Warn on http_response_code() after header('HTTP/...') #18962
Conversation
|
@bukka Ping. 🙂 |
|
This is a BC break so you will need RFC for this. |
|
I think it would be good to sync this behaviour but there is some risk as it's been there for long - if I understand correctly, this is also the case for FPM - just Apache does not do that. |
|
Basically the implementation can currently rely on the fact that header has got the priority and this might suddenly change the behaviour. You could argue that this is a fix but in this case it's not like the things do not work. It's more about the priority. |
|
IMO, this doesn't seem intentional, and nothing in the documentation 1 indicates Footnotes |
|
Yeah this for sure not intentional but it doesn't mean that some code does not rely on it. It might be even relying on it accidentally and it will be extremely hard to figure out why the behavior suddenly changed. If it was just CLI server, then I would mind changing it but if it's in FPM as well, then it might impact production code so in such case I'm against this silent change. I would much prefer warning approach in such case. |
|
Would you object to this even if internals does not? I'm not particularly keen on a multi-year endeavor to fix this. In that case, I'd leave this up to somebody else. |
|
Yeah I don't think this is the right way to fix it. I'd prefer going the warning path as I mentioned in the actual issue. |
Fixes phpGH-18582 Fixes #81451
iluuu1994
changed the title
|
Ok. Adjusted. |
|
Does this look ok then? |
| php_error_docref(NULL, E_WARNING, "Calling http_response_code() after header('HTTP/...') has no effect. This will change in PHP 9.0"); | ||
| // TODO: Uncomment in PHP 9.0 | ||
| // efree(SG(sapi_headers).http_status_line); | ||
| // SG(sapi_headers).http_status_line = NULL; |
There was a problem hiding this comment.
That should be deprecation if it should change in 9.0 and it would also require RFC because the upcoming BC break. I think I would just add NOTICE for now and then leave it to anyone who want to do the RFC...
There was a problem hiding this comment.
Your stance on this issue is seriously baffling to me. Almost every bug fix has some risk of breakage. That's why we delay more risky fixes to master, including myself in this case. If that's not enough, delaying to the next major with a migration path should certainly be enough. I even offered a mailing list discussion. But if the fixing of obvious issues now requires RFCs, I don't know how we can get anything done. This is not only wasteful to the RFC author, but everyone who has to read it.
That should be deprecation
I made this a warning because such code is almost guaranteed to be misbehaving, rather than this being a feature that is being removed.
Fixes GH-18582
Fixes #81451