Merge branch '845-allow-integer-cookie-names' of https://github.com/n…

…osilver4u/Requests into 845-allow-integer-cookie-names

.github/workflows/cs.yml

@@ -32,7 +32,7 @@ jobs:
       # Install dependencies and handle caching in one go.
       # @link https://github.com/marketplace/actions/install-php-dependencies-with-composer
       - name: Install Composer dependencies
-        uses: "ramsey/composer-install@v2"
+        uses: "ramsey/composer-install@v3"
         with:
           # Bust the cache at least once a month - output format: YYYY-MM.
           custom-cache-suffix: $(date -u "+%Y-%m")

.github/workflows/lint.yml

@@ -41,15 +41,15 @@ jobs:
       # @link https://github.com/marketplace/actions/install-php-dependencies-with-composer
       - name: Install Composer dependencies - normal
         if: ${{ matrix.php != '8.4' }}
-        uses: "ramsey/composer-install@v2"
+        uses: "ramsey/composer-install@v3"
         with:
           # Bust the cache at least once a month - output format: YYYY-MM.
           custom-cache-suffix: $(date -u "+%Y-%m")
 
       # For PHP "nightly", we need to install with ignore platform reqs.
       - name: Install Composer dependencies - with ignore platform
         if: ${{ matrix.php == '8.4' }}
-        uses: "ramsey/composer-install@v2"
+        uses: "ramsey/composer-install@v3"
         with:
           composer-options: --ignore-platform-req=php
           custom-cache-suffix: $(date -u "+%Y-%m")

.github/workflows/quicktest.yml

@@ -48,7 +48,7 @@ jobs:
       # Install dependencies and handle caching in one go.
       # @link https://github.com/marketplace/actions/install-php-dependencies-with-composer
       - name: Install Composer dependencies - normal
-        uses: "ramsey/composer-install@v2"
+        uses: "ramsey/composer-install@v3"
         with:
           # Bust the cache at least once a month - output format: YYYY-MM.
           custom-cache-suffix: $(date -u "+%Y-%m")

.github/workflows/test.yml

@@ -61,15 +61,15 @@ jobs:
       # @link https://github.com/marketplace/actions/install-php-dependencies-with-composer
       - name: Install Composer dependencies - normal
         if: ${{ matrix.php != '8.4' }}
-        uses: "ramsey/composer-install@v2"
+        uses: "ramsey/composer-install@v3"
         with:
           # Bust the cache at least once a month - output format: YYYY-MM.
           custom-cache-suffix: $(date -u "+%Y-%m")
 
       # For PHP "nightly", we need to install with ignore platform reqs.
       - name: Install Composer dependencies - with ignore platform
         if: ${{ matrix.php == '8.4' }}
-        uses: "ramsey/composer-install@v2"
+        uses: "ramsey/composer-install@v3"
         with:
           composer-options: --ignore-platform-req=php
           custom-cache-suffix: $(date -u "+%Y-%m")

CHANGELOG.md

@@ -1,6 +1,22 @@
 Changelog
 =========
 
+2.0.11
+------
+
+### Overview of changes
+- Update bundled certificates as of 2024-03-11. [#864]
+- Fixed: PHP 8.4 deprecation of the two parameter signature of `stream_context_set_option()`. [#822] Props [@jrfnl][gh-jrfnl]
+- Fixed: PHP 8.4 deprecation of implicitly nullable parameter. [#865] Props [@Ayesh][gh-ayesh], [@jrfnl][gh-jrfnl]
+    Note: this fix constitutes an, albeit small, breaking change to the signature of the `Cookie::parse_from_headers()` method.
+    Classes which extend the `Cookie` class and overload the `parse_from_headers()` method should be updated for the new method signature.
+    Additionally, if code calling the `Cookie::parse_from_headers()` method would be wrapped in a `try - catch` to catch a potential PHP `TypeError` (PHP 7.0+) or `Exception` (PHP < 7.0) for when invalid data was passed as the `$origin` parameter, this code will need to be updated to now also catch a potential `WpOrg\Requests\Exception\InvalidArgumentException`.
+    As due diligence could not find any classes which would be affected by this BC-break, we have deemed it acceptable to include this fix in the 2.0.11 release.
+
+[#822]: https://github.com/WordPress/Requests/pull/822
+[#864]: https://github.com/WordPress/Requests/pull/864
+[#865]: https://github.com/WordPress/Requests/pull/865
+
 2.0.10
 ------
 
@@ -96,7 +112,7 @@ Changelog
 - Docs: the Hook documentation has been updated to reflect the current available hooks. [#646]
 - General housekeeping. [#635], [#649], [#650], [#653], [#655], [#658], [#660], [#661], [#662], [#669], [#671], [#672], [#674]
 
-Props [@alpipego][gh-alpipego], [@costdev][gh-costdev], [@jegrandet][gh-jegrandet] [@jrfnl][gh-jrfnl], [@schlessera][gh-schlessera]
+Props [@alpipego][gh-alpipego], [@costdev][gh-costdev], [@jegrandet][gh-jegrandet], [@jrfnl][gh-jrfnl], [@schlessera][gh-schlessera]
 
 [#674]: https://github.com/WordPress/Requests/pull/674
 [#672]: https://github.com/WordPress/Requests/pull/672
@@ -1014,6 +1030,7 @@ Initial release!
 [gh-adri]: https://github.com/adri
 [gh-alpipego]: https://github.com/alpipego/
 [gh-amandato]: https://github.com/amandato
+[gh-ayesh]: https://github.com/Ayesh
 [gh-beutnagel]: https://github.com/beutnagel
 [gh-carlalexander]: https://github.com/carlalexander
 [gh-catharsisjelly]: https://github.com/catharsisjelly

certificates/cacert.pem

@@ -1,7 +1,7 @@
 ##
 ## Bundle of CA Root Certificates
 ##
-## Certificate data from Mozilla as of: Tue Dec 12 04:12:04 2023 GMT
+## Certificate data from Mozilla as of: Mon Mar 11 15:25:27 2024 GMT
 ##
 ## This is a bundle of X.509 certificates of public Certificate Authorities
 ## (CA). These were automatically extracted from Mozilla's root certificates
@@ -14,7 +14,7 @@
 ## Just configure this file as the SSLCACertificateFile.
 ##
 ## Conversion done with mk-ca-bundle.pl version 1.29.
-## SHA256: 1970dd65858925d68498d2356aea6d03f764422523c5887deca8ce3ba9e1f845
+## SHA256: 4d96bd539f4719e9ace493757afbe4a23ee8579de1c97fbebc50bba3c12e8c1e
 ##
 
 
@@ -3532,3 +3532,50 @@ dVwPaFsdZcJfMw8eD/A7hvWwTruc9+olBdytoptLFwG+Qt81IR2tq670v64fG9PiO/yzcnMcmyiQ
 iRM9HcEARwmWmjgb3bHPDcK0RPOWlc4yOo80nOAXx17Org3bhzjlP1v9mxnhMUF6cKojawHhRUzN
 lM47ni3niAIi9G7oyOzWPPO5std3eqx7
 -----END CERTIFICATE-----
+
+Telekom Security TLS ECC Root 2020
+==================================
+-----BEGIN CERTIFICATE-----
+MIICQjCCAcmgAwIBAgIQNjqWjMlcsljN0AFdxeVXADAKBggqhkjOPQQDAzBjMQswCQYDVQQGEwJE
+RTEnMCUGA1UECgweRGV1dHNjaGUgVGVsZWtvbSBTZWN1cml0eSBHbWJIMSswKQYDVQQDDCJUZWxl
+a29tIFNlY3VyaXR5IFRMUyBFQ0MgUm9vdCAyMDIwMB4XDTIwMDgyNTA3NDgyMFoXDTQ1MDgyNTIz
+NTk1OVowYzELMAkGA1UEBhMCREUxJzAlBgNVBAoMHkRldXRzY2hlIFRlbGVrb20gU2VjdXJpdHkg
+R21iSDErMCkGA1UEAwwiVGVsZWtvbSBTZWN1cml0eSBUTFMgRUNDIFJvb3QgMjAyMDB2MBAGByqG
+SM49AgEGBSuBBAAiA2IABM6//leov9Wq9xCazbzREaK9Z0LMkOsVGJDZos0MKiXrPk/OtdKPD/M1
+2kOLAoC+b1EkHQ9rK8qfwm9QMuU3ILYg/4gND21Ju9sGpIeQkpT0CdDPf8iAC8GXs7s1J8nCG6NC
+MEAwHQYDVR0OBBYEFONyzG6VmUex5rNhTNHLq+O6zd6fMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
+AQH/BAQDAgEGMAoGCCqGSM49BAMDA2cAMGQCMHVSi7ekEE+uShCLsoRbQuHmKjYC2qBuGT8lv9pZ
+Mo7k+5Dck2TOrbRBR2Diz6fLHgIwN0GMZt9Ba9aDAEH9L1r3ULRn0SyocddDypwnJJGDSA3PzfdU
+ga/sf+Rn27iQ7t0l
+-----END CERTIFICATE-----
+
+Telekom Security TLS RSA Root 2023
+==================================
+-----BEGIN CERTIFICATE-----
+MIIFszCCA5ugAwIBAgIQIZxULej27HF3+k7ow3BXlzANBgkqhkiG9w0BAQwFADBjMQswCQYDVQQG
+EwJERTEnMCUGA1UECgweRGV1dHNjaGUgVGVsZWtvbSBTZWN1cml0eSBHbWJIMSswKQYDVQQDDCJU
+ZWxla29tIFNlY3VyaXR5IFRMUyBSU0EgUm9vdCAyMDIzMB4XDTIzMDMyODEyMTY0NVoXDTQ4MDMy
+NzIzNTk1OVowYzELMAkGA1UEBhMCREUxJzAlBgNVBAoMHkRldXRzY2hlIFRlbGVrb20gU2VjdXJp
+dHkgR21iSDErMCkGA1UEAwwiVGVsZWtvbSBTZWN1cml0eSBUTFMgUlNBIFJvb3QgMjAyMzCCAiIw
+DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAO01oYGA88tKaVvC+1GDrib94W7zgRJ9cUD/h3VC
+KSHtgVIs3xLBGYSJwb3FKNXVS2xE1kzbB5ZKVXrKNoIENqil/Cf2SfHVcp6R+SPWcHu79ZvB7JPP
+GeplfohwoHP89v+1VmLhc2o0mD6CuKyVU/QBoCcHcqMAU6DksquDOFczJZSfvkgdmOGjup5czQRx
+UX11eKvzWarE4GC+j4NSuHUaQTXtvPM6Y+mpFEXX5lLRbtLevOP1Czvm4MS9Q2QTps70mDdsipWo
+l8hHD/BeEIvnHRz+sTugBTNoBUGCwQMrAcjnj02r6LX2zWtEtefdi+zqJbQAIldNsLGyMcEWzv/9
+FIS3R/qy8XDe24tsNlikfLMR0cN3f1+2JeANxdKz+bi4d9s3cXFH42AYTyS2dTd4uaNir73Jco4v
+zLuu2+QVUhkHM/tqty1LkCiCc/4YizWN26cEar7qwU02OxY2kTLvtkCJkUPg8qKrBC7m8kwOFjQg
+rIfBLX7JZkcXFBGk8/ehJImr2BrIoVyxo/eMbcgByU/J7MT8rFEz0ciD0cmfHdRHNCk+y7AO+oML
+KFjlKdw/fKifybYKu6boRhYPluV75Gp6SG12mAWl3G0eQh5C2hrgUve1g8Aae3g1LDj1H/1Joy7S
+WWO/gLCMk3PLNaaZlSJhZQNg+y+TS/qanIA7AgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIBBjAdBgNV
+HQ4EFgQUtqeXgj10hZv3PJ+TmpV5dVKMbUcwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBS2
+p5eCPXSFm/c8n5OalXl1UoxtRzANBgkqhkiG9w0BAQwFAAOCAgEAqMxhpr51nhVQpGv7qHBFfLp+
+sVr8WyP6Cnf4mHGCDG3gXkaqk/QeoMPhk9tLrbKmXauw1GLLXrtm9S3ul0A8Yute1hTWjOKWi0Fp
+kzXmuZlrYrShF2Y0pmtjxrlO8iLpWA1WQdH6DErwM807u20hOq6OcrXDSvvpfeWxm4bu4uB9tPcy
+/SKE8YXJN3nptT+/XOR0so8RYgDdGGah2XsjX/GO1WfoVNpbOms2b/mBsTNHM3dA+VKq3dSDz4V4
+mZqTuXNnQkYRIer+CqkbGmVps4+uFrb2S1ayLfmlyOw7YqPta9BO1UAJpB+Y1zqlklkg5LB9zVtz
+aL1txKITDmcZuI1CfmwMmm6gJC3VRRvcxAIU/oVbZZfKTpBQCHpCNfnqwmbU+AGuHrS+w6jv/naa
+oqYfRvaE7fzbzsQCzndILIyy7MMAo+wsVRjBfhnu4S/yrYObnqsZ38aKL4x35bcF7DvB7L6Gs4a8
+wPfc5+pbrrLMtTWGS9DiP7bY+A4A7l3j941Y/8+LN+ljX273CXE2whJdV/LItM3z7gLfEdxquVeE
+HVlNjM7IDiPCtyaaEBRx/pOyiriA8A4QntOoUAw3gi/q4Iqd4Sw5/7W0cwDk90imc6y/st53BIe0
+o82bNSQ3+pCTE4FCxpgmdTdmQRCsu/WU48IxK63nI1bMNSWSs1A=
+-----END CERTIFICATE-----

certificates/cacert.pem.sha256

@@ -1 +1 @@
-ccbdfc2fe1a0d7bbbb9cc15710271acf1bb1afe4c8f1725fe95c4c7733fcbe5a  cacert.pem
+1794c1d4f7055b7d02c2170337b61b48a2ef6c90d77e95444fd2596f4cac609f  cacert.pem

src/Cookie.php

@@ -82,7 +82,7 @@ class Cookie {
 	 * @throws \WpOrg\Requests\Exception\InvalidArgument When the passed $reference_time argument is not an integer or null.
 	 */
 	public function __construct($name, $value, $attributes = [], $flags = [], $reference_time = null) {
-		if (InputValidator::is_valid_rfc2616_token($name) === false) {
+		if ($name !== '' && InputValidator::is_valid_rfc2616_token($name) === false) {
 			throw InvalidArgument::create(1, '$name', 'integer|string and conform to RFC 2616', gettype($name));
 		}
 
@@ -439,7 +439,11 @@ public static function parse($cookie_header, $name = '', $reference_time = null)
 			throw InvalidArgument::create(1, '$cookie_header', 'string', gettype($cookie_header));
 		}
 
-		if (InputValidator::is_valid_rfc2616_token($name) === false) {
+		if (is_string($name)) {
+			$name = trim($name);
+		}
+
+		if ($name !== '' && InputValidator::is_valid_rfc2616_token($name) === false) {
 			throw InvalidArgument::create(2, '$name', 'integer|string and conform to RFC 2616', gettype($name));
 		}
 
@@ -463,6 +467,10 @@ public static function parse($cookie_header, $name = '', $reference_time = null)
 		$name  = trim($name);
 		$value = trim($value);
 
+		if ($name !== '' && InputValidator::is_valid_rfc2616_token($name) === false) {
+			throw InvalidArgument::create(2, '$name', 'integer|string and conform to RFC 2616', gettype($name));
+		}
+
 		// Attribute keys are handled case-insensitively
 		$attributes = new CaseInsensitiveDictionary();
 
@@ -491,13 +499,19 @@ public static function parse($cookie_header, $name = '', $reference_time = null)
 	 * @param \WpOrg\Requests\Iri|null         $origin  URI for comparing cookie origins
 	 * @param int|null                         $time    Reference time for expiration calculation
 	 * @return array
+	 *
+	 * @throws \WpOrg\Requests\Exception\InvalidArgument When the passed $origin argument is not null or an instance of the Iri class.
 	 */
-	public static function parse_from_headers(Headers $headers, Iri $origin = null, $time = null) {
+	public static function parse_from_headers(Headers $headers, $origin = null, $time = null) {
 		$cookie_headers = $headers->getValues('Set-Cookie');
 		if (empty($cookie_headers)) {
 			return [];
 		}
 
+		if ($origin !== null && !($origin instanceof Iri)) {
+			throw InvalidArgument::create(2, '$origin', Iri::class . ' or null', gettype($origin));
+		}
+
 		$cookies = [];
 		foreach ($cookie_headers as $header) {
 			$parsed = self::parse($header, '', $time);

src/IdnaEncoder.php

@@ -223,18 +223,18 @@ protected static function utf8_to_codepoints($input) {
 			}
 
 			if (// Non-shortest form sequences are invalid
-				$length > 1 && $character <= 0x7F
-				|| $length > 2 && $character <= 0x7FF
-				|| $length > 3 && $character <= 0xFFFF
+				($length > 1 && $character <= 0x7F)
+				|| ($length > 2 && $character <= 0x7FF)
+				|| ($length > 3 && $character <= 0xFFFF)
 				// Outside of range of ucschar codepoints
 				// Noncharacters
 				|| ($character & 0xFFFE) === 0xFFFE
-				|| $character >= 0xFDD0 && $character <= 0xFDEF
+				|| ($character >= 0xFDD0 && $character <= 0xFDEF)
 				|| (
 					// Everything else not in ucschar
-					$character > 0xD7FF && $character < 0xF900
+					($character > 0xD7FF && $character < 0xF900)
 					|| $character < 0x20
-					|| $character > 0x7E && $character < 0xA0
+					|| ($character > 0x7E && $character < 0xA0)
 					|| $character > 0xEFFFD
 				)
 			) {

src/Ipv6.php

@@ -163,7 +163,7 @@ public static function check_ipv6($ip) {
 		list($ipv6, $ipv4) = self::split_v6_v4($ip);
 		$ipv6              = explode(':', $ipv6);
 		$ipv4              = explode('.', $ipv4);
-		if (count($ipv6) === 8 && count($ipv4) === 1 || count($ipv6) === 6 && count($ipv4) === 4) {
+		if ((count($ipv6) === 8 && count($ipv4) === 1) || (count($ipv6) === 6 && count($ipv4) === 4)) {
 			foreach ($ipv6 as $ipv6_part) {
 				// The section can't be empty
 				if ($ipv6_part === '') {

src/Requests.php

@@ -146,7 +146,7 @@ class Requests {
 	 *
 	 * @var string
 	 */
-	const VERSION = '2.0.10';
+	const VERSION = '2.0.11';
 
 	/**
 	 * Selected transport name

tests/Cookie/ConstructorTest.php

@@ -35,7 +35,9 @@ public function testInvalidName($input) {
 	 * @return array
 	 */
 	public static function dataInvalidName() {
-		return TypeProviderHelper::getAllExcept(TypeProviderHelper::GROUP_INT, TypeProviderHelper::GROUP_STRING);
+		$data = TypeProviderHelper::getAllExcept(TypeProviderHelper::GROUP_INT, TypeProviderHelper::GROUP_STRING);
+		$data['Valid string, but not a valid RFC 2616 token'] = ["some\ntext\rwith\tcontrol\echaracters\fin\vit"];
+		return $data;
 	}
 
 	/**

tests/Cookie/Jar/NormalizeCookieTest.php

@@ -16,7 +16,7 @@ final class NormalizeCookieTest extends TestCase {
 	/**
 	 * Verify that cookie normalization works on both prebaked and unbaked cookies when not passing a key.
 	 *
-	 * @dataProvider dataNormalization
+	 * @dataProvider dataNormalizationWithoutKey
 	 *
 	 * @param mixed $cookie Cookie header value, possibly pre-parsed (object).
 	 *
@@ -30,10 +30,25 @@ public function testNormalizationWithoutKey($cookie) {
 		$this->assertSame(self::COOKIE_VALUE, (string) $result, 'Cookie value is not the expected value');
 	}
 
+	/**
+	 * Data provider.
+	 *
+	 * @return array
+	 */
+	public static function dataNormalizationWithoutKey() {
+		$data = self::dataNormalizationWithKey();
+
+		foreach ($data as $set_name => $set_value) {
+			unset($data[$set_name]['expected_name']);
+		}
+
+		return $data;
+	}
+
 	/**
 	 * Verify that cookie normalization works on both prebaked and unbaked cookies when passing a key.
 	 *
-	 * @dataProvider dataNormalization
+	 * @dataProvider dataNormalizationWithKey
 	 *
 	 * @param mixed $cookie Cookie header value, possibly pre-parsed (object).
 	 *
@@ -55,7 +70,7 @@ public function testNormalizationWithKey($cookie, $expected_name) {
 	 *
 	 * @return array
 	 */
-	public static function dataNormalization() {
+	public static function dataNormalizationWithKey() {
 		return [
 			'unbaked cookie (string)' => [
 				'cookie'        => self::COOKIE_VALUE,

tests/Cookie/NormalizeTest.php

@@ -282,7 +282,7 @@ public static function dataNormalizeAttributesExpiresUnsupportedType() {
 		foreach ($types as $key => $value) {
 			$data['Attribute normalization: expires: unsupported type - ' . $key] = [
 				'attributes' => [
-					'expires' => $value['input'],
+					'expires' => $value[0],
 				],
 				'expected'   => [],
 			];
@@ -303,7 +303,7 @@ public static function dataNormalizeAttributesMaxAgeUnsupportedType() {
 		foreach ($types as $key => $value) {
 			$data['Attribute normalization: max-age: unsupported type - ' . $key] = [
 				'attributes' => [
-					'max-age' => $value['input'],
+					'max-age' => $value[0],
 				],
 				'expected'   => [],
 			];
@@ -324,7 +324,7 @@ public static function dataNormalizeAttributesDomainUnsupportedType() {
 		foreach ($types as $key => $value) {
 			$data['Attribute normalization: domain: unsupported type - ' . $key] = [
 				'attributes' => [
-					'domain' => $value['input'],
+					'domain' => $value[0],
 				],
 				'expected'   => [],
 			];

tests/Cookie/ParseTest.php

@@ -65,7 +65,9 @@ public function testParseInvalidName($input) {
 	 * @return array
 	 */
 	public static function dataParseInvalidName() {
-		return TypeProviderHelper::getAllExcept(TypeProviderHelper::GROUP_INT, TypeProviderHelper::GROUP_STRING);
+		$data = TypeProviderHelper::getAllExcept(TypeProviderHelper::GROUP_INT, TypeProviderHelper::GROUP_STRING);
+		$data['Valid string, but not a valid RFC 2616 token'] = ["some\ntext\rwith\tcontrol\echaracters\fin\vit"];
+		return $data;
 	}
 
 	/**
@@ -85,6 +87,37 @@ public function testParseInvalidReferenceTime() {
 		Cookie::parse('test', 'test', 'now');
 	}
 
+	/**
+	 * Verify parsing of cookies fails with an exception if the $origin parameter is passed anything but `null`
+	 * or an instance of Iri.
+	 *
+	 * @dataProvider dataParseFromHeadersInvalidOrigin
+	 *
+	 * @covers ::parse_from_headers
+	 *
+	 * @param mixed $input Invalid parameter input.
+	 *
+	 * @return void
+	 */
+	public function testParseFromHeadersInvalidOrigin($input) {
+		$this->expectException(InvalidArgument::class);
+		$this->expectExceptionMessage('Argument #2 ($origin) must be of type WpOrg\Requests\Iri or null');
+
+		$headers               = new Headers();
+		$headers['Set-Cookie'] = 'name=value';
+
+		Cookie::parse_from_headers($headers, $input);
+	}
+
+	/**
+	 * Data Provider.
+	 *
+	 * @return array
+	 */
+	public static function dataParseFromHeadersInvalidOrigin() {
+		return TypeProviderHelper::getAllExcept(TypeProviderHelper::GROUP_NULL);
+	}
+
 	/**
 	 * Tests receiving an exception when the parse_from_headers() method received an invalid input type as `$reference_time`.
 	 *