[wp-trac] [WordPress Trac] #17490: cURL fails with timeout when posting to a location that redirects (was: HTTP API fails with timeout, if POST-Headers are present)

WordPress Trac wp-trac at lists.automattic.com
Fri May 27 08:45:33 UTC 2011 

#17490: cURL fails with timeout when posting to a location that redirects
--------------------------+-----------------------------
 Reporter:  simsmaster    |       Owner:
     Type:  defect (bug)  |      Status:  new
 Priority:  normal        |   Milestone:  Future Release
Component:  HTTP          |     Version:  3.2
 Severity:  normal        |  Resolution:
 Keywords:                |
--------------------------+-----------------------------
Changes (by dd32):

 * milestone:  Awaiting Review => Future Release


Comment:

 The problem is only occuring with cURL.

 Some background first: When you make a POST request, If you recieve a 3xx
 w/ Location in response, The correct thing to do next, is to perform a GET
 request to the new url, which is not what most people expect (Expecting
 the class to follow the Location with a new POST).

 Because of that, Posting to that login URL will result in nothing good
 anyway as you have to post to www.mantis.., but thats not the bug in
 question here..

 The problem is, that cURL is having an issue with the Content-Length
 header being set, It appears that cURL attempts to use the specified
 headers on the subsequent GET request, and since it can't find 10
 characters of data to send (as it discarded it as it's now doing the GET
 request to the redirection...), it seems to sit there and timeout, and
 never make the request.

 The Streams transport seems to be smart in it's following, It doesn't send
 the Content-Length header on the subsequent request.

 The FSockopen transport breaks tradition, and performs a POST to the new
 Location, with the post fields and content-length, Which all works and
 causes no ill effects (other than breaking spec).

 It seems to me a combination of these 3 things:
  * It's a cURL bug, They should disregard the Content-Length header on the
 subsequent redirection
  * We should potentially let cURL take care of setting the Content-Length
 header (we currently do this ourselves), When doing this, cURL sets the
 header itself when required (ie. when there's a post body) - We set this
 ourselves to work around a few server bugs, Some servers refuse POST
 requests without Content-Length headers (even though the post body is
 empty - cURL doesnt send the header when the body is empty). Fix some,
 Break others.
  * Fsockopen should be updated to follow spec

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/17490#comment:9>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list