Cookies Issue

[shellus]

example.php:

/**
 * Created by PhpStorm.
 * User: shellus-out
 * Date: 2016/11/25
 * Time: 10:51
 */

require __DIR__ . '/../../../vendor/autoload.php';

$url = 'http://127.0.0.1/test.php';
$from = [
    'name' => 'shellus@example.com',
    'password' => 'example',
    'referer' => 'http://blog.example.com/admin/',
];
$headers = \Zend\Http\Headers::fromString("Host: shuoxingba.localhost");

$request = new \Zend\Http\Request();

$request -> setUri($url)
    -> setMethod('GET')
    -> setHeaders($headers);

$client = new \Zend\Http\Client();

$response = $client -> send($request);


$cookies = \Zend\Http\Cookies::fromResponse($response, $url);

var_dump($response -> getBody());

var_dump($cookies -> getAllCookies());

test.php

<?php
/**
 * Created by PhpStorm.
 * User: shellus-out
 * Date: 2016/11/25
 * Time: 17:51
 */

setcookie('abc','123',200,'/test','www.baidu.com',true,false);
setcookie('aba','123');
$_COOKIE["old"] = 'im old';
echo 'ok';

recv:

HTTP/1.1 200 OK
Server: nginx/1.10.0 (Ubuntu)
Date: Mon, 28 Nov 2016 06:05:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: abc=123; expires=Thu, 01-Jan-1970 00:03:20 GMT; Max-Age=-1480312904; path=/test; domain=www.baidu.com; secure
Set-Cookie: aba=123
Content-Encoding: gzip

error:

PHP Fatal error:  Uncaught exception 'Zend\Http\Header\Exception\InvalidArgumentException' with message 'Invalid Max-Age number specified' in C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Header\SetCookie.php:353
Stack trace:
#0 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Header\SetCookie.php(144): Zend\Http\Header\SetCookie->setMaxAge(-1480312904)
#1 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Header\SetCookie.php(169): Zend\Http\Header\SetCookie::Zend\Http\Header\{closure}('abc=123; expire...')
#2 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Headers.php(448): Zend\Http\Header\SetCookie::fromString('Set-Cookie: abc...')
#3 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Headers.php(272): Zend\Http\Headers->lazyLoadHeader(5)
#4 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Response.php(239): Zend\Http\Headers->get('Set-Cookie')
#5 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Client.php in C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Header\SetCookie.php on line 353

Fatal error: Uncaught exception 'Zend\Http\Header\Exception\InvalidArgumentException' with message 'Invalid Max-Age number specified' in C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Header\SetCookie.php:353
Stack trace:
#0 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Header\SetCookie.php(144): Zend\Http\Header\SetCookie->setMaxAge(-1480312904)
#1 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Header\SetCookie.php(169): Zend\Http\Header\SetCookie::Zend\Http\Header\{closure}('abc=123; expire...')
#2 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Headers.php(448): Zend\Http\Header\SetCookie::fromString('Set-Cookie: abc...')
#3 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Headers.php(272): Zend\Http\Headers->lazyLoadHeader(5)
#4 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Response.php(239): Zend\Http\Headers->get('Set-Cookie')
#5 C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Client.php in C:\Users\shellus-out\www\crawl\vendor\zendframework\zend-http\src\Header\SetCookie.php on line 353

in vendor/zendframework/zend-http/src/Header/SetCookie.php:350

    /**
     * Set Max-Age
     *
     * @param int $maxAge
     * @throws Exception\InvalidArgumentException
     * @return SetCookie
     */
    public function setMaxAge($maxAge)
    {
        if ($maxAge !== null && (!is_int($maxAge) || ($maxAge < 0))) {
            throw new Exception\InvalidArgumentException('Invalid Max-Age number specified');
        }
        $this->maxAge = $maxAge;
        return $this;
    }

I think this should not throw an exception, but should be silent correction
If the server must be set to less than 0 Max-Age, then I have no chance to correct this error

[Xerkus]

RFC states that client MUST correct Max-Age to 0 for negative integer and ignore altogether for invalid value, while server MUST conform to ABNF rules
See https://tools.ietf.org/html/rfc6265#section-5.2.2

Since Zend\Http have no way to distinguish the two use cases i believe it should silently swallow the error as suggested in this issue.

[samsonasik]

I've create PR #120 for it

[Xerkus]

Fixed in 2.7.0