due to:
Looking at the file history leads me to think it was caused by #33353, however, it would look like the old code had the bug too. It is also odd how it is claimed the bug is not present in 4.3.8, but is in 4.4.0...
Does this actually fix the real issue, or does it just mask it?