Release 1.8.5 (#491)

Author: GrahamCampbell

CHANGELOG.md

@@ -9,6 +9,12 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## Unreleased
 
+## 1.8.5 - 2022-03-20
+
+### Fixed
+
+- Correct header value validation
+
 ## 1.8.4 - 2022-03-20
 
 ### Fixed

src/MessageTrait.php

@@ -263,7 +263,7 @@ private function assertValue($value)
         // Clients must not send a request with line folding and a server sending folded headers is
         // likely very rare. Line folding is a fairly obscure feature of HTTP/1.1 and thus not accepting
         // folding is not likely to break any legitimate use case.
-        if (! preg_match('/^(?:[\x21-\x7E\x80-\xFF](?:[\x20\x09]+[\x21-\x7E\x80-\xFF])?)*$/', $value)) {
+        if (! preg_match('/^[\x20\x09\x21-\x7E\x80-\xFF]*$/', $value)) {
             throw new \InvalidArgumentException(sprintf('"%s" is not valid header value', $value));
         }
     }

tests/RequestTest.php

@@ -174,6 +174,17 @@ public function testHostIsAddedFirst()
         ], $r->getHeaders());
     }
 
+    public function testHeaderValueWithWhitespace()
+    {
+        $r = new Request('GET', 'https://example.com/', [
+            'User-Agent' => 'Linux f0f489981e90 5.10.104-linuxkit 1 SMP Wed Mar 9 19:05:23 UTC 2022 x86_64'
+        ]);
+        self::assertSame([
+            'Host' => ['example.com'],
+            'User-Agent' => ['Linux f0f489981e90 5.10.104-linuxkit 1 SMP Wed Mar 9 19:05:23 UTC 2022 x86_64']
+        ], $r->getHeaders());
+    }
+
     public function testCanGetHeaderAsCsv()
     {
         $r = new Request('GET', 'http://foo.com/baz?bar=bam', [