This repository has been archived by the owner on Jan 8, 2020. It is now read-only.
Support for Origin header #5029
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@jas- You got a commit that does not belong here |
|
@macnibblet Whoops, thanks! |
Added FQDN as Origin string per RFC @ http://tools.ietf.org/id/draft-abarth-origin-03.html#rfc.section.2 for test case
|
@jas- seems like you create your branch based on this PR #5008 if that is the case the easiest way i see to correct it is create a new branch based on master and copy the new two files to that branch and edit the other file again. Or merge or rebase your branch with an updated version of master (Since the PR has already been acepted) |
…d\Uri\UriFactory' method of validation
| throw new Exception\InvalidArgumentException('Invalid header line for Origin string: "' . $name . '"'); | ||
| } | ||
|
|
||
| if (!filter_var($value, FILTER_VALIDATE_URL)) { |
There was a problem hiding this comment.
The problem with filter_var is that it will return false for "example.com". iirc I've seen many CORS requests where the Origin is not using the schema.
There was a problem hiding this comment.
According to the ietf working draft the UA behavior should be conforming to RFC 3986 regarding the proper URI format which (without more testing on my own) this doc seems to support your claim. Are you aware of a sure fire RFC 3986 regex to take its place? I will have to test this a bit but I found one that seems to conform on stack overflow
preg_match(/^(([^:/?#]+):)?(//([^/?#]*))?([^?#]*)(\?([^#]*))?(#(.*))?/, $value)
There was a problem hiding this comment.
What about using Zend\Uri validator ?
| @@ -56,6 +56,7 @@ class HeaderLoader extends PluginClassLoader | |||
| 'lastmodified' => 'Zend\Http\Header\LastModified', | |||
| 'location' => 'Zend\Http\Header\Location', | |||
| 'maxforwards' => 'Zend\Http\Header\MaxForwards', | |||
| 'Origin' => 'Zend\Http\Header\Origin', | |||
There was a problem hiding this comment.
lowercase keys here are necessary. I can do that on merge, though.
weierophinney
added a commit
that referenced
this pull request
Oct 22, 2013
Support for Origin header
weierophinney
added a commit
that referenced
this pull request
Oct 22, 2013
- lowercase "origin" in plugin loader - remove unnecessary lines in test class
weierophinney
added a commit
that referenced
this pull request
Oct 22, 2013
ghost
assigned 
|
Merged to develop for release with 2.3.0. |
|
@weierophinney Thanks! |
Ocramius
added a commit
that referenced
this pull request
Apr 14, 2014
gianarb
pushed a commit
to zendframework/zend-eventmanager
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' Close zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-eventmanager
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' into develop Close zendframework/zendframework#5029 Forward Port zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-servicemanager
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' Close zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-servicemanager
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' into develop Close zendframework/zendframework#5029 Forward Port zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-stdlib
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' Close zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-stdlib
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' into develop Close zendframework/zendframework#5029 Forward Port zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-i18n
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' Close zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-i18n
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' into develop Close zendframework/zendframework#5029 Forward Port zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-inputfilter
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' Close zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-inputfilter
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' into develop Close zendframework/zendframework#5029 Forward Port zendframework/zendframework#5029
weierophinney
added a commit
to zendframework/zend-http
that referenced
this pull request
May 15, 2015
Support for Origin header
weierophinney
added a commit
to zendframework/zend-http
that referenced
this pull request
May 15, 2015
- lowercase "origin" in plugin loader - remove unnecessary lines in test class
weierophinney
added a commit
to zendframework/zend-http
that referenced
this pull request
May 15, 2015
gianarb
pushed a commit
to zendframework/zend-http
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' Close zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-http
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' into develop Close zendframework/zendframework#5029 Forward Port zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-log
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' Close zendframework/zendframework#5029
gianarb
pushed a commit
to zendframework/zend-log
that referenced
this pull request
May 15, 2015
…efixed-with-global-ns' into develop Close zendframework/zendframework#5029 Forward Port zendframework/zendframework#5029
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Per issue #5025 discussed with @weierophinney. Please let me know if I missed a step as I followed the contributing guide.