mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-09-01 02:21:58 +02:00
Code Issues Releases Wiki Activity

Composer update.

Browse Source
This commit is contained in:
Cameron
2022-03-27 10:23:34 -07:00
parent 632e434711
commit f6d0164f94
10 changed files with 683 additions and 439 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
e107_handlers/vendor/guzzlehttp/psr7/CHANGELOG.md vendored
View File

@@ -9,6 +9,18 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
## Unreleased
## 1.8.5 - 2022-03-20
### Fixed
- Correct header value validation
## 1.8.4 - 2022-03-20
### Fixed
- Validate header values properly
## 1.8.3 - 2021-10-05
### Fixed

5
e107_handlers/vendor/guzzlehttp/psr7/composer.json vendored
View File

@@ -68,6 +68,9 @@
},
"config": {
"preferred-install": "dist",
"sort-packages": true
"sort-packages": true,
"allow-plugins": {
"bamarni/composer-bin-plugin": true
}
}
}

66
e107_handlers/vendor/guzzlehttp/psr7/src/MessageTrait.php vendored
View File

@@ -157,17 +157,22 @@ trait MessageTrait
}
}
/**
* @param mixed $value
*
* @return string[]
*/
private function normalizeHeaderValue($value)
{
if (!is_array($value)) {
return $this->trimHeaderValues([$value]);
return $this->trimAndValidateHeaderValues([$value]);
}
if (count($value) === 0) {
throw new \InvalidArgumentException('Header value can not be an empty array.');
}
return $this->trimHeaderValues($value);
return $this->trimAndValidateHeaderValues($value);
}
/**
@@ -178,13 +183,13 @@ trait MessageTrait
* header-field = field-name ":" OWS field-value OWS
* OWS = *( SP / HTAB )
*
* @param string[] $values Header values
* @param mixed[] $values Header values
*
* @return string[] Trimmed header values
*
* @see https://tools.ietf.org/html/rfc7230#section-3.2.4
*/
private function trimHeaderValues(array $values)
private function trimAndValidateHeaderValues(array $values)
{
return array_map(function ($value) {
if (!is_scalar($value) && null !== $value) {
@@ -194,10 +199,20 @@ trait MessageTrait
));
}
return trim((string) $value, " \t");
$trimmed = trim((string) $value, " \t");
$this->assertValue($trimmed);
return $trimmed;
}, array_values($values));
}
/**
* @see https://tools.ietf.org/html/rfc7230#section-3.2
*
* @param mixed $header
*
* @return void
*/
private function assertHeader($header)
{
if (!is_string($header)) {
@@ -210,5 +225,46 @@ trait MessageTrait
if ($header === '') {
throw new \InvalidArgumentException('Header name can not be empty.');
}
if (! preg_match('/^[a-zA-Z0-9\'`#$%&*+.^_|~!-]+$/', $header)) {
throw new \InvalidArgumentException(
sprintf(
'"%s" is not valid header name',
$header
)
);
}
}
/**
* @param string $value
*
* @return void
*
* @see https://tools.ietf.org/html/rfc7230#section-3.2
*
* field-value = *( field-content / obs-fold )
* field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ]
* field-vchar = VCHAR / obs-text
* VCHAR = %x21-7E
* obs-text = %x80-FF
* obs-fold = CRLF 1*( SP / HTAB )
*/
private function assertValue($value)
{
// The regular expression intentionally does not support the obs-fold production, because as
// per RFC 7230#3.2.4:
//
// A sender MUST NOT generate a message that includes
// line folding (i.e., that has any field-value that contains a match to
// the obs-fold rule) unless the message is intended for packaging
// within the message/http media type.
//
// Clients must not send a request with line folding and a server sending folded headers is
// likely very rare. Line folding is a fairly obscure feature of HTTP/1.1 and thus not accepting
// folding is not likely to break any legitimate use case.
if (! preg_match('/^[\x20\x09\x21-\x7E\x80-\xFF]*$/', $value)) {
throw new \InvalidArgumentException(sprintf('"%s" is not valid header value', $value));
}
}
}