[wp-trac] Re: [WordPress Trac] #3555: Some servers escape $_SERVER['HTTP_IF_NONE_MATCH'], breaking 304 Etag matching

WordPress Trac wp-trac at lists.automattic.com
Wed Jan 10 13:39:03 GMT 2007


#3555: Some servers escape $_SERVER['HTTP_IF_NONE_MATCH'], breaking 304 Etag
matching
-------------------------+--------------------------------------------------
 Reporter:  markjaquith  |        Owner:  markjaquith
     Type:  defect       |       Status:  assigned   
 Priority:  high         |    Milestone:  2.1        
Component:  General      |      Version:  2.0.6      
 Severity:  major        |   Resolution:             
 Keywords:               |  
-------------------------+--------------------------------------------------
Changes (by markjaquith):

  * status:  new => assigned
  * owner:  anonymous => markjaquith
  * summary:  Some servers escape $_SERVER['HTTP_IF_NOT_MODIFIED'],
              breaking 304 Etag matching => Some servers
              escape $_SERVER['HTTP_IF_NONE_MATCH'], breaking
              304 Etag matching

Old description:

> I've found that on some servers, {{{$_SERVER['HTTP_IF_NOT_MODIFIED']}}}
> is backslash-escaped.  WP then comes along and escapes it again, so your
> Etag looks like:
>
> {{{\\\"65e8871191351efa4678a314e040fa34\\\"}}}
>
> Then, before checking, WP runs {{{stripslashes()}}} once, which gets you
> to:
>
> {{{\"65e8871191351efa4678a314e040fa34\"}}}
>
> It then tries to compare the Etags, but fails, because of the
> backslashes.  Thus, a 304 is not served, content is served, and bandwidth
> is wasted.
>
> Patches coming.

New description:

 I've found that on some servers, {{{$_SERVER['HTTP_IF_NONE_MATCH']}}} is
 backslash-escaped.  WP then comes along and escapes it again, so your Etag
 looks like:

 {{{\\\"65e8871191351efa4678a314e040fa34\\\"}}}

 Then, before checking, WP runs {{{stripslashes()}}} once, which gets you
 to:

 {{{\"65e8871191351efa4678a314e040fa34\"}}}

 It then tries to compare the Etags, but fails, because of the backslashes.
 Thus, a 304 is not served, content is served, and bandwidth is wasted.

 Patches coming.

Comment:

 Oops, mistyped the header name... it is
 {{{$_SERVER['HTTP_IF_NONE_MATCH']}}}

-- 
Ticket URL: <http://trac.wordpress.org/ticket/3555#comment:1>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list