PHP RFC: Slim POST data

PHP RFC: Slim POST data

Version: 1.3
Date: 2013-12-17
Author: Michael Wallner mike@php.net
Status: Accepted
First Published at: https://wiki.php.net/rfc/slim_post_data

Introduction

A memory usage improvement regarding receiving HTTP payloads with a potential reduction of 200-300%.

Proposal

This change replaces the SAPI layer's (raw_)post_data entries with a temporary PHP stream.

If the request was a standard www-form-urlencoded or form-data POST, everything is just as it was before.

If the request had another request method or an unrecognized content type, the payload is available through the re-usable, just-in-time php://input stream.

Proposed PHP Version(s)

Next 5.x, i.e. 5.6

SAPIs Impacted

Web-SAPIs.

Unaffected PHP Functionality

Standard form POSTs and file uploads.

Changes to PHP-5.6

Re-usable, optioanlly JITty initialized php://input stream
Change always_populate_raw_post_data INI setting to accept three values instead of two.
- -1: The behavior of master; don't ever populate $GLOBALS[HTTP_RAW_POST_DATA]
- 0/off/whatever: BC behavior (populate if content-type is not registered or request method is other than POST)
- 1/on/yes/true: BC behavior (always populate $GLOBALS[HTTP_RAW_POST_DATA])

Backward Incompatible Changes to master

$HTTP_RAW_POST_DATA and always_populate_raw_post_data were removed.

BC can be restored with:

$GLOBALS["HTTP_RAW_POST_DATA"] = file_get_contents("php://input");

Impact to Existing Extensions

Extensions utilizing SG(request_info).(raw_)post_data(_len).

In case of mbstring, the fix was as simple and ineffective as:

@@ -376,7 +377,10 @@ SAPI_POST_HANDLER_FUNC(php_mb_post_handler)
        info.num_from_encodings     = MBSTRG(http_input_list_size); 
        info.from_language          = MBSTRG(language);
 
-       detected = _php_mb_encoding_handler_ex(&info, arg, SG(request_info).post_data TSRMLS_CC);
+       php_stream_rewind(SG(request_info).request_body);
+       php_stream_copy_to_mem(SG(request_info).request_body, &post_data_str, PHP_STREAM_COPY_ALL, 0);
+       detected = _php_mb_encoding_handler_ex(&info, arg, post_data_str TSRMLS_CC);
+       STR_FREE(post_data_str);

Future Scope

The SAPI layer might be improved for SAPIs to provide their own PHP stream for POST data implementation, instead of soaking everything into the temp stream.

Proposed Voting Choices

Patches and Tests

To see the changes already in master, do, more or less:

git diff 1c15d70^..e6084da

http://git.php.net/?p=php-src.git;a=commitdiff;h=e6084da4735c945cb071c4d9259ea0d702eb77c6;hp=52ff129607a7193cccbc6bdfbf1c1e8586e8d0d2

Always_populate_raw_post_data patch is available here:

https://github.com/m6w6/php-src/compare/php:PHP-5.6...always_populate_raw_post_data

References

Changes

1.1
- Added PHP-5.6 patch to re-introduce always_populate_raw_post_data (-1/0/1)
1.2
- Re-ordered the RFC and reworded some sections.
1.3
- Accepted.

Vote

RFC/slim_post_data
Real name	Yes	No
aharvey (aharvey)
ajf (ajf)
brianlmoon (brianlmoon)
datibbaw (datibbaw)
derick (derick)
felipe (felipe)
indeyets (indeyets)
joey (joey)
juliens (juliens)
lstrojny (lstrojny)
pajoye (pajoye)
philstu (philstu)
theboss
thorstenr (thorstenr)
tyrael (tyrael)
yohgaki (yohgaki)
zhangzhenyu (zhangzhenyu)
Final result:	17	0
This poll has been closed.

Table of Contents