Page MenuHomePhabricator

PHP Warning "headers already sent" from MediaWiki::preOutputCommit during SpecialCentralAutoLogin
Closed, ResolvedPublicPRODUCTION ERROR



Request URL: GET enwiki /wiki/Special:CentralAutoLogin/setCookies?type=script&return=1&returnto= … &proto=https

PHP Warning: Cannot modify header information - headers already sent by (output started at /srv/mediawiki/php-1.34.0-wmf.8/extensions/CentralAuth/includes/specials/SpecialCentralAutoLogin.php:649)
#1 /srv/mediawiki/php-1.34.0-wmf.8/includes/WebResponse.php(72): header(string, boolean)
#2 /srv/mediawiki/php-1.34.0-wmf.8/includes/MediaWiki.php(672): WebResponse->header(string)
#3 /srv/mediawiki/php-1.34.0-wmf.8/includes/MediaWiki.php(566): MediaWiki::preOutputCommit(RequestContext, Closure)
#4 /srv/mediawiki/php-1.34.0-wmf.8/includes/MediaWiki.php(881): MediaWiki->doPreOutputCommit(Closure)
#5 /srv/mediawiki/php-1.34.0-wmf.8/includes/MediaWiki.php(515): MediaWiki->main()
#6 /srv/mediawiki/php-1.34.0-wmf.8/index.php(42): MediaWiki->run()
#7 /srv/mediawiki/w/index.php(3): require(string)


The application explicitly tries to add an HTTP response header, but PHP is silently rejecting this attempt because other code in the same process had already started the response body and thus it cannot send response headers any more.

The request continues as if the header was output, without awareness that this operation was skipped. This means anything that relies on this header being present might be confused, corrupted, or become stale without automatic recovery.


Event Timeline

It seems some code in MediaWiki::preOutputCommit that relates to headers is already aware that special pages and other end points are currently allowed to handle their own response (such as Special:Export and Special:CentralAutoLogin do, via OutputPage::disable), and have handling for scenarios where headers are already sent.

However, the following three features do not account for this and currently get silently ignored by PHP, resulting in the above warning:

  1. The UseDC and UseCDNCache cookies.
  2. The X-Database-Lagged: true header.
  3. The X-Response-Substitute: true header.

The sample in the task description is from X-Database-Lagged: true.

Change 517617 had a related patch set uploaded (by Aaron Schulz; owner: Aaron Schulz):
[mediawiki/core@master] Various cleanups to MediaWiki::preOutputCommit

Change 517617 merged by jenkins-bot:
[mediawiki/core@master] Various cleanups to MediaWiki::preOutputCommit

mmodell changed the subtype of this task from "Task" to "Production Error".Aug 28 2019, 11:06 PM