From 06c3a8a9dbb3b582b4be26b67fe534734f74b38b Mon Sep 17 00:00:00 2001 From: Alexander Ebert Date: Tue, 9 Jul 2013 15:22:59 +0200 Subject: [PATCH] Prevent possible issues with gzip compression headers Fixes #1405 --- .../files/lib/util/HeaderUtil.class.php | 52 +++++++++++-------- 1 file changed, 31 insertions(+), 21 deletions(-) diff --git a/wcfsetup/install/files/lib/util/HeaderUtil.class.php b/wcfsetup/install/files/lib/util/HeaderUtil.class.php index 94eecb09dc..1694969680 100644 --- a/wcfsetup/install/files/lib/util/HeaderUtil.class.php +++ b/wcfsetup/install/files/lib/util/HeaderUtil.class.php @@ -16,6 +16,12 @@ use wcf\system\WCF; * @category Community Framework */ final class HeaderUtil { + /** + * gzip compression + * @var boolean + */ + protected static $enableGzipCompression = false; + /** * output HTML * @var string @@ -44,10 +50,23 @@ final class HeaderUtil { self::sendNoCacheHeaders(); } - ob_start(array('wcf\util\HeaderUtil', 'parseOutput')); + if (HTTP_ENABLE_GZIP && HTTP_GZIP_LEVEL > 0 && HTTP_GZIP_LEVEL < 10 && !defined('HTTP_DISABLE_GZIP')) { + if (function_exists('gzcompress') && !@ini_get('zlib.output_compression') && !@ini_get('output_handler') && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')) { + self::$enableGzipCompression = true; + + if (strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'x-gzip')) { + @header('Content-Encoding: x-gzip'); + } + else { + @header('Content-Encoding: gzip'); + } + } + } // send Internet Explorer compatibility mode @header('X-UA-Compatible: IE=edge'); + + ob_start(array('wcf\util\HeaderUtil', 'parseOutput')); } /** @@ -84,26 +103,17 @@ final class HeaderUtil { // class. Use HeaderUtil::$output to modify it. if (!defined('NO_IMPORTS')) EventHandler::getInstance()->fireAction('wcf\util\HeaderUtil', 'parseOutput'); - // enable gzip compression - if (HTTP_ENABLE_GZIP && HTTP_GZIP_LEVEL > 0 && HTTP_GZIP_LEVEL < 10 && !defined('HTTP_DISABLE_GZIP')) { - if (function_exists('gzcompress') && !@ini_get('zlib.output_compression') && !@ini_get('output_handler') && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')) { - if (strstr($_SERVER['HTTP_ACCEPT_ENCODING'], 'x-gzip')) { - @header('Content-Encoding: x-gzip'); - } - else { - @header('Content-Encoding: gzip'); - } - - $size = strlen(self::$output); - $crc = crc32(self::$output); - - $newOutput = "\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff"; - $newOutput .= substr(gzcompress(self::$output, HTTP_GZIP_LEVEL), 2, -4); - $newOutput .= pack('V', $crc); - $newOutput .= pack('V', $size); - - self::$output = $newOutput; - } + // gzip compression + if (self::$enableGzipCompression) { + $size = strlen(self::$output); + $crc = crc32(self::$output); + + $newOutput = "\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff"; + $newOutput .= substr(gzcompress(self::$output, HTTP_GZIP_LEVEL), 2, -4); + $newOutput .= pack('V', $crc); + $newOutput .= pack('V', $size); + + self::$output = $newOutput; } return self::$output; -- 2.20.1