PHP 4.1 has a problem with header("HTTP/1.0 404 Not Found");. Where PHP 4.3 automatically changes this to a Status: 404 header, PHP 4.1 does not. This results in Apache 500 errors and a line in the Apache error.log containing malformed header from script. Bad header=HTTP/1.0 404 Not Found: index.php.

The solution is to change the line 256 in common.inc to header("Status: 404");. As far as I can see, this should be safe for PHP 4.3 too.

I don't have PHP 4.2 around, so I do not know whether this also applies to it.

There have been several other people reporting a like problem, that I suspect is caused by this. It is introduced after the 4.3.2 release, and is in 4.4.0rc1.

(upgrading to PHP 4.3 is not an option as I am on Debian Woody).

CommentFileSizeAuthor
#5 common.inc_2.patch991 byteswillmoy@civicspacelabs.org
#3 common_6.patch1.01 KBJonBob
Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Frodo Looijaard’s picture

Frodo Looijaard CreditAttribution: Frodo Looijaard commented

Some more information:
Apache 2.0.48
PHP 4.1.2
PHP scripts are called using CGI (not using mod_php)
Drupal 4.4.0 release candidate 1

Zepplock’s picture

Zepplock CreditAttribution: Zepplock commented

It worked. Thank you very much!

JonBob’s picture

JonBob CreditAttribution: JonBob commented
FileSize
common_6.patch1.01 KB

http://www.phpbuilder.com/lists/php-documentation-list/2004022/0179.php
suggests that the problem is due to running PHP as CGI rather than due to PHP version.

Here's a patch implementing the suggested resolution, but I can't test the CGI configuration.

Dries’s picture

Dries CreditAttribution: Dries commented

This patch changes Drupal's behavior in that it will send a regular HTTP/1.X 200 OK header, along with an additional Status: 404 header.

willmoy@civicspacelabs.org’s picture

willmoy@civicspacelabs.org CreditAttribution: willmoy@civicspacelabs.org commented
FileSize
common.inc_2.patch991 bytes

Have implemented this patch on my system, and it only seems to send the 404 header, not the 200 OK header as well (wget headers log below). Forgive me if i'm wrong.

From the PHP manual for header(): "The optional replace parameter indicates whether the header should replace a previous similar header, or add a second header of the same type. By default it will replace"
http://uk2.php.net/manual/en/function.header.php

Wget log--

--17:07:20-- http://www.cuamnesty.org/this_page_does_not_exist
=> `this_page_does_not_exist'
Resolving wwwcache.cam.ac.uk... done.
Connecting to wwwcache.cam.ac.uk[131.111.8.1]:8080... connected.
Proxy request sent, awaiting response...
1 HTTP/1.0 404 Not Found
2 Date: Wed, 17 Nov 2004 17:07:20 GMT
3 Server: Apache/1.3.26 (Unix) Debian GNU/Linux mod_ucam_webauth/1.0.6 DAV/1.0.3 PHP/4.1.2 mod_ssl/2.8.9 OpenSSL/0.9.6c
4 X-Powered-By: PHP/4.1.2
5 Set-Cookie: PHPSESSID=28b7c4dc2a5d5a3546c3316b98e741d4; path=/
6 Content-Type: text/html; charset=utf-8
7 X-Cache: MISS from theta.wwwcache.cam.ac.uk
8 X-Cache-Lookup: MISS from theta.wwwcache.cam.ac.uk:8080
9 Proxy-Connection: close
17:07:20 ERROR 404: Not Found.

A patch is attached against current CVS in case that's useful.

JonBob’s picture

JonBob CreditAttribution: JonBob commented
killes@www.drop.org’s picture

killes@www.drop.org CreditAttribution: killes@www.drop.org commented
Title: 404 errors and PHP 4.1 » 404 errors and cgi mode

The problem apparently occurs if you use php in cgi mode. If I run php as an apache module, I will not get a proper 404 anymore after applying that patch. needs more thought.

willmoy@www.civicspacelabs.org’s picture

willmoy@www.civicspacelabs.org CreditAttribution: willmoy@www.civicspacelabs.org commented

Killes tested the patch on a debian stable system with php as an apache module as an and it stops his drupal log getting 404s apparently.

This is odd, as it only changes the contents of the header() call and not the next line, which adds the watchdog message, but there we go.

Responding to something above, if you are doing this change manually, you need to change both the 404 call and the 403 call...

dave_b’s picture

dave_b CreditAttribution: dave_b commented
Version: » 4.6.3
Category: bug » support

Anything new on this issue? I'm having the same problem running under IIS/6.0, PHP 4.3 CGI (hosted at crystaltech.com). The same site running under IIS/5.0 with PHP 4.4 CGI works fine. No matter what I do drupal_not_found() returns status 200 OK. I tried applying this patch:

function drupal_not_found() {
- header('HTTP/1.0 404 Not Found');
+ header('Status: 404 Not Found');

The page does return 404 but with a blank page (content-length 0) so I've traded one problem for another. Any new information would be greatly appreciated.

Thanks,
Dave

magico’s picture

magico CreditAttribution: magico commented
Status: Active » Closed (fixed)