Response::getHeaders() returns array [name => [headers]] instead of [name => header] (BC break!)

dg · dg · commit 8657cd69178a · 2019-10-22T19:01:11.000+02:00
diff --git a/src/Http/IResponse.php b/src/Http/IResponse.php
@@ -193,6 +193,7 @@ function getHeader(string $header): ?string;
 
 	/**
 	 * Returns a associative array of headers to sent.
+	 * @return string[][]
 	 */
 	function getHeaders(): array;
 
diff --git a/src/Http/Response.php b/src/Http/Response.php
@@ -200,13 +200,14 @@ public function getHeader(string $header): ?string
 
 	/**
 	 * Returns a associative array of headers to sent.
+	 * @return string[][]
 	 */
 	public function getHeaders(): array
 	{
 		$headers = [];
 		foreach (headers_list() as $header) {
-			$a = strpos($header, ':');
-			$headers[substr($header, 0, $a)] = (string) substr($header, $a + 2);
+			$pair = explode(': ', $header);
+			$headers[$pair[0]][] = $pair[1];
 		}
 		return $headers;
 	}
diff --git a/tests/Http.DI/HttpExtension.csp.phpt b/tests/Http.DI/HttpExtension.csp.phpt
@@ -55,9 +55,9 @@ Assert::contains("Content-Security-Policy-Report-Only: default-src 'nonce-$nonce
 
 $headers = $container->getByType(Nette\Http\Response::class)->getHeaders();
 
-preg_match('#nonce-([\w+/]+=*)#', implode($headers), $nonce);
-Assert::same("default-src 'self' https://example.com; upgrade-insecure-requests; script-src 'nonce-$nonce[1]'; style-src 'self' https://example.com; require-sri-for style; sandbox allow-forms; plugin-types application/x-java-applet;", $headers['Content-Security-Policy']);
-Assert::same("default-src 'nonce-$nonce[1]'; report-uri https://example.com/report; upgrade-insecure-requests;", $headers['Content-Security-Policy-Report-Only']);
+preg_match('#nonce-([\w+/]+=*)#', implode($headers['Content-Security-Policy']), $nonce);
+Assert::same(["default-src 'self' https://example.com; upgrade-insecure-requests; script-src 'nonce-$nonce[1]'; style-src 'self' https://example.com; require-sri-for style; sandbox allow-forms; plugin-types application/x-java-applet;"], $headers['Content-Security-Policy']);
+Assert::same(["default-src 'nonce-$nonce[1]'; report-uri https://example.com/report; upgrade-insecure-requests;"], $headers['Content-Security-Policy-Report-Only']);
 
 
 echo ' '; @ob_flush(); flush();
diff --git a/tests/Http.DI/HttpExtension.featurePolicy.phpt b/tests/Http.DI/HttpExtension.featurePolicy.phpt
@@ -43,7 +43,7 @@ Assert::contains("Feature-Policy: unsized-media 'none'; geolocation 'self' https
 
 $headers = $container->getByType(Nette\Http\Response::class)->getHeaders();
 
-Assert::same("unsized-media 'none'; geolocation 'self' https://example.com; camera *;", $headers['Feature-Policy']);
+Assert::same(["unsized-media 'none'; geolocation 'self' https://example.com; camera *;"], $headers['Feature-Policy']);
 
 
 echo ' '; @ob_flush(); flush();
diff --git a/tests/Http.DI/HttpExtension.headers.phpt b/tests/Http.DI/HttpExtension.headers.phpt
@@ -44,11 +44,11 @@ Assert::contains('D: 0', $headers);
 Assert::notContains('C:', $headers);
 
 $headers = $container->getByType(Nette\Http\Response::class)->getHeaders();
-Assert::same('SAMEORIGIN', $headers['X-Frame-Options']);
-Assert::same('text/html; charset=utf-8', $headers['Content-Type']);
-Assert::same('Nette Framework 3', $headers['X-Powered-By']);
-Assert::same('b', $headers['A']);
-Assert::same('0', $headers['D']);
+Assert::same(['SAMEORIGIN'], $headers['X-Frame-Options']);
+Assert::same(['text/html; charset=utf-8'], $headers['Content-Type']);
+Assert::same(['Nette Framework 3'], $headers['X-Powered-By']);
+Assert::same(['b'], $headers['A']);
+Assert::same(['0'], $headers['D']);
 Assert::false(isset($headers['C']));
 
 
diff --git a/tests/Http.DI/HttpExtension.sameSiteProtection.phpt b/tests/Http.DI/HttpExtension.sameSiteProtection.phpt
@@ -34,7 +34,7 @@ Assert::contains(
 $headers = $container->getByType(Nette\Http\Response::class)->getHeaders();
 Assert::same(
 	PHP_VERSION_ID >= 70300
-		? 'nette-samesite=1; path=/; HttpOnly; SameSite=Strict'
-		: 'nette-samesite=1; path=/; SameSite=Strict; HttpOnly',
+		? ['nette-samesite=1; path=/; HttpOnly; SameSite=Strict']
+		: ['nette-samesite=1; path=/; SameSite=Strict; HttpOnly'],
 	$headers['Set-Cookie']
 );
diff --git a/tests/Http/Response.setCookie.phpt b/tests/Http/Response.setCookie.phpt
@@ -27,7 +27,7 @@ Assert::same([
 	'Set-Cookie: test=value; path=/; HttpOnly',
 ], $headers);
 Assert::same([
-	'Set-Cookie' => 'test=value; path=/; HttpOnly',
+	'Set-Cookie' => ['test=value; path=/; HttpOnly'],
 ], array_diff_key($response->getHeaders(), $old2));
 
 
@@ -38,7 +38,7 @@ Assert::same([
 	'Set-Cookie: test=newvalue; path=/; HttpOnly',
 ], $headers);
 Assert::same([
-	'Set-Cookie' => 'test=newvalue; path=/; HttpOnly',
+	'Set-Cookie' => ['test=value; path=/; HttpOnly', 'test=newvalue; path=/; HttpOnly'],
 ], array_diff_key($response->getHeaders(), $old2));
 
 
@@ -53,6 +53,6 @@ Assert::same([
 ], $headers);
 Assert::same([
 	'Set-Cookie' => PHP_VERSION_ID >= 70300
-		? 'test=newvalue; path=/; HttpOnly; SameSite=Lax'
-		: 'test=newvalue; path=/; SameSite=Lax; HttpOnly',
+		? ['test=value; path=/; HttpOnly', 'test=newvalue; path=/; HttpOnly', 'test=newvalue; path=/; HttpOnly; SameSite=Lax']
+		: ['test=value; path=/; HttpOnly', 'test=newvalue; path=/; HttpOnly', 'test=newvalue; path=/; SameSite=Lax; HttpOnly'],
 ], array_diff_key($response->getHeaders(), $old2));
diff --git a/tests/Http/Session.id.phpt b/tests/Http/Session.id.phpt
@@ -34,4 +34,4 @@ $session->close();
 Assert::true(file_exists(getTempDir() . '/sess_' . $sessionId));
 Assert::count(1, glob(getTempDir() . '/sess_*'));
 
-Assert::same('PHPSESSID=' . $sessionId . '; path=/; HttpOnly', $response->getHeaders()['Set-Cookie']);
+Assert::same(['PHPSESSID=' . $sessionId . '; path=/; HttpOnly'], $response->getHeaders()['Set-Cookie']);
diff --git a/tests/Http/Session.regenerateId().phpt b/tests/Http/Session.regenerateId().phpt
@@ -32,4 +32,4 @@ Assert::true(is_file($path . $newId));
 $ref = 20;
 Assert::same(20, $_SESSION['var']);
 
-Assert::same('PHPSESSID=' . $newId . '; path=/; HttpOnly', $response->getHeaders()['Set-Cookie']);
+Assert::same(['PHPSESSID=' . $newId . '; path=/; HttpOnly'], $response->getHeaders()['Set-Cookie']);
diff --git a/tests/Http/Session.sameSite.phpt b/tests/Http/Session.sameSite.phpt
@@ -30,7 +30,7 @@ Assert::contains(
 );
 Assert::same(
 	PHP_VERSION_ID >= 70300
-		? 'PHPSESSID=' . $session->getId() . '; path=/; HttpOnly; SameSite=Lax'
-		: 'PHPSESSID=' . $session->getId() . '; path=/; SameSite=Lax; HttpOnly',
+		? ['PHPSESSID=' . $session->getId() . '; path=/; HttpOnly; SameSite=Lax']
+		: ['PHPSESSID=' . $session->getId() . '; path=/; SameSite=Lax; HttpOnly'],
 	$response->getHeaders()['Set-Cookie']
 );

Original file line number	Diff line number	Diff line change
`@@ -200,13 +200,14 @@ public function getHeader(string $header): ?string`
`200`	`200`
`201`	`201`	`/**`
`202`	`202`	`* Returns a associative array of headers to sent.`
	`203`	`+ * @return string[][]`
`203`	`204`	`*/`
`204`	`205`	`public function getHeaders(): array`
`205`	`206`	`{`
`206`	`207`	`$headers = [];`
`207`	`208`	`foreach (headers_list() as $header) {`
`208`		`- $a = strpos($header, ':');`
`209`		`- $headers[substr($header, 0, $a)] = (string) substr($header, $a + 2);`
	`209`	`+ $pair = explode(': ', $header);`
	`210`	`+ $headers[$pair[0]][] = $pair[1];`
`210`	`211`	`}`
`211`	`212`	`return $headers;`
`212`	`213`	`}`