HTTP and HTTPS

PHP 4, PHP 5. https:// since PHP 4.3.0

Allows read-only access to files/resources via HTTP 1.0, using the HTTP GET method. A Host: header is sent with the request to handle name-based virtual hosts. If you have configured a user_agent string using your php.ini file or the stream context, it will also be included in the request.

Warning

When using SSL, Microsoft IIS will violate the protocol by closing the connection without sending a close_notify indicator. PHP will report this as "SSL: Fatal Protocol Error" when you reach the end of the data. To work around this, the value of error_reporting should be lowered to a level that does not include warnings. PHP 4.3.7 and higher can detect buggy IIS server software when you open the stream using the https:// wrapper and will suppress the warning. When using fsockopen() to create an ssl:// socket, the developer is responsible for detecting and suppressing this warning.

Redirects have been supported since PHP 4.0.5; if you are using an earlier version you will need to include trailing slashes in your URLs. If it's important to know the URL of the resource where your document came from (after all redirects have been processed), you'll need to process the series of response headers returned by the stream.

<?php
$url 
'http://www.example.com/redirecting_page.php';

$fp fopen($url'r');

/* Prior to PHP 4.3.0 use $http_response_header
   instead of stream_get_meta_data() */
$meta_data stream_get_meta_data($fp);
foreach(
$meta_data['wrapper_data'] as $response) {

  
/* Were we redirected? */
  
if (substr(strtolower($response), 010) == 'location: ') {
    
/* update $url with where we were redirected to */
    
$url substr($response18);
  }

}

?>

The stream allows access to the body of the resource; the headers are stored in the $http_response_header variable. Since PHP 4.3.0, the headers are available using stream_get_meta_data().

HTTP connections are read-only; you cannot write data or copy files to an HTTP resource.

Note: HTTPS is supported starting from PHP 4.3.0, if you have compiled in support for OpenSSL.

If you have set the from directive in php.ini, and do not define a From: header in the Context options and parameters, then this value will be sent as the From: header in the HTTP request.

Wrapper Summary
Attribute Supported
Restricted by allow_url_fopen Yes
Allows Reading Yes
Allows Writing No
Allows Appending No
Allows Simultaneous Reading and Writing N/A
Supports stat() No
Supports unlink() No
Supports rename() No
Supports mkdir() No
Supports rmdir() No

Custom headers may be sent with an HTTP request prior to version 5 by taking advantage of a side-effect in the handling of the user_agent INI setting. Set user_agent to any valid string (such as the default PHP/version setting) followed by a carriage-return/line-feed pair and any additional headers. This method works in PHP 4 and all later versions.

Example #1 Sending custom headers with an HTTP request

<?php
ini_set
('user_agent'"PHP\r\nX-MyCustomHeader: Foo");

$fp fopen('http://www.example.com/index.php''r');
?>

Results in the following request being sent:

GET /index.php HTTP/1.0
Host: www.example.com
User-Agent: PHP
X-MyCustomHeader: Foo