Description: ------------ Location header not handled correctly for non-http protocols. If a Location: ftp://bar.com for example is returned by an HTTP request to http://foo.com, then HTTP_Request assumes this is a relative redirect and will redirect to http://foo.com/ftp://bar.com Problem occours at lines 620-650. I advise a conditional error just after if (preg_match('/^https?:\/\//i', $redirect)) { .. } elseif perhaps a regex matching [a-z]{3,5}:// ? perhaps an error saying 'redirect to unsupported protocol'

Redirect support is deprecated in HTTP_Request. Moving the report to HTTP_Client package which suffers from the same problem.

This bug has been fixed in CVS. If this was a documentation problem, the fix will appear on pear.php.net by the end of next Sunday (CET). If this was a problem with the pear.php.net website, the change should be live shortly. Otherwise, the fix will appear in the package's next release. Thank you for the report and for helping us make PEAR better. --- In case of non-HTTP redirect it just returns now (since that's not exactly a error, there is no point in raising one). The URL is available for further processing in current response.