Page MenuHomePhabricator
Create Task
Maniphest T19537

Turn off zlib.output_compression for 304
Closed, ResolvedPublic
Actions

Description

Author: ezyang

Description:
Fixes bug

When PHP has zlib.output_compression enabled, it compresses all pages output, regardless of their HTTP status code. Even empty pages get a ~13 byte empty gzipped file tacked as their response. Unfortunately, for HTTP status code 304, this is in direct violation of the specification; furthermore, if SSL and Keep-Alive are enabled, Firefox gets sufficiently confused such as to post a download page for the page immediately after the 304 with extra information afterwards (it mixes up the packets).

I've attached a patch that fixes this bug by manually turning off zlib.output_compression when a 304 is being sent. I am also coordinating with PHP's maintainers to get this fixed upstream.

Relevant links:
https://bugzilla.mozilla.org/show_bug.cgi?id=363109 (bug for Firefox getting confused by data after 304)
http://bugs.php.net/bug.php?id=42362 (bug for PHP not turning of zlib.output_compression when there is empty output)

Version: 1.15.x
Severity: normal

attachment zlib.patch ignored as obsolete

Details

Reference
bz17537

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:30 PM
bzimport added a project: MediaWiki-General.
bzimport set Reference to bz17537.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Feb 17 2009, 9:28 PM
brion added a comment.Feb 17 2009, 9:33 PM

I think I've seen problems when the Content-encoding on the 304 doesn't match the cached data before; can you double-check that behavior is still consistent in this behavior mode?

bzimport added a comment.Feb 17 2009, 10:28 PM

ezyang wrote:

No problems on Firefox, using this test script:

<?php

if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) {

ini_set('zlib.output_compression', 0);
header('HTTP/1.1 304 Not Modified');
header('Last-Modified: Tue, 17 Feb 2009 22:18:25 GMT');

} else {

header('Cache-Control=private, s-maxage=0, max-age=0, must-revalidate');
header('Last-Modified: Tue, 17 Feb 2009 22:18:25 GMT');
var_dump($_SERVER);
?><a href="">asdf</a><?php

}

bzimport added a comment.Feb 18 2009, 6:57 AM

ezyang wrote:

By request of Brion on IRC, it works fine on IE/Mac. :-)

bzimport added a comment.Feb 19 2009, 1:11 AM

ezyang wrote:

Fixes bug

Fix minor typo in patch

Attached:

zlib.patch1 KBDownload

bzimport added a comment.Mar 15 2009, 5:35 AM

ezyang wrote:

Some further research has found it is possible to tickle this bug in Firefox without SSL, but much more difficult.

brion added a comment.Mar 18 2009, 9:27 PM

Applied in r48540

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL