PHP Class Phly\Http\HeaderSecurity

Code is largely lifted from the Zend\Http\Header\HeaderValue implementation in Zend Framework, released with the copyright and license below.
Show file Open project: phly/http Class Usage Examples

Public Methods

Method Description
assertValid ( string $value ) Assert a header value is valid.
assertValidName ( mixed $name ) Assert whether or not a header name is valid.
filter ( string $value ) : string Filter a header value
isValid ( string $value ) : boolean Validate a header value.

Private Methods

Method Description
__construct ( ) Private constructor; non-instantiable.

Method Details

assertValid() public static method

Assert a header value is valid.
public static assertValid ( string $value )
$value string

assertValidName() public static method

Assert whether or not a header name is valid.
See also: http://tools.ietf.org/html/rfc7230#section-3.2
public static assertValidName ( mixed $name )
$name mixed

filter() public static method

Ensures CRLF header injection vectors are filtered. Per RFC 7230, only VISIBLE ASCII characters, spaces, and horizontal tabs are allowed in values; header continuations MUST consist of a single CRLF sequence followed by a space or horizontal tab. This method filters any values not allowed from the string, and is lossy.
See also: http://en.wikipedia.org/wiki/HTTP_response_splitting
public static filter ( string $value ) : string
$value string
return string

isValid() public static method

Per RFC 7230, only VISIBLE ASCII characters, spaces, and horizontal tabs are allowed in values; header continuations MUST consist of a single CRLF sequence followed by a space or horizontal tab.
See also: http://en.wikipedia.org/wiki/HTTP_response_splitting
public static isValid ( string $value ) : boolean
$value string
return boolean