Disable cURL encoding/compression handling when a bad Content-Encoding header is received

[mmeier86]

This PR relates to #961 and FreshRSS/FreshRSS#8374.

When cURL has already returned a bad encoding error, this is a good indication that the server ignores Accept-Encoding headers, as the CURLOPT_ENCODING option is already set to '' for the first request. This results in cURL sending an Accept-Encoding header with all supported encodings (compression algorithms, in practice) already in the first request. And the fact that this request results in a CURLE_BAD_CONTENT_ENCODING error indicates that the server ignored that header already. So trying again, but this time with CURLOPT_ENCODING = 'none' seems unlikely to result in success?

Instead, my proposal here is to set CURLOPT_ENCODING to null, which tells cURL to disable compression handling altogether and to ignore the bad Content-Encoding header send by the server.

I was able to confirm that this works in tests with FreshRSS against a test setup where the server sends a valid index.xml with an RSS feed, but with the Content-Encoding header set to aws-chunked. With CURLOPT_ENCODING = 'none', the fetch fails and the body is empty, leading to FreshRSS not being able to add the feed. But with CURLOPT_ENCODING = null set, the fetch succeeds and the feed can be added.

[jtojnar]

Thanks.

Looks like this was introduced in f5d76cd to fix specific bug in another site but the feed mentioned in the issue no longer works so hard to tell if it is needed nowadays.

Accept-Encoding does not support none, only identity so I agree falling back to the former does not make sense, except as a quirk for some non-compliant server. But without a reproducible example, I would go with your fix.

It would also be helpful to include a test. Something like the following (with #966):

--- a/tests/Integration/SimplePieTest.php
+++ b/tests/Integration/SimplePieTest.php
@@ -553,4 +553,37 @@ HTML
         self::assertLessThanOrEqual(1, count($feed->get_links('self') ?? []), 'Link rel=self should not be promoted from HTML when it is already present in headers');
         self::assertSame($bogoUrl, $feed->get_link(0, 'bogo'), 'Link rel=bogo does not match');
     }
+
+    public function testSimplePieIgnoresBadContentEncodingHeader(): void
+    {
+        $server = new MockWebServer();
+        $server->start();
+
+        $filepath = dirname(__FILE__, 2) . '/data/feed_rss-2.0.xml';
+        $body = file_get_contents($filepath);
+        \assert($body !== false); // For PHPStan
+
+        $url = $server->setResponseOfPath(
+            '/bad-content-encoding',
+            new MockWebServerResponse($body, [
+                'content-type: application/rss+xml',
+                'content-encoding: aws-chunked',
+            ], 200)
+        );
+
+        $feed = new SimplePie();
+        $feed->enable_cache(false);
+
+        $feed->set_feed_url($url);
+
+        // For some reason, without this, Sniffer thinks we have text/plain on error.
+        $feed->force_feed(true);
+
+        $return = $feed->init();
+        $server->stop();
+
+        $error = implode("\n", (array) ($feed->error() ?? '')); // For PHPStan
+        self::assertTrue($return, 'Failed fetching feed: ' . $error);
+        self::assertSame(200, $feed->status_code());
+    }
 }

[mmeier86]

I'm not exactly fluent in PHP, but I will give it a good try.

[mmeier86]

It looks like the fix doesn't work for older PHP versions. I'm trying to figure out what the issue is there. I've also added an assert to make sure that cURL is actually available in the test, as I initially didn't have cURL support in my local PHP setup and couldn't get the test to fail at all, as it used the non-cURL code path without me realising.

[jtojnar]

Looks like setting NULL does not work on PHP < 8.1 because of php/php-src#11433, which leads to curl returning:

string(113) "cURL error 61: Unrecognized content encoding type. libcurl understands deflate, gzip, br, zstd content encodings."

[jtojnar]

I managed to work around it by creating a new curl handle from scratch but PHPStan does not like that on older versions of PHP where curl_init returns resource instead of CurlHandle:

https://github.com/simplepie/simplepie/compare/master...jtojnar:simplepie:disable-curl-encoding-handling-for-bad-content-encoding?expand=1

[mmeier86]

I think I see what you're getting at with that commit, let me see whether I can stretch my non-existent PHP skills far enough to make it work in this PR.

[jtojnar]

I managed to get it working using conditional PHPStan config, you can just cherry pick both commits if you want.

[mmeier86]

That seems to have done the trick.

[jtojnar]

Thanks.

[Art4]

@mmeier86 Thanks for your contribution!

@jtojnar nice solution for curl_init() and PHPStan, thanks!