Gitee
\
Acme
Aura
Intl
Exception
Behavior
Boris
Cake
Auth
Storage
Cache
Engine
Chronos
Benchmarks
Chronos
MutableDateTime
Traits
Collection
Iterator
Command
Console
Exception
Controller
Component
Exception
Core
Configure
Engine
Exception
Retry
Database
Driver
Exception
Expression
Log
Retry
Schema
Statement
Type
Datasource
Exception
Error
Middleware
Event
Decorator
Filesystem
Form
Http
Client
Adapter
Auth
Cookie
Exception
Middleware
Session
I18n
Formatter
Middleware
Parser
Log
Engine
Mailer
Exception
Transport
Network
Exception
ORM
Association
Loader
Behavior
Translate
Exception
Locator
Rule
PHPStan
Routing
Exception
Filter
Middleware
Route
Shell
Helper
Task
Test
Fixture
TestSuite
Constraint
Console
Email
Response
Session
View
Fixture
Stub
Utility
Crypto
Exception
Validation
View
Exception
Form
Helper
Widget
Composer
Autoload
Installers
f4engine
engine
Home
Controller
Monolog
Formatter
Handler
Processor
Org
Net
Util
Psr
Http
Message
Log
Test
SimpleCache
Think
Cache
Driver
Controller
Crypt
Driver
Db
Driver
Image
Driver
Log
Driver
Model
Session
Driver
Storage
Driver
Template
Driver
TagLib
Upload
Driver
Bcs
Qiniu
Zend
Diactoros
Exception
Request
Response

\Zend\DiactorosHeaderSecurity

Provide security tools around HTTP headers to prevent common injection vectors.

Code is largely lifted from the Zend\Http\Header\HeaderValue implementation in Zend Framework, released with the copyright and license below.

Summary

Methods
Properties
Constants
filter()
isValid()
assertValid()
assertValidName()
No public properties found
No constants found
No protected methods found
No protected properties found
N/A
__construct()
No private properties found
N/A

Methods

filter()

filter(string  $value) : string

Filter a header value

Ensures CRLF header injection vectors are filtered.

Per RFC 7230, only VISIBLE ASCII characters, spaces, and horizontal tabs are allowed in values; header continuations MUST consist of a single CRLF sequence followed by a space or horizontal tab.

This method filters any values not allowed from the string, and is lossy.

Parameters

string $value

Returns

string

isValid()

isValid(string  $value) : boolean

Validate a header value.

Per RFC 7230, only VISIBLE ASCII characters, spaces, and horizontal tabs are allowed in values; header continuations MUST consist of a single CRLF sequence followed by a space or horizontal tab.

Parameters

string $value

Returns

boolean

assertValid()

assertValid(string  $value)

Assert a header value is valid.

Parameters

string $value

Throws

\InvalidArgumentException

for invalid values

assertValidName()

assertValidName(mixed  $name)

Assert whether or not a header name is valid.

Parameters

mixed $name

Throws

\InvalidArgumentException

__construct()

__construct()

Private constructor; non-instantiable.