125 lines
3.1 KiB
Markdown
125 lines
3.1 KiB
Markdown
# Changelog
|
|
|
|
All notable changes to this project will be documented in this file, in reverse chronological order by release.
|
|
|
|
## 2.5.6 - TBD
|
|
|
|
### Added
|
|
|
|
- Nothing.
|
|
|
|
### Deprecated
|
|
|
|
- Nothing.
|
|
|
|
### Removed
|
|
|
|
- Nothing.
|
|
|
|
### Fixed
|
|
|
|
- Nothing.
|
|
|
|
## 2.5.5 - 2016-08-08
|
|
|
|
### Added
|
|
|
|
- [#44](https://github.com/zendframework/zend-http/pull/44),
|
|
[#45](https://github.com/zendframework/zend-http/pull/45),
|
|
[#46](https://github.com/zendframework/zend-http/pull/46),
|
|
[#47](https://github.com/zendframework/zend-http/pull/47),
|
|
[#48](https://github.com/zendframework/zend-http/pull/48), and
|
|
[#49](https://github.com/zendframework/zend-http/pull/49) prepare the
|
|
documentation for publication at https://zendframework.github.io/zend-http/
|
|
|
|
### Deprecated
|
|
|
|
- Nothing.
|
|
|
|
### Removed
|
|
|
|
- Nothing.
|
|
|
|
### Fixed
|
|
|
|
- [#87](https://github.com/zendframework/zend-http/pull/87) fixes the
|
|
`ContentLength` constructor to test for a non null value (vs a falsy value)
|
|
before validating the value; this ensures 0 values may be specified for the
|
|
length.
|
|
- [#85](https://github.com/zendframework/zend-http/pull/85) fixes infinite recursion
|
|
on AbstractAccept. If you create a new Accept and try to call getFieldValue(),
|
|
an infinite recursion and a fatal error happens.
|
|
- [#58](https://github.com/zendframework/zend-http/pull/58) avoid triggering a notice
|
|
with special crafted accept headers. In the case the value of an accept header
|
|
does not contain an equal sign, an "Undefined offset" notice is triggered.
|
|
|
|
## 2.5.4 - 2016-02-04
|
|
|
|
### Added
|
|
|
|
- Nothing.
|
|
|
|
### Deprecated
|
|
|
|
- Nothing.
|
|
|
|
### Removed
|
|
|
|
- Nothing.
|
|
|
|
### Fixed
|
|
|
|
- [#42](https://github.com/zendframework/zend-http/pull/42) updates dependencies
|
|
to ensure it can work with PHP 5.5+ and 7.0+, as well as zend-stdlib
|
|
2.5+/3.0+.
|
|
|
|
## 2.5.3 - 2015-09-14
|
|
|
|
### Added
|
|
|
|
- Nothing.
|
|
|
|
### Deprecated
|
|
|
|
- Nothing.
|
|
|
|
### Removed
|
|
|
|
- Nothing.
|
|
|
|
### Fixed
|
|
|
|
- [#23](https://github.com/zendframework/zend-http/pull/23) fixes a BC break
|
|
introduced with fixes for [ZF2015-04](http://framework.zend.com/security/advisory/ZF2015-04),
|
|
pertaining specifically to the `SetCookie` header. The fix backs out a
|
|
check for message splitting syntax, as that particular class already encodes
|
|
the value in a manner that prevents the attack. It also adds tests to ensure
|
|
the security vulnerability remains patched.
|
|
|
|
## 2.5.2 - 2015-08-05
|
|
|
|
### Added
|
|
|
|
- Nothing.
|
|
|
|
### Deprecated
|
|
|
|
- Nothing.
|
|
|
|
### Removed
|
|
|
|
- Nothing.
|
|
|
|
### Fixed
|
|
|
|
- [#7](https://github.com/zendframework/zend-http/pull/7) fixes a call in the
|
|
proxy adapter to `Response::extractCode()`, which does not exist, to
|
|
`Response::fromString()->getStatusCode()`, which does.
|
|
- [#8](https://github.com/zendframework/zend-http/pull/8) ensures that the Curl
|
|
client adapter enables the `CURLINFO_HEADER_OUT`, which is required to ensure
|
|
we can fetch the raw request after it is sent.
|
|
- [#14](https://github.com/zendframework/zend-http/pull/14) fixes
|
|
`Zend\Http\PhpEnvironment\Request` to ensure that empty `SCRIPT_FILENAME` and
|
|
`SCRIPT_NAME` values which result in an empty `$baseUrl` will not raise an
|
|
`E_WARNING` when used to do a `strpos()` check during base URI detection.
|