Bug Report #3771

Bug Report #3191: Malformed Request Patch

Malformed Request Patch

Added by Mathew Davies almost 4 years ago. Updated almost 4 years ago.

Status:ClosedStart date:08/19/2010
Priority:NormalDue date:
Assignee:Jeremy Bush% Done:

100%

Category:Core
Target version:v3.1.2
Resolution:fixed Points:

Description

Hey there,

In PHP 5.3.3 parse_url no longer throws an E_WARNING. So a request like:

http://localhost/http://216.245.205.74/judge.php

Do not visit the above link.

is no longer caught by the Kohana error handler. This causes $uri to be FALSE, which finally ends up as string '' (length=0). Two problems:

  1. HTTP Status Code 200 is shown.
  2. Duplicate content.

I've attached a patch to resolve this issue.

Relevant PHP Issue: http://bugs.php.net/bug.php?id=52644

History

#1 Updated by Jeremy Bush almost 4 years ago

  • Assignee changed from Matt Button to Jeremy Bush
  • Target version changed from v3.0.10 to v3.1.2
  • Resolution set to fixed

Merged to 3.1.

#2 Updated by Jeremy Bush almost 4 years ago

  • Parent task set to #3191

Also available in: Atom PDF