fixes

Author: dg

src/Http/Helpers.php

@@ -50,7 +50,7 @@ public static function ipMatch($ip, $mask)
 			$size = $size === '' ? 0 : $max - $size;
 		}
 		$bits = implode('', array_map(function ($n) {
-				return sprintf('%032b', $n);
+			return sprintf('%032b', $n);
 		}, $arr));
 		return substr($bits, 0, $max - $size) === substr($bits, $max, $max - $size);
 	}

src/Http/Response.php

@@ -153,7 +153,7 @@ public function redirect($url, $code = self::S302_FOUND)
 	{
 		$this->setCode($code);
 		$this->setHeader('Location', $url);
-		if (preg_match('#^https?:|^[a-z0-9+.-]++[^:]#i', $url)) {
+		if (preg_match('#^https?:|^\s*+[a-z0-9+.-]*+[^:]#i', $url)) {
 			$escapedUrl = htmlSpecialChars($url, ENT_IGNORE | ENT_QUOTES);
 			echo "<h1>Redirect</h1>\n\n<p><a href=\"$escapedUrl\">Please click here to continue</a>.</p>";
 		}

tests/Http/Response.redirect.phpt

@@ -23,7 +23,7 @@ if (PHP_SAPI !== 'cli') {
 
 
 ob_start();
-$response->redirect('javascript:alert(1)');
+$response->redirect(' javascript:alert(1)');
 Assert::same('', ob_get_clean());
 
 if (PHP_SAPI !== 'cli') {