Issues

ZF-11776: ZF-9799 undoes ZF-5890 and breaks AMF for Internet Explorer 5 - 8

Issue Type: Bug Created: 2011-09-29T12:14:29.000+0000 Last Updated: 2011-11-09T17:20:17.000+0000 Status: Resolved Fix version(s): - 1.11.11 (29/Sep/11)

Reporter: Christian Wiese (gnarfoz) Assignee: Matthew Weier O'Phinney (matthew) Tags: - Zend_Amf

Related issues: - ZF-9799

Attachments:

Description

The changes in ZF-9799 undid the changes from ZF-5890 which breaks AMF in Internet Explorer versions 5.01 - 8, at least when SSL is used.

Cf. http://support.microsoft.com/kb/323308/en-us

Comments

Posted by Christian Wiese (gnarfoz) on 2011-09-29T12:15:30.000+0000

ZF-9799 breaks what ZF-5890 fixed.

Posted by Matthew Weier O'Phinney (matthew) on 2011-09-29T13:53:26.000+0000

Can you detail what exactly we need to test for? It looks like we need to look for an IE user agent, and, if detected, send the following header:

<pre class="highlight">
Cache-Control: cache, must-revalidate

instead of:

<pre class="highlight">
Cache-Control: no-cache, must-revalidate

Does that sound right?

Posted by Christian Wiese (gnarfoz) on 2011-09-29T14:08:52.000+0000

Looks about right, but probably needs Pragma: public, too. (At least that's what the state was before ZF-9799.)

Our current workaround is to filter out Cache-Control and Pragma headers from our backend servers, so they're not passed to the client, and that works for us. However, since the original change in ZF-5890 set those headers explicitly, it might be best to just return to that status quo ante.

I don't have all Internet Explorer versions available to test, but going from the Microsoft knowledgebase entry, you'd need to check for IE user-agent with version between 5 and 8. According to Microsoft, newer versions than that are not affected.

Posted by Matthew Weier O'Phinney (matthew) on 2011-09-29T14:20:26.000+0000

I've looked at the diffs for the two linked issues, as well as the MSDN article, and determined how to branch the headers. I'm now detecting IE over SSL, and sending different Cache-Control and Pragma headers when detected. Fix is in trunk and the 1.11 release branch.

Posted by Adam Lundrigan (adamlundrigan) on 2011-11-07T16:20:41.000+0000

ZF2 Pull Request: https://github.com/zendframework/zf2/pull/571

Posted by HelloWorld (helloworld) on 2011-11-09T16:48:33.000+0000

I just installed Zend Framework Minimal 1.11.11 and I got an error message : "PHP Notice: Undefined index: HTTPS in XXXX\Zend\Amf\Response\Http.php on line 59" while using some AMF stuff.

In PHP, the proper way to test if a variable exists is with isset().

So, the two lines: $ssl = $_SERVER['HTTPS']; and $ua = $_SERVER['HTTP_USER_AGENT']; must be changed to: $ssl = ( isset($_SERVER['HTTPS'])===true ? $_SERVER['HTTPS'] : false ); and $ua = ( isset($_SERVER['HTTP_USER_AGENT'])===true ? $_SERVER['HTTP_USER_AGENT'] : false );

Posted by Adam Lundrigan (adamlundrigan) on 2011-11-09T17:20:17.000+0000

@HelloWorld: That issue has been fixed in trunk (see ZF-11783) and will be included in next mini-release.

Have you found an issue?

See the Overview section for more details.

Copyright

© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts