ID: 25175
Updated by: [email]sniperphp.net[/email]
Reported By: phpbug at paypc dot com
-Status: Open
+Status: Feedback
Bug Type: Session related
Operating System: Linux 2.4
PHP Version: 4.3.2
New Comment:

Please try using this CVS snapshot:

[url]http://snaps.php.net/php4-STABLE-latest.tar.gz[/url]

For Windows:

[url]http://snaps.php.net/win32/php4-win32-STABLE-latest.zip[/url]





Previous Comments:
------------------------------------------------------------------------

[2003-08-21 04:33:50] phpbug at paypc dot com

*ARGH* I hate "thinkoes" -- it should be obvious from context (and
perusing my phpconfig) that I've TURNED OFF enable_trans_sid, not
turned it on.

Upon re-reading my posting (naturally AFTER I'd hit submit), I noted
the think-o.

My apologies.

=Apollyon=

------------------------------------------------------------------------

[2003-08-21 04:31:10] phpbug at paypc dot com

OK, let me put forth some declarations so we're talking apples and
apples.

My test method:

echo -e "GET /legal/tester.php HTTP/1.1\r\nHost: 127.0.0.1\r\n" | nc
127.0.0.1 80 > dump

I wish to eliminate any possible "post-processing" or
browser-variations.

IE: "nc" is netcat, a commonly available network tool.

OK, onto the results of my tests.

I copied and pasted sniper's code *EXACTLY* as presented, with
whitespaces and line spacing as entered. I obtained identical results
with both lynx and my netcat method, though lynx probably doesn't
support HTTP/1.1 because there was an additional header.

With Lynx Version 2.8.3rel.1:

HTTP/1.1 200 OK
Date: Thu, 21 Aug 2003 09:10:16 GMT
Server: Apache/1.3.27 Ben-SSL/1.48
Connection-Type: Keep-Alive
Content-Length: 4
Connection: close <<<<<<<<<<<<< Additional header
Content-Type: text/html

With netcat:

HTTP/1.1 200 OK
Date: Thu, 21 Aug 2003 09:10:55 GMT
Server: Apache/1.3.27 Ben-SSL/1.48
Connection-Type: Keep-Alive
Content-Length: 4
Content-Type: text/html

In comparing the actual bytes sent over the wire against the advertised
content-length, the Content-Length header is correct.

If you wish to inspect my PHP build and setup configuration, you may do
so at: <http://hollywood.paypc.com/config4phpbugmasters>

(I will be removing this after 24 hours.)

And yes, it's pretty loaded. And yes, trans_sid is enabled, but in all
of my test harnesses which employ sessions, I've enabled cookies - and
they are created/used by the browsers involved.

******* AHHHHHHAAAA *******

Arigatoo gozaimaa to Moriyoshi-san for cautioning me to turn on
trans_sid, because when I disable it in my global php.ini, the
discrepancy disappears!

For my "complex" web-application which formerly reported bad sizing, I
received the following header (after turning off trans_sid):

----------------------------
HTTP/1.1 200 OK
Date: Thu, 21 Aug 2003 09:20:47 GMT
Server: Apache/1.3.27 Ben-SSL/1.48
Cache-Control: no-store, no-cache, must-revalidate, post-check=0,
pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=a1c8bfb3f409580e57206d7c19eac473; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 2825
Content-Type: text/html
--------------------------------

And doing a wc -c on the content-portion matches this size exactly
(with my netcat test).

Third-party validation via usage of
<http://www.ircache.net/cgi-bin/cacheability.py> confirms an exact
match of advertised Content-Length and what's actually received.

And lastly, and most importantly, the IE "hang" bug while accessing
this web application via an intranet is gone.

OK, fine, trans_sid broke it. Why? And should it have? I'm
suspicious that the Esteemed Moriyoshi-san nailed this specific setting
in advance, as if to suspect it being a potential cause for buggage.

Inquiring minds want to know - if it's by design, please add it to the
doentation and FAQ. I know alot of things about the ob_ functions
are unusual and cause some people hardship (of their own making). This
one came out of left field.

=Apollyon=

------------------------------------------------------------------------

[2003-08-21 00:10:00] [email]moriyoshiphp.net[/email]
> Set-Cookie: PHPSESSID=2989258979bd07405999448563ef4bfc; path=/
Perhaps you seem to have enabled session.use_trans_sid.
If so, first turn it off before trying the above script provided by
sniper.

------------------------------------------------------------------------

[2003-08-20 22:54:00] [email]sniperphp.net[/email]

try this script:

<?php ob_start(); ?>
foo
<?php

header("Connection-Type: Keep-Alive");
header('Content-Length: ' . ob_get_length());
ob_end_flush();
echo ob_get_length();

?>

And access it with this command:

# lynx -head lynx -dump -head [url]http://localhost/test.php[/url]

I get this (correct) output:

HTTP/1.1 200 OK
Date: Thu, 21 Aug 2003 03:52:44 GMT
Server: Apache/1.3.27 (Unix) PHP/4.3.3RC5-dev
X-Powered-By: PHP/4.3.3RC5-dev
Connection-Type: Keep-Alive
Content-Length: 4
Connection: close
Content-Type: text/html



------------------------------------------------------------------------

[2003-08-20 07:05:31] phpbug at paypc dot com

Description:
------------
Very straightforward.

I have a preamble and postamble include on ALL of my main .php pages...
which use ADODB session management, some PEAR, and other typical
dynaweb goodies.

The Content-Length header is *ALWAYS* off by about 81 bytes, as in, the
ob_get_length() is always smaller than the actual size of the content
sent...

I've verified this with "netcat" - after trimming the headers from the
reply, the content is 81 bytes larger than advertised in the
Content-Length header.

I observed no change in behaviour after adding the ob_clean() call into
my header file.

OTHERWISE, things work fine.

What's the deal? Is Apache silently adding CRLF's?

I am NOT using the gzhandler or transparent compression here. This is
just straightforward output.

=Lord Apollyon=


Reproduce code:
---------------
The code for all of my index.php's consist of the following:

<?PHP
include_once 'db_header.inc';
.................
include_once 'db_footer.inc';
?>

db_header.inc:

<?php
$start_time=gettimeofday();
ob_clean(); // paranoid and desperate
ob_start();
header("Connection-Type: Keep-Alive");
?>

db_footer.inc contains:

<?PHP
if ($LOGGING)
{
$LOG->close();
$LOGGING=FALSE;
}
header('Content-Length: ' . ob_get_length());
ob_end_flush();
?>

Note: there are no blank lines at the beginning of my *.inc or *.php
files.

Expected result:
----------------
I would expect Content-Length to reflect the actual output size.




------------------------------------------------------------------------


--
Edit this bug report at [url]http://bugs.php.net/?id=25175&edit=1[/url]