diff --git a/includes/bootstrap.inc b/includes/bootstrap.inc index 92e0c0f..f557fc8 100644 --- a/includes/bootstrap.inc +++ b/includes/bootstrap.inc @@ -378,6 +378,10 @@ function conf_init() { global $db_url, $db_prefix, $db_collation, $cookie_domain, $conf, $installed_profile, $update_free_access; $conf = array(); + if (!isset($_SERVER['SERVER_PROTOCOL']) || ($_SERVER['SERVER_PROTOCOL'] != 'HTTP/1.0' && $_SERVER['SERVER_PROTOCOL'] != 'HTTP/1.1')) { + $_SERVER['SERVER_PROTOCOL'] = 'HTTP/1.0'; + } + if (isset($_SERVER['HTTP_HOST'])) { // As HTTP_HOST is user input, ensure it only contains characters allowed // in hostnames. See RFC 952 (and RFC 2181). @@ -385,7 +389,7 @@ function conf_init() { $_SERVER['HTTP_HOST'] = strtolower($_SERVER['HTTP_HOST']); if (!drupal_valid_http_host($_SERVER['HTTP_HOST'])) { // HTTP_HOST is invalid, e.g. if containing slashes it may be an attack. - header('HTTP/1.1 400 Bad Request'); + header($_SERVER['SERVER_PROTOCOL'] .' 400 Bad Request'); exit; } } @@ -749,7 +753,7 @@ function drupal_page_cache_header($cache) { if ($if_modified_since && $if_none_match && $if_none_match == $etag // etag must match && $if_modified_since == $last_modified) { // if-modified-since must match - header('HTTP/1.1 304 Not Modified'); + header($_SERVER['SERVER_PROTOCOL'] .' 304 Not Modified'); // All 304 responses must send an etag if the 200 response for the same object contained an etag header("Etag: $etag"); return; @@ -1149,7 +1153,7 @@ function _drupal_bootstrap($phase) { case DRUPAL_BOOTSTRAP_ACCESS: // Deny access to hosts which were banned - t() is not yet available. if (drupal_is_denied('host', ip_address())) { - header('HTTP/1.1 403 Forbidden'); + header($_SERVER['SERVER_PROTOCOL'] .' 403 Forbidden'); print 'Sorry, '. check_plain(ip_address()) .' has been banned.'; exit(); } diff --git a/includes/common.inc b/includes/common.inc index 3d73784..76ceb53 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -354,7 +354,7 @@ function drupal_goto($path = '', $query = NULL, $fragment = NULL, $http_response */ function drupal_site_offline() { drupal_maintenance_theme(); - drupal_set_header('HTTP/1.1 503 Service unavailable'); + drupal_set_header($_SERVER['SERVER_PROTOCOL'] .' 503 Service unavailable'); drupal_set_title(t('Site off-line')); print theme('maintenance_page', filter_xss_admin(variable_get('site_offline_message', t('@site is currently under maintenance. We should be back shortly. Thank you for your patience.', array('@site' => variable_get('site_name', 'Drupal')))))); @@ -364,7 +364,7 @@ function drupal_site_offline() { * Generates a 404 error if the request can not be handled. */ function drupal_not_found() { - drupal_set_header('HTTP/1.1 404 Not Found'); + drupal_set_header($_SERVER['SERVER_PROTOCOL'] .' 404 Not Found'); watchdog('page not found', check_plain($_GET['q']), NULL, WATCHDOG_WARNING); @@ -394,7 +394,7 @@ function drupal_not_found() { * Generates a 403 error if the request is not allowed. */ function drupal_access_denied() { - drupal_set_header('HTTP/1.1 403 Forbidden'); + drupal_set_header($_SERVER['SERVER_PROTOCOL'] .' 403 Forbidden'); watchdog('access denied', check_plain($_GET['q']), NULL, WATCHDOG_WARNING); diff --git a/includes/database.inc b/includes/database.inc index 683ae69..91807da 100644 --- a/includes/database.inc +++ b/includes/database.inc @@ -173,7 +173,7 @@ function _db_error_page($error = '') { global $db_type; drupal_init_language(); drupal_maintenance_theme(); - drupal_set_header('HTTP/1.1 503 Service Unavailable'); + drupal_set_header($_SERVER['SERVER_PROTOCOL'] .' 503 Service Unavailable'); drupal_set_title('Site off-line'); $message = '

The site is currently not available due to technical problems. Please try again later. Thank you for your understanding.

';