"Content-Length" header set to "0" returns header line without value

[curzio-della-santa]

Hi

Setting the "Content-Length" header to 0, will return an empty header line Content-Length: in the response.
This might break CORS preflight requests processed by load-balancers (e.g. on fortrabbit).

Problem is located in the \Zend\Http\Header\ContentLength constructor, that does not sets the $value property if 0 is passed.

Issue can be fixed in \Zend\Http\Header\ContentLength either:

• changing the constructor behavior (accepting 0 or '0' as value):
  from if ($value) { to if ($value !== null) {
  Note: all other classes in the Zend\Http\Header namespace have the same similar (buggy?) constructor (except GenericHeader).

• changing the getFieldValue method to:

    public function getFieldValue()
    {
        return $this->value ?: 0;
    }

As soon as fixed I recommend to change the requirement of "zfr/zfr-cors" to the newest version of "zendframework/zend-http"

Kind regards,
Curzio

[curzio-della-santa]

Until a fix will be provided for this issue, we have created a dedicated Zf2 module as temporary fix.

This registers a new listener in the MvcEvent::EVENT_FINISH event, to fix (substitute) the incorrect header just before response is returned.

Kind regards,
Curzio