From 464c5c7733d97d5f4e0b5112658453e2d2b729e7 Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Thu, 6 Apr 2017 15:52:32 +0700 Subject: [PATCH 1/3] Fixes #95: SetCookie::setMaxAge() null, negative, and non-numeric redefinition --- src/Header/SetCookie.php | 13 +++++++++---- test/Header/SetCookieTest.php | 27 +++++++++++++++++++++++++++ 2 files changed, 36 insertions(+), 4 deletions(-) diff --git a/src/Header/SetCookie.php b/src/Header/SetCookie.php index 2501c95707..af8c3c7c4c 100644 --- a/src/Header/SetCookie.php +++ b/src/Header/SetCookie.php @@ -139,7 +139,7 @@ public static function fromString($headerLine, $bypassHeaderFieldName = false) $header->setVersion((int) $headerValue); break; case 'maxage': - $header->setMaxAge((int) $headerValue); + $header->setMaxAge($headerValue); break; default: // Intentionally omitted @@ -342,14 +342,19 @@ public function getVersion() * Set Max-Age * * @param int $maxAge - * @throws Exception\InvalidArgumentException * @return SetCookie */ public function setMaxAge($maxAge) { - if ($maxAge !== null && (! is_int($maxAge) || ($maxAge < 0))) { - throw new Exception\InvalidArgumentException('Invalid Max-Age number specified'); + if ($maxAge === null || ! is_numeric($maxAge)) { + return $this; } + + $maxAge = (int) $maxAge; + if ($maxAge < 0) { + $maxAge = 0; + } + $this->maxAge = $maxAge; return $this; } diff --git a/test/Header/SetCookieTest.php b/test/Header/SetCookieTest.php index 049b08faa4..e60790d50d 100644 --- a/test/Header/SetCookieTest.php +++ b/test/Header/SetCookieTest.php @@ -661,6 +661,33 @@ public static function validCookieWithInfoProvider() ], 'emptykey=; Domain=docs.foo.com', ], + [ + 'Set-Cookie: emptykey; Domain=docs.foo.com; Max-Age=foo;', + [ + 'name' => 'myname', + 'value' => '', + 'domain' => 'docs.foo.com', + ], + 'emptykey=; Domain=docs.foo.com' + ], + [ + 'Set-Cookie: emptykey; Domain=docs.foo.com; Max-Age=-1480312904;', + [ + 'name' => 'myname', + 'value' => '', + 'domain' => 'docs.foo.com', + ], + 'emptykey=; Max-Age=0; Domain=docs.foo.com' + ], + [ + 'Set-Cookie: emptykey; Domain=docs.foo.com; Max-Age=100;', + [ + 'name' => 'myname', + 'value' => '', + 'domain' => 'docs.foo.com', + ], + 'emptykey=; Max-Age=100; Domain=docs.foo.com' + ], ]; } } From 8480fd6ddb8cb7af274fba52b3561cdc51e4f3f8 Mon Sep 17 00:00:00 2001 From: Abdul Malik Ikhsan Date: Thu, 6 Jul 2017 16:36:35 +0700 Subject: [PATCH 2/3] use max(0, (int) $maxAge) to handle < 0 maxage --- src/Header/SetCookie.php | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/Header/SetCookie.php b/src/Header/SetCookie.php index af8c3c7c4c..948f10c634 100644 --- a/src/Header/SetCookie.php +++ b/src/Header/SetCookie.php @@ -350,12 +350,7 @@ public function setMaxAge($maxAge) return $this; } - $maxAge = (int) $maxAge; - if ($maxAge < 0) { - $maxAge = 0; - } - - $this->maxAge = $maxAge; + $this->maxAge = max(0, (int) $maxAge); return $this; } From 600b72ad258dc1f3c16b690b38fc0e9de4d551eb Mon Sep 17 00:00:00 2001 From: Aleksei Khudiakov Date: Fri, 13 Oct 2017 19:07:11 +1000 Subject: [PATCH 3/3] Added CHANGELOG for #120 --- CHANGELOG.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0467d4d565..4610728e5d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -10,6 +10,14 @@ All notable changes to this project will be documented in this file, in reverse codes 226, 308, 444, 499, 510, 599 with their corresponding constants and reason phrases. +### Changed + +- [#120](https://github.com/zendframework/zend-http/pull/120) Changes handling + of Cookie Max-Age parameter to conform to specification + [rfc6265#section-5.2.2](https://tools.ietf.org/html/rfc6265#section-5.2.2). + Specifically, non-numeric values are ignored and negative numbers are changed + to 0. + ### Deprecated - Nothing.