http:// -- https://Accessing HTTP(s) URLs


Allows read-only access to files/resources via HTTP. By default, a HTTP 1.0 GET is used. A Host: header is sent with the request to handle name-based virtual hosts. If you have configured a user_agent string using your php.ini file or the stream context, it will also be included in the request.

The stream allows access to the body of the resource; the headers are stored in the $http_response_header variable.

If it's important to know the URL of the resource where your document came from (after all redirects have been processed), you'll need to process the series of response headers returned by the stream.

The from directive will be used for the From: header if set and not overwritten by the Context options and parameters.




Wrapper Summary
Attribute Supported
Restricted by allow_url_fopen Yes
Allows Reading Yes
Allows Writing No
Allows Appending No
Allows Simultaneous Reading and Writing N/A
Supports stat() No
Supports unlink() No
Supports rename() No
Supports mkdir() No
Supports rmdir() No


Example #1 Detecting which URL we ended up on after redirects

= '';

$fp = fopen($url, 'r');

$meta_data = stream_get_meta_data($fp);
foreach (
$meta_data['wrapper_data'] as $response) {

/* Were we redirected? */
if (strtolower(substr($response, 0, 10)) == 'location: ') {

/* update $url with where we were redirected to */
$url = substr($response, 10);




Note: HTTPS is only supported when the openssl extension is enabled.

HTTP connections are read-only; writing data or copying files to an HTTP resource is not supported.

Sending POST and PUT requests, for example, can be done with the help of HTTP Contexts.

See Also

add a note add a note

User Contributed Notes 4 notes

dwalton at acm dot org
17 years ago
As it says on this page:

"The stream allows access to the body of the resource; the headers are stored in the $http_response_header variable. Since PHP 4.3.0, the headers are available using stream_get_meta_data()."

This one sentence is the only documentation I have found on the mysterious $http_response_header variable, and I'm afraid it's misleading.  It implies that from 4.3.0 onward, stream_get_meta_data() ought to be used in favor of $http_response_header. 

Don't be fooled!  stream_get_meta_data() requires a stream reference, which makes it ONLY useful with fopen() and related functions.  However, $http_response_header can be used to get the headers from the much simpler file_get_contents() and related functions, which makes it still very useful in 5.x.

Also note that even when file_get_contents() and friends fail due to a 4xx or 5xx error and return false, the headers are still available in $http_response_header.
Rainer Perske
8 years ago
Passing authentication information in the URL as in "" works for HTTP "Basic" access authentication but not for HTTP "Digest" access authentication. You can use the cURL functions for servers requesting HTTP "Digest" access authentication.
NEA at AraTaraBul dot com
16 years ago
HTTP post function;

function post_it($datastream, $url) {

$url = preg_replace("@^http://@i", "", $url);
$host = substr($url, 0, strpos($url, "/"));
$uri = strstr($url, "/");

$reqbody = "";
$datastream as $key=>$val) {
          if (!empty(
$reqbody)) $reqbody.= "&";
$reqbody.= $key."=".urlencode($val);

$contentlength = strlen($reqbody);
$reqheader "POST $uri HTTP/1.1\r\n".
"Host: $host\n". "User-Agent: PostIt\r\n".
"Content-Type: application/x-www-form-urlencoded\r\n".
"Content-Length: $contentlength\r\n\r\n".

$socket = fsockopen($host, 80, $errno, $errstr);

if (!
$socket) {
$result["errno"] = $errno;
$result["errstr"] = $errstr;

fputs($socket, $reqheader);

while (!
feof($socket)) {
$result[] = fgets($socket, 4096);


16 years ago
If you want to send more than one custom header, just make header an array:

= array(
'http' => array(
'user_agent' => 'Foobar',
'header' => array(
'X-Foo: Bar',
'X-Bar: Baz'
To Top