Pingback URI discovery broken for some URIs
|Reported by:||Inquisitus||Owned by:||anonymous|
|Severity:||normal||Keywords:||pingback discovery uri url redirect headers header has-patch|
Under some circumstances the discover_pingback_server_uri function will fail due to a 301 redirection being issued by the server.
This can happen when the request URI points to a directory on the recipient server but has no trailing slash. For example, if some blog system is installed at http://foo.com/bar/ (and this URI is pingback-enabled), then requesting http://foo.com/bar (no trailing slash) will result in Apache on the recipient server issuing a 301 redirect to http://foo.com/bar/ (with trailing slash). In this case, the discover_pingback_server_uri function will fail as it will not follow the redirection.
This is perfectly normal behaviour for Apache and so it should really be accounted for, even if it's unlikely to manifest itself as a problem. See here for a more complete description of what happens:
My proposed fix involves checking the HTTP status code before looking for the X-Pingback header. If it's a 301, we extract the Location header and recursively call discover_pingback_server_uri again with that URI. Stack overflows are prevented by means of a redirection limit parameter for the function; default is 3.