We Keep Coding

PHP header() not sending custom message

I would like my server to return a header with a custom message. Using the header() function, I can generate the appropriate headers but the message always reverts to some standard string, not the text I provide.
For example, if I put this in my server code
header ($_SERVER['SERVER_PROTOCOL'] . ' 501 test error', true, 501);
I always see 501 Not Implemented in my client. For clients, I've used Postman and also my Xamarin Forms client app. With the latter, I stopped it in the debugger to look at the text returned from httpClient.GetAsynch().
I've also tried having only the first parameter
header ($_SERVER['SERVER_PROTOCOL'] . ' 501 test error');
but I get the same results.
Here's another try. I returned this:
header ($_SERVER['SERVER_PROTOCOL'] . ' Status: 501 test error', true, 501);
But curl on a command line shows this:
HTTP/1.1 200 OK
Connection: Keep-Alive
X-Powered-By: PHP/5.6.40
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Thu, 24 Dec 2020 17:20:54 GMT
Server: LiteSpeed
Alt-Svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
And, if I take out "Status: ", I get this:
HTTP/1.1 501 Not Implemented
Connection: Keep-Alive
X-Powered-By: PHP/5.6.40
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Thu, 24 Dec 2020 17:28:09 GMT
Server: LiteSpeed
Alt-Svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

header("HTTP/1.1 …") is a workaround for CGI setups. It's not a HTTP header as such. It's transformed and cleansed by PHP-FPM in most cases: https://github.com/php/php-src/blob/97d2dd0f90b328e771b60634cc377fd20eececbc/sapi/fpm/fpm/fpm_main.c#L307 if sent that way.
This is how you set a Status: header:
header("Status: 429 Begone!");
Now, if your webserver (LiteSpeed) strips out custom messages, then that's that. Nothing PHP can do about it. You'll have to find a server config workaround then. (e.g. Header add with some if= for Apache)
In short, give it a rest with SERVER_PROTOCOL unless your SAPI binding requires it. Upgrading PHP is an option if you run into troubles otherwise. Else you'll have to live with the standardized status message.

After doing some reading, I believe the right way to provide a custom message for an error is to send it in the body, not the header.
So, for example, to provide a custom message "missing weight=x parameter, one can use this code:
http_response_coede (400);
print json_encode (array ('error' => 400,
'message' => 'missing weight=x parameter');
Then, in your client, you parse this json string from the result body.

This might also happen if you use HTTP/2, which no longer has the status text.

Link between PHP and HTTP Request and Response Messages

When I did a networks course I learned about HTTP Request and Response messages and I know how to code in php reasonably enough to get around. Now my question is, the PHP has to have some link to HTTP request and response message but how. I can't seem to see the link between the two. My reasoning for asking this is that I am using the Twitter API console tool to query their api. The tool sends the following HTTP request:
GET /1.1/search/tweets.json?q=%40twitterapi HTTP/1.1
Authorization:
OAuth oauth_consumer_key="DC0se*******YdC8r4Smg",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1410970037",oauth_nonce="2453***055",oauth_version="1.0",oauth_token="796782156-ZhpFtSyPN5K3G**********088Z50Bo7aMWxkvgW",oauth_signature="Jes9MMAk**********CxsKm%2BCJs%3D"
Host:
api.twitter.com
X-Target-URI:
https://api.twitter.com
Connection:
Keep-Alive
and then I get a HTTP response:
HTTP/1.1 200 OK
x-frame-options:
SAMEORIGIN
content-type:
application/json;charset=utf-8
x-rate-limit-remaining:
177
last-modified:
Wed, 17 Sep 2014 16:07:17 GMT
status:
200 OK
date:
Wed, 17 Sep 2014 16:07:17 GMT
x-transaction:
491****a8cb3f7bd
pragma:
no-cache
cache-control:
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-xss-protection:
1; mode=block
x-content-type-options:
nosniff
x-rate-limit-limit:
180
expires:
Tue, 31 Mar 1981 05:00:00 GMT
set-cookie:
lang=en
set-cookie:
guest_id=v1%3A14109******2451388; Domain=.twitter.com; Path=/; Expires=Fri, 16-Sep-2016 16:07:17 UTC
content-length:
59281
x-rate-limit-reset:
1410970526
server:
tfe_b
strict-transport-security:
max-age=631138519
x-access-level:
read-write-directmessages
So how do these HTTP request and response messages fit into PHP? Does PHP auto generate this? How do I add authorization to PHP requests etc? I'm confused about the deeper workings of PHP

When the client sends the HTTP request to the server, there has to be something to receive the HTTP request, which is called a web server. Examples of web servers are Apache, IIS, Nginx, etc. You can also write your own server, which can handle input however it wants. In this case, I'll assume that you are requesting a PHP file.
When the web server captures the HTTP request, it determines how it should be handled. If the file requested is tweets.json, it will go make sure that file exists, and then pass control over to PHP.
PHP then begins its execution, and performs any logic that the script needs to do, meaning it could go to the database, it reads, writes and makes decisions based cookies, it does math, etc.
When the PHP script is done, it will return a HTML page as well as a bunch of headers back to the web server that called it. From there, the web server turns the HTML page and headers back into a HTTP request to respond.
That is a pretty simple overview, and web servers can work in many different ways, but this is a simple example of how it could work in a introductory use-case. In more complex scenarios, people can write their own web servers, which perform more complex logic inside of the web server software, rather than passing it off to PHP.
When it comes down to it, PHP files are just scripts that the web server executes when they are called, they provide the HTTP request as input, and get a web page and headers as output.

what is Via in HTTP Response and how to remove it?

I made a curl request to a PHP file on my server from my machine and it returns the following response.
HTTP/1.1 200 OK
Content-Length: 317
Content-Type: application/json
Server: Microsoft-IIS/7.5
Last-Modified: Wed, 19 Feb 2014 11:30:16 GMT
Via: 1.1 SC10100_83_75
Connection: keep-alive
Date: Wed, 19 Feb 2014 12:00:47 GMT
The problem is, this seems to be caching my request and is not returning the latest values. I suspect it is due to the Via header (read that it is about proxies). What is it and how can I remove it?

Looks like via - indicates that you have been routed via a proxy - however - this is information only - you need to make sure you caching headers are being set correctly so that the proxy takes the correct action.
Currently there is no caching headers being set on your request.
If you do not want it to be cached - then set the following header:
Cache-Control: no-cache
See http://www.w3.org/Protocols/HTTP/Issues/cache-private.html

Trying to download a file using curl where file download is blocked by javascript?

I am trying to use curl to download a torrent file the url is
http://torcache.net/torrent/006DDC8C407ACCDAF810BCFF41E77299A373296A.torrent
You will notice that upon getting to the page the download of the file is blocked for a few seconds via javascript, I was wondering if there is anyway to bypass this while using curl and php?
Thanks

The file is not blocked via javascript, that's just an informal message if you request that file. The redirect then is done via javascript.
You can simulate the request your own, the important part here is that you add the HTTP Referrer request header. Example:
$ curl -I -H 'Referer: http://torcache.net/torrent/006DDC8C407ACCDAF810BCFF41E77299A373296A.torrent' http://torcache.net/torrent/006DDC8C407ACCDAF810BCFF41E77299A373296A.torrent
HTTP/1.1 200 OK
Server: nginx/1.3.0
Date: Sun, 10 Jun 2012 17:13:59 GMT
Content-Type: application/x-bittorrent
Content-Length: 10767
Last-Modified: Sat, 09 Jun 2012 22:17:03 GMT
Connection: keep-alive
Content-Encoding: gzip
Accept-Ranges: bytes
Referrer is one thing to check, mind the typo in the HTTP specs, see Wikipedia.

cURL gets Internal Server Error when posting to aspx page

I have a big problem.
I have some applications made on an unix based system, and I use PHP with cURL to post an XML question to an IIS server with asp.net.
Every time I ask the server something I get error:
HTTP/1.1 500 Internal Server Error
Date: Tue, 04 May 2010 07:36:08 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 3032
But if I ask same question on another server, almost identically to this one (BOTH configured by me) I get results like it should and the headers:
HTTP/1.1 200 OK
Date: Tue, 04 May 2010 07:39:37 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
X-AspNet-Version: 2.0.50727
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Length: 9169
I tried everything, searched hundreds of forums, but i don't find anything.
In IIS logs I only get:
2010-05-04 07:36:08 W3SVC1657587027 80.xx.xx.xx POST /XML_SERV/XmlAPI.aspx - 80 - 80.xx.xx.xx Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1 500 0 0
any ideas where to look what is going on?
I forgot to mention! If I use an XML request software, and ask same question, it works.

Try reducing your asp page to the minimum, with the first try with an empty page. If this succeed, begin to add the real bits until it fails, so you can narrow the error.