From 56f0b72e8dbf5b7205ae12c80e0f4c9a0614d1a2 Mon Sep 17 00:00:00 2001
From: Daniel Hensby <dhensby@silverstripe.com>
Date: Thu, 28 Jul 2016 16:26:36 +0100
Subject: [PATCH] FIX ETag header now properly quoted

---
 control/HTTP.php         | 8 ++++++++
 control/HTTPResponse.php | 4 ++++
 2 files changed, 12 insertions(+)

diff --git a/control/HTTP.php b/control/HTTP.php
index d105818c8..611132683 100644
--- a/control/HTTP.php
+++ b/control/HTTP.php
@@ -302,6 +302,9 @@ class HTTP {
 	}
 
 	public static function register_etag($etag) {
+		if (0 !== strpos('"')) {
+			$etag = sprintf('"%s"', $etag);
+		}
 		self::$etag = $etag;
 	}
 
@@ -447,6 +450,11 @@ class HTTP {
 			$responseHeaders['ETag'] = self::$etag;
 		}
 
+		// etag needs to be a quoted string according to HTTP spec
+		if (!empty($responseHeaders['ETag']) && 0 !== strpos($responseHeaders['ETag'], '"')) {
+			$responseHeaders['ETag'] = sprintf('"%s"', $responseHeaders['ETag']);
+		}
+
 		// Now that we've generated them, either output them or attach them to the SS_HTTPResponse as appropriate
 		foreach($responseHeaders as $k => $v) {
 			if($body) {
diff --git a/control/HTTPResponse.php b/control/HTTPResponse.php
index aefa6dde1..c952c9306 100644
--- a/control/HTTPResponse.php
+++ b/control/HTTPResponse.php
@@ -254,6 +254,10 @@ EOT
 			if(!headers_sent($file, $line)) {
 				header($_SERVER['SERVER_PROTOCOL'] . " $this->statusCode " . $this->getStatusDescription());
 				foreach($this->headers as $header => $value) {
+					//etags need to be quoted
+					if (strcasecmp('etag', $header) === 0 && 0 !== strpos($value, '"')) {
+						$value = sprintf('"%s"', $value);
+					}
 					header("$header: $value", true, $this->statusCode);
 				}
 			} else {