From 2e090cf346c0a3eeb0e6e481888d1f1ee835f849 Mon Sep 17 00:00:00 2001 From: Seth Date: Mon, 11 May 2020 14:48:04 -0400 Subject: [PATCH 1/2] Content-Length header may be sent in proxy CONNECT Since the body isn't sent during the proxy CONNECT, the content-length doesn't match, and the proxy terminates the connection. This effects servers using curl < 7.42.1. Some description about the issue described here: https://daniel.haxx.se/blog/2014/04/04/curl-and-proxy-headers/ The curl version in question seems old, but is still the default on versions of RedHat/CentOS up to 7. --- src/OpenIDConnectClient.php | 1 - 1 file changed, 1 deletion(-) diff --git a/src/OpenIDConnectClient.php b/src/OpenIDConnectClient.php index df4de6ef..b0d1a34d 100644 --- a/src/OpenIDConnectClient.php +++ b/src/OpenIDConnectClient.php @@ -1085,7 +1085,6 @@ protected function fetchURL($url, $post_body = null, $headers = array()) { // Add POST-specific headers $headers[] = "Content-Type: {$content_type}"; - $headers[] = 'Content-Length: ' . strlen($post_body); } From 81362350d1ec3a4a709209171ff3f76e1070c322 Mon Sep 17 00:00:00 2001 From: Seth Date: Mon, 11 May 2020 14:50:31 -0400 Subject: [PATCH 2/2] Changelog regarding content-length header --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fc9265f6..616d33a5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,7 +14,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/). * Getters for public parameters #204 ### Removed -* +* Removed explicit content-length header - caused issues with proxy servers ## [0.9.0]