Merging develop to master in preparation for 2.9.0 release.

.travis.yml

@@ -1,5 +1,3 @@
-sudo: false
-
 language: php
 
 cache:
@@ -54,6 +52,15 @@ matrix:
     - php: 7.2
       env:
         - DEPS=latest
+    - php: 7.3
+      env:
+        - DEPS=lowest
+    - php: 7.3
+      env:
+        - DEPS=locked
+    - php: 7.3
+      env:
+        - DEPS=latest
 
 before_install:
   - if [[ $TEST_COVERAGE != 'true' ]]; then phpenv config-rm xdebug.ini || return 0 ; fi

CHANGELOG.md

@@ -2,6 +2,44 @@
 
 All notable changes to this project will be documented in this file, in reverse chronological order by release.
 
+## 2.9.0 - 2019-01-08
+
+### Added
+
+- [#154](https://github.com/zendframework/zend-http/pull/154) adds the method `SetCookie::setEncodeValue()`. By default, Set-Cookie
+  values are passed through `urlencode()`; when a boolean `false` is provided to
+  this new method, the raw value will be used instead.
+
+- [#166](https://github.com/zendframework/zend-http/pull/166) adds support for PHP 7.3.
+
+### Changed
+
+- [#154](https://github.com/zendframework/zend-http/pull/154) changes the behavior of `SetCookie::fromString()` slightly: if the parsed
+  cookie value is the same as the one passed through `urldecode()`, the
+  `SetCookie` header's `$encodeValue` property will be toggled off to ensure the
+  value is not encoded in subsequent serializations, thus retaining the
+  integrity of the value between usages.
+
+- [#161](https://github.com/zendframework/zend-http/pull/161) changes how the Socket and Test adapters aggregate headers. Previously,
+  they would `ucfirst()` the header name; now, they correctly leave the header
+  names untouched, as header names should be considered case-insensitive.
+
+- [#156](https://github.com/zendframework/zend-http/pull/156) changes how gzip and deflate decompression occur in responses, ensuring
+  that if the Content-Length header reports 0, no decompression is attempted,
+  and an empty string is returned.
+
+### Deprecated
+
+- Nothing.
+
+### Removed
+
+- [#166](https://github.com/zendframework/zend-http/pull/166) removes support for zend-stdlib v2 releases.
+
+### Fixed
+
+- Nothing.
+
 ## 2.8.3 - 2019-01-08
 
 ### Added

composer.json

@@ -20,7 +20,7 @@
     "require": {
         "php": "^5.6 || ^7.0",
         "zendframework/zend-loader": "^2.5.1",
-        "zendframework/zend-stdlib": "^3.1 || ^2.7.7",
+        "zendframework/zend-stdlib": "^3.2.1",
         "zendframework/zend-uri": "^2.5.2",
         "zendframework/zend-validator": "^2.10.1"
     },
@@ -47,8 +47,8 @@
     },
     "extra": {
         "branch-alias": {
-            "dev-master": "2.8.x-dev",
-            "dev-develop": "2.9.x-dev"
+            "dev-master": "2.9.x-dev",
+            "dev-develop": "2.10.x-dev"
         }
     },
     "scripts": {

src/Client/Adapter/Socket.php

@@ -389,7 +389,7 @@ public function write($method, $uri, $httpVer = '1.1', $headers = [], $body = ''
         $request = $method . ' ' . $path . ' HTTP/' . $httpVer . "\r\n";
         foreach ($headers as $k => $v) {
             if (is_string($k)) {
-                $v = ucfirst($k) . ': ' . $v;
+                $v = $k . ': ' . $v;
             }
             $request .= $v . "\r\n";
         }

src/Client/Adapter/Test.php

@@ -132,7 +132,7 @@ public function write($method, $uri, $httpVer = '1.1', $headers = [], $body = ''
         $request = $method . ' ' . $path . ' HTTP/' . $httpVer . "\r\n";
         foreach ($headers as $k => $v) {
             if (is_string($k)) {
-                $v = ucfirst($k) . ': ' . $v;
+                $v = $k . ': ' . $v;
             }
             $request .= $v . "\r\n";
         }

src/Header/Cookie.php

@@ -75,12 +75,20 @@ public function __construct(array $array = [])
         parent::__construct($array, ArrayObject::ARRAY_AS_PROPS);
     }
 
+    /**
+     * @param bool $encodeValue
+     *
+     * @return $this
+     */
     public function setEncodeValue($encodeValue)
     {
         $this->encodeValue = (bool) $encodeValue;
         return $this;
     }
 
+    /**
+     * @return bool
+     */
     public function getEncodeValue()
     {
         return $this->encodeValue;

src/Header/SetCookie.php

@@ -85,6 +85,11 @@ class SetCookie implements MultipleHeaderInterface
      */
     protected $httponly;
 
+    /**
+     * @var bool
+     */
+    protected $encodeValue = true;
+
     /**
      * @static
      * @throws Exception\InvalidArgumentException
@@ -99,6 +104,7 @@ public static function fromString($headerLine, $bypassHeaderFieldName = false)
         if ($setCookieProcessor === null) {
             $setCookieClass = get_called_class();
             $setCookieProcessor = function ($headerLine) use ($setCookieClass) {
+                /** @var SetCookie $header */
                 $header = new $setCookieClass();
                 $keyValuePairs = preg_split('#;\s*#', $headerLine);
 
@@ -115,6 +121,11 @@ public static function fromString($headerLine, $bypassHeaderFieldName = false)
                     if ($header->getName() === null) {
                         $header->setName($headerKey);
                         $header->setValue(urldecode($headerValue));
+
+                        // set no encode value if raw and encoded values are the same
+                        if (urldecode($headerValue) === $headerValue) {
+                            $header->setEncodeValue(false);
+                        }
                         continue;
                     }
 
@@ -213,6 +224,22 @@ public function __construct(
              ->setHttpOnly($httponly);
     }
 
+    /**
+     * @return bool
+     */
+    public function getEncodeValue()
+    {
+        return $this->encodeValue;
+    }
+
+    /**
+     * @param bool $encodeValue
+     */
+    public function setEncodeValue($encodeValue)
+    {
+        $this->encodeValue = (bool) $encodeValue;
+    }
+
     /**
      * @return string 'Set-Cookie'
      */
@@ -231,7 +258,7 @@ public function getFieldValue()
             return '';
         }
 
-        $value = urlencode($this->getValue());
+        $value = $this->encodeValue ? urlencode($this->getValue()) : $this->getValue();
         if ($this->hasQuoteFieldValue()) {
             $value = '"' . $value . '"';
         }

src/Response.php

@@ -564,6 +564,11 @@ protected function decodeGzip($body)
             );
         }
 
+        if ($this->getHeaders()->has('content-length')
+            && 0 === (int) $this->getHeaders()->get('content-length')->getFieldValue()) {
+            return '';
+        }
+
         ErrorHandler::start();
         $return = gzinflate(substr($body, 10));
         $test = ErrorHandler::stop();
@@ -594,6 +599,11 @@ protected function decodeDeflate($body)
             );
         }
 
+        if ($this->getHeaders()->has('content-length')
+            && 0 === (int) $this->getHeaders()->get('content-length')->getFieldValue()) {
+            return '';
+        }
+
         /**
          * Some servers (IIS ?) send a broken deflate response, without the
          * RFC-required zlib header.

test/Client/SocketTest.php

@@ -339,6 +339,24 @@ public function testAllowsZeroWrittenBytes()
         $this->_adapter->write('GET', new Uri('tcp://localhost:80/'), '1.1', [], 'test body');
     }
 
+    /**
+     * Verifies that the headers are being set as given without changing any
+     * character case.
+     */
+    public function testCaseInsensitiveHeaders()
+    {
+        $this->_adapter->connect('localhost');
+        $requestString = $this->_adapter->write(
+            'GET',
+            new Uri('tcp://localhost:80/'),
+            '1.1',
+            ['x-test-header' => 'someTestHeader'],
+            'someTestBody'
+        );
+
+        $this->assertContains('x-test-header', $requestString);
+    }
+
     /**
      * Data Providers
      */

test/Header/SetCookieTest.php

@@ -50,6 +50,14 @@ public function testSetCookieFromStringWithQuotedValue()
         $this->assertEquals('myname=quotedValue', $setCookieHeader->getFieldValue());
     }
 
+    public function testSetCookieFromStringWithNotEncodedValue()
+    {
+        $setCookieHeader = SetCookie::fromString('Set-Cookie: foo=a:b; Path=/');
+        $this->assertFalse($setCookieHeader->getEncodeValue());
+        $this->assertEquals('a:b', $setCookieHeader->getValue());
+        $this->assertEquals('foo=a:b; Path=/', $setCookieHeader->getFieldValue());
+    }
+
     public function testSetCookieFromStringCreatesValidSetCookieHeader()
     {
         $setCookieHeader = SetCookie::fromString('Set-Cookie: xxx');
@@ -457,6 +465,25 @@ public function testPreventsCRLFAttackViaSetValue()
         $this->assertEquals('Set-Cookie: leo_auth_token=example%0D%0A%0D%0AevilContent', $header->toString());
     }
 
+    public function testSetCookieWithEncodeValue()
+    {
+        $header = new SetCookie('test');
+        $header->setValue('a:b');
+
+        $this->assertSame('a:b', $header->getValue());
+        $this->assertSame('test=a%3Ab', $header->getFieldValue());
+    }
+
+    public function testSetCookieWithNoEncodeValue()
+    {
+        $header = new SetCookie('test');
+        $header->setValue('a:b');
+        $header->setEncodeValue(false);
+
+        $this->assertSame('a:b', $header->getValue());
+        $this->assertSame('test=a:b', $header->getFieldValue());
+    }
+
     public function setterInjections()
     {
         return [