diff options
| author | tailor <cygnus@janrain.com> | 2008-03-13 23:57:46 +0000 |
|---|---|---|
| committer | tailor <cygnus@janrain.com> | 2008-03-13 23:57:46 +0000 |
| commit | 2370ac14ce94dd62fe8601206b383339ba3f3d7c (patch) | |
| tree | 549fb9f570f56f84a977fbdf99f52677cdfdf65e /Auth | |
| parent | a927e857ee54199f605397df4ca7f34e00231e3f (diff) | |
| download | php-openid-2370ac14ce94dd62fe8601206b383339ba3f3d7c.zip php-openid-2370ac14ce94dd62fe8601206b383339ba3f3d7c.tar.gz php-openid-2370ac14ce94dd62fe8601206b383339ba3f3d7c.tar.bz2 | |
[project @ Handle malformed HTTP headers in fetchers]
Diffstat (limited to 'Auth')
| -rw-r--r-- | Auth/Yadis/ParanoidHTTPFetcher.php | 8 | ||||
| -rw-r--r-- | Auth/Yadis/PlainHTTPFetcher.php | 8 |
2 files changed, 12 insertions, 4 deletions
diff --git a/Auth/Yadis/ParanoidHTTPFetcher.php b/Auth/Yadis/ParanoidHTTPFetcher.php index 5fa30ef..93a8a39 100644 --- a/Auth/Yadis/ParanoidHTTPFetcher.php +++ b/Auth/Yadis/ParanoidHTTPFetcher.php @@ -125,8 +125,12 @@ class Auth_Yadis_ParanoidHTTPFetcher extends Auth_Yadis_HTTPFetcher { foreach ($headers as $header) { if (preg_match("/:/", $header)) { - list($name, $value) = explode(": ", $header, 2); - $new_headers[$name] = $value; + $parts = explode(": ", $header, 2); + + if (count($parts) == 2) { + list($name, $value) = $parts; + $new_headers[$name] = $value; + } } } diff --git a/Auth/Yadis/PlainHTTPFetcher.php b/Auth/Yadis/PlainHTTPFetcher.php index 15dc3a7..d3b0d03 100644 --- a/Auth/Yadis/PlainHTTPFetcher.php +++ b/Auth/Yadis/PlainHTTPFetcher.php @@ -132,8 +132,12 @@ class Auth_Yadis_PlainHTTPFetcher extends Auth_Yadis_HTTPFetcher { foreach ($headers as $header) { if (preg_match("/:/", $header)) { - list($name, $value) = explode(": ", $header, 2); - $new_headers[$name] = $value; + $parts = explode(": ", $header, 2); + + if (count($parts) == 2) { + list($name, $value) = $parts; + $new_headers[$name] = $value; + } } } |