Merge pull request #151 from roelvanduijnhoven/do-not-throw-on-invalid-uri

Passing an invalid uri to the referrer header should no longer throw

Author: weierophinney

src/Header/AbstractLocation.php

@@ -76,6 +76,12 @@ public function setUri($uri)
                     $e->getCode(),
                     $e
                 );
+            } catch (UriException\InvalidArgumentException $e) {
+                throw new Exception\InvalidArgumentException(
+                    sprintf('Invalid URI passed as string (%s)', (string) $uri),
+                    $e->getCode(),
+                    $e
+                );
             }
         } elseif (! ($uri instanceof UriInterface)) {
             throw new Exception\InvalidArgumentException('URI must be an instance of Zend\Uri\Http or a string');

test/Header/RefererTest.php

@@ -77,4 +77,17 @@ public function testCRLFAttack()
         $this->expectException(InvalidArgumentException::class);
         Referer::fromString("Referer: http://www.example.com/\r\n\r\nevilContent");
     }
+
+    public function testInvalidUriShouldWrapException()
+    {
+        $headerString = "Referer: unknown-scheme://test";
+
+        $headers = \Zend\Http\Headers::fromString($headerString);
+
+        $result = $headers->get('Referer');
+
+        $this->assertInstanceOf(\Zend\Http\Header\GenericHeader::class, $result);
+        $this->assertNotInstanceOf(\Zend\Http\Header\Referer::class, $result);
+        $this->assertEquals('unknown-scheme://test', $result->getFieldValue());
+    }
 }