Tags: ptlis/http
Tags
phly/http 0.13.1 This release contains the following security fix: - [Zend Framework ZF2015-04](http://framework.zend.com/security/advisory/ZF2015-04) detailed HTTP Response Splitting vectors that are possible via HTTP headers, when unfiltered input containing multiple CRLF (`\r\n`) sequences are present. This release contains a patch for the issue, based on the one used in Zend Framework 2. Added ----- - Nothing. Deprecated ---------- - Nothing. Removed ------- - Nothing. Fixed ----- - [phly#59](phly#59) corrects the exception message thrown from `Stream::read()` to use the verbiage "read" instead of "write". - [phly#62](phly#62) ensures that `Uri::parseUri()` raises an exception when `parse_url()` fails. - [phly#63](phly#63) patches CRLF message splitting vectors in the request and response implementations. It adds a new class, `Phly\Http\HeaderSecurity`, which can be used to validate or filter header values, and which is used internally to assert valid header values.
phly/http 0.13.0 This release is BACKWARDS IN-COMPATIBLE with previous releases. psr/http-message 0.11.0 renames the method `Psr\Http\UploadedFileInterface::move()` to `moveTo()`, which presents a backwards compatibility break. Added ----- - `Phly\Http\UploadedFile::moveTo()`, which allows moving an uploaded file to a given path as represented by a valid PHP stream/filename. Deprecated ---------- - Nothing. Removed ------- - `Phly\Http\UploadedFile::move()`, which was replaced with the `moveTo()` method. Fixed ----- - `Phly\Http\Response::getReasonPhrase()` now *always* returns a string, even in cases where the reason phrase is undefined (in which case it will be an empty string). - `Phly\Http\Response::withStatus()` now defines the default value of the `$reasonPhrase` argument as an empty string.
phly/http 0.12.0
This release is BACKWARDS IN-COMPATIBLE with previous releases. This is in large
part due to massive changes between psr/http-message 0.9 and 0.10, which
include:
- Renaming `Psr\Http\Message\StreamableInterface` to
`Psr\Http\Message\StreamInterface`. This will not affect most consumers, but
it *does* change the signature of the `getBody()` and `withBody()` methods of
both requests and responses.
- `Psr\Http\Message\UriInterface` now allows empty paths and relative paths,
which changes the behavior of `Uri::getPath()`.
- `Psr\Http\Message\MessageInterface` renamed one method and changed the
behavior of another method with regard to headers:
- `getHeader($name)` now returns an array of values.
- `getHeaderLines($name)` was renamed to `getHeaderLine($name)`, and now
returns a string or `null`.
- `Psr\Http\Message\StreamInterface` now uses exceptions for reporting error
conditions instead of multiple return values.
- `Psr\Http\Message\RequestInterface::withUri()` defines an additional, optional
parameter, `$preserveHost`; when `true`, the message MUST NOT change the value
of the `Host` header; when `false`, it MUST change the value to correspond
with the value in the URI.
- `Psr\Http\Message\ServerRequestInterface` renames `getFileUploads()` to
`getUploadedFiles()`, and adds a mutator method, `withFileUploads()`. The
structure of this property MUST be a tree with each leaf an instance of a new
interface, `Psr\Http\Message\UploadedFileInterface`.
Due to the above changes, a number of changes were made to phly/http.
Added
-----
- `Phly\Http\UploadedFile`, which is an implementation of
`Psr\Http\Message\UploadedFileInterface`, and provides metadata around an
uploaded file, as well as behavior for retrieving a
`Psr\Http\Http\StreamInterface` representing the upload and for moving the
file to its target destination in an SAPI-agnostic way.
- `Phly\Http\ServerRequestFactory::normalizeFiles()`, which will normalize an
array of files to a tree of `Phly\Http\UploadedFile` instances, including
normalization of upload file arrays.
- `Phly\Http\ServerRequest::getUploadedFiles()`, for returning the normalized
uploaded files tree.
- `Phly\Http\ServerRequest::withUploadedFiles()`, for returning a new instance
containing the uploaded files.
- `Phly\Http\Uri::getHeaderLine($name)`, which returns the comma-concatenated
values for the given header.
Deprecated
----------
- Nothing.
Removed
-------
- `Phly\Http\ServerRequest::getFileParams()`, which was replaced with the
`getUploadedFiles()` method.
- `Phly\Http\Uri::getHeaderLines()`, which was renamed to `getHeaderLine()`,
with different behavior.
Fixed
-----
- `Phly\Http\Uri::withPath()` now defines and accepts the `$preserveHost`
argument, as outlined in this version's overview summary.
- `Phly\Http\Uri::getHeader()` now returns an array of values associated with
the header; an empty array is returned if the header is not defined.
- `Phly\Http\Stream` now raises `InvalidArgumentException` and
`RuntimeException` when unable to perform work, instead of overloading the
return value.
phly/http 0.11.3 Added ----- - Nothing. Deprecated ---------- - Nothing. Removed ------- - Nothing. Fixed ----- - [phly#52](phly#52) Replace `self::` with `static::` and `@return self` with `@return static` to allow for late static binding with class extensions. - [phly#55](phly#55) Updates `parseUri()` to validate the scheme, ensuring the `Uri` instance cannot be instantiated with an invalid scheme. - [phly#54](phly#54) Internal restructuring to allow serialization of a `Uri` instance.
phly/http 0.11.1 Added ----- - Nothing. Deprecated ---------- - Nothing. Removed ------- - Nothing. Fixed ----- - [phly#39](phly#39) Always attempt to return a Host header from a request if a URI is composed containing a host. This will be true for client-side requests only; server-side will only represent what was present in the incoming request. - [phly#40](phly#40) Ensure that path, query string, and fragment are each properly encoded, but also prevent against double encoding of values. - [phly#48](phly#48) Cache generated URI string after first generation. - [phly#42](phly#42) Updated `Stream::getSize()` to return the stream size if a resource is composed. - [phly#41](phly#41) Fixed examples in README to reflect updates in API. - [phly#44](phly#44) Retain case sensitivity for header names (when returned via `getHeaders()`. - [phly#45](phly#45) Fix port numeric comparison to properly accept port integers specified via strings. - [#46](https://github.com/phly/http/pull/46) and [phly#47](phly#47) Fix install instructions to ensure dependencies are resolved properly.
phly/http 0.11.0 This release contains one backwards incompatible change. The upstream psr/http-message's `ServerRequestInterface` renamed the following methods: - `getBodyParams()` was renamed to `getParsedBody()`. - `withBodyParams()` was renamed to `withParsedBody()`. Additionally, `withParsedBody()` removes the `array` typehint. Added ----- - `Phly\Http\ServerRequest::getParsedBody()` (replaces `getBodyParams()`) - `Phly\Http\ServerRequest::withParsedBody()` (replaces `getBodyParams()`) Deprecated ---------- - Nothing. Removed ------- - `Phly\Http\ServerRequest::getBodyParams()` (replaced with `getParsedBody()`) - `Phly\Http\ServerRequest::withBodyParams()` (replaced with `getParsedBody()`) Fixed ----- - `Phly\Http\ServerRequestFactory` was updated to call `withParsedBody()` when seeding parsed body data. - [phly#34](phly#34) Fix `Phly\Http\Response` docblocks to mirror those of psr/http-message. - [phly#35](phly#35) Remove unused variable from test bootstrap. - [phly#37](phly#37) Rename `phpunit.xml` to `phpunit.xml.dist`.
PreviousNext