|Issue tags:||needs backport to D6|
drupal_http_request() only checks for CRLF as a header/body seperator. Although it parses headers that have LF-only, it actually uses the sequence CRLFCRLF to split the headers and the response.
Although this strictly compiles with section 2.2 of RFC 1945 (http://www.faqs.org/rfcs/rfc1945.html) it does not implement the recommendation in Appendix B that states applications should be tolerant and allow for LF-only responses.
As a side note, I am having this issue trying to work with Canada Post's SellOnline HTTP service. I have notified them of the issue but still feel this is easily fixed in Drupal, and so here is a patch:
--- common.inc.orig 2007-10-14 15:58:22.000000000 -0400
+++ common.inc 2007-10-14 15:59:28.000000000 -0400
@@ -472,7 +472,7 @@
// Parse response.
- list($split, $result->data) = explode("\r\n\r\n", $response, 2);
+ list($split, $result->data) = preg_split("/\r\n\r\n|\n\n|\r\r/", $response, 2);
$split = preg_split("/\r\n|\n|\r/", $split);
list($protocol, $code, $text) = explode(' ', trim(array_shift($split)), 3);