Bug #73567
closed
cURL Proxy HTTP header not cleaned correctly
100%
Description
After the TER changes from http:// to https://, my environment failed to update the extension list and the languages from TER. I'm using cURL and a cURL proxy server and could identify the following problem:
In GeneralUtility::getUrl(), the headers are loaded to detect redirects and cleaned up again. But with my proxy, I have an extra header block from the proxy.
HTTP/1.0 200 Connection established
HTTP/1.1 200 OK
Server: nginx/1.9.9
Date: Fri, 19 Feb 2016 13:17:32 GMT
Content-Type: application/xml
Content-Length: 6758
Connection: keep-alive
Last-Modified: Fri, 19 Feb 2016 02:00:13 GMT
X-Cacheable: YES: Static resources are always cached
cache-control: public, max-age=86400
X-Varnish: 1094220381 1093945158
Age: 9442
Via: 1.1 varnish
X-Cache: HIT
Strict-Transport-Security: max-age=15768000; preload;
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Security-Policy-Report-Only: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://piwik.typo3.org https://maps.google.com https://*.googleapis.com https://cdn.jquerytools.org; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; report-uri https://report-uri.io/report/90234a82d771236e837f46bebcbe46a5/reportOnly
<?xml version="1.0" standalone="yes" ?>
<TERlanguagePackIndex>
<meta>
<timestamp>1455...
So, only the first header block (proxy) will be cleaned up and the function will return the original header as content. As long the TER was defined with http:// in the core and redirected to https:// by server rewrite rules, I did not see any problem. Maybe the GeneralUtility::getUrl() called itself recursively to process the redirect and cleaned the header up correctly. Now, without the redirects, it failed.
The proxy headers must be removed separately.
Updated by 
Updated by 
Updated by 
Updated by