PHP Class Phly\Http\HeaderSecurity

Code is largely lifted from the Zend\Http\Header\HeaderValue implementation in Zend Framework, released with the copyright and license below.

Datei anzeigen Open project: phly/http Class Usage Examples

Public Methods

Method	Description
assertValid ( string $value )	Assert a header value is valid.
assertValidName ( mixed $name )	Assert whether or not a header name is valid.
filter ( string $value ) : string	Filter a header value
isValid ( string $value ) : boolean	Validate a header value.

Private Methods

Method	Description
__construct ( )	Private constructor; non-instantiable.

Method Details

assertValid() public static method

Assert a header value is valid.

public static assertValid ( string $value )
$value	string

assertValidName() public static method

Assert whether or not a header name is valid.

See also: http://tools.ietf.org/html/rfc7230#section-3.2

public static assertValidName ( mixed $name )
$name	mixed

filter() public static method

Ensures CRLF header injection vectors are filtered. Per RFC 7230, only VISIBLE ASCII characters, spaces, and horizontal tabs are allowed in values; header continuations MUST consist of a single CRLF sequence followed by a space or horizontal tab. This method filters any values not allowed from the string, and is lossy.

See also: http://en.wikipedia.org/wiki/HTTP_response_splitting

public static filter ( string $value ) : string
$value	string
return	string

isValid() public static method

Per RFC 7230, only VISIBLE ASCII characters, spaces, and horizontal tabs are allowed in values; header continuations MUST consist of a single CRLF sequence followed by a space or horizontal tab.

See also: http://en.wikipedia.org/wiki/HTTP_response_splitting

public static isValid ( string $value ) : boolean
$value	string
return	boolean