Dareros Posted August 9, 2014 Share Posted August 9, 2014 Hi; I have an array of header information that i want to send before doing an echo to the page. Something like : // Send the header information in the array below, then echo $html; die(); The information in the array is for example : HTTP/1.1 200 OK Date: Sat, 09 Aug 2014 00:01:36 GMT Server: Apache/2.2.22 (Ubuntu) X-Powered-By: PHP/5.4.9-4ubuntu2 X-Logged-In: False P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Cache-Control: public, must-revalidate, proxy-revalidate Expires: Sat, 09 Aug 2014 02:01:36 GMT Connection: keep-alive, close Pragma: public Vary: Accept-Encoding Content-Type: text/html; charset=utf-8 Thank you. Quote Link to comment Share on other sites More sharing options...
fastsol Posted August 9, 2014 Share Posted August 9, 2014 You could use a foreach loop to output each header. But the info you have provided doesn't exactly give us much to go on since the headers you showed are NOT in an array. Quote Link to comment Share on other sites More sharing options...
Solution CroNiX Posted August 9, 2014 Solution Share Posted August 9, 2014 Did you try just using a foreach and outputting the header? $headers = array( 'HTTP/1.1 200 OK', 'Date: Sat, 09 Aug 2014 00:01:36 GMT', 'Server: Apache/2.2.22 (Ubuntu)', //...the rest ); foreach($headers as $header) { header($header); } exit($html); Quote Link to comment Share on other sites More sharing options...
Dareros Posted August 9, 2014 Author Share Posted August 9, 2014 Thanks for that, just didn't knew how to proceed with the foreach command that is all. Thank you kindly. Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted August 9, 2014 Share Posted August 9, 2014 Why on earth do you tell your users the exact version of the webserver and PHP? What are they supposed to do with this information? Actually, it does help some people: Attackers can now skip the step of fingerprinting your software, because you've already told them everything they need to know. How kind of you. Quote Link to comment Share on other sites More sharing options...
Dareros Posted August 10, 2014 Author Share Posted August 10, 2014 Why on earth do you tell your users the exact version of the webserver and PHP? What are they supposed to do with this information? Actually, it does help some people: Attackers can now skip the step of fingerprinting your software, because you've already told them everything they need to know. How kind of you. Do you mean those lines : Server: Apache/2.2.22 (Ubuntu) X-Powered-By: PHP/5.4.9-4ubuntu2 If so, can i remove them without causing any user experience issue ? because i wouldn't like to change header to not make any thing wrong. I know my skills aren't top too mush. Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted August 10, 2014 Share Posted August 10, 2014 Yes, I mean those two lines. They are not only completely irrelevant for the client, they actually help attackers by giving away internal information about your webserver. Which version of Apache and PHP you're running is none of your users' business. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.