BUGFIX: Throw exception when passing objects to Headers::set()

Neos.Flow/Classes/Http/AbstractMessage.php

@@ -110,7 +110,7 @@ public function hasHeader($name)
      * GMT previously. GMT is used synonymously with UTC as per RFC 2616 3.3.1.
      *
      * @param string $name Name of the header, for example "Location", "Content-Description" etc.
-     * @param array|string|\DateTime $values An array of values or a single value for the specified header field
+     * @param array|string|\DateTimeInterface $values An array of strings or a single string/DateTime for the specified header field
      * @param boolean $replaceExistingHeader If a header with the same name should be replaced. Default is TRUE.
      * @return self This message, for method chaining
      * @throws \InvalidArgumentException

Neos.Flow/Classes/Http/BaseRequest.php

@@ -168,7 +168,7 @@ public function setContent($content)
     {
         if (is_resource($content) && get_resource_type($content) === 'stream' && stream_is_local($content)) {
             $streamMetaData = stream_get_meta_data($content);
-            $this->headers->set('Content-Length', filesize($streamMetaData['uri']));
+            $this->headers->set('Content-Length', (string)filesize($streamMetaData['uri']));
             $this->headers->set('Content-Type', MediaTypes::getMediaTypeFromFilename($streamMetaData['uri']));
         }
 

Neos.Flow/Classes/Http/Headers.php

@@ -73,12 +73,12 @@ public static function createFromServer(array $server)
         foreach ($server as $name => $value) {
             if (strpos($name, 'HTTP_') === 0) {
                 $name = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))));
-                $headerFields[$name] = $value;
+                $headerFields[$name] = (string)$value;
             } elseif ($name == 'REDIRECT_REMOTE_AUTHORIZATION' && !isset($headerFields['Authorization'])) {
                 $headerFields['Authorization'] = $value;
             } elseif (in_array($name, ['CONTENT_TYPE', 'CONTENT_LENGTH'])) {
                 $name = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', $name))));
-                $headerFields[$name] = $value;
+                $headerFields[$name] = (string)$value;
             }
         }
         return new self($headerFields);
@@ -95,7 +95,7 @@ public static function createFromServer(array $server)
      * GMT previously. GMT is used synonymously with UTC as per RFC 2616 3.3.1.
      *
      * @param string $name Name of the header, for example "Location", "Content-Description" etc.
-     * @param array|string|\DateTime $values An array of values or a single value for the specified header field
+     * @param string|string[]|\DateTime $values An array of values or a single value for the specified header field
      * @param boolean $replaceExistingHeader If a header with the same name should be replaced. Default is TRUE.
      * @return void
      * @throws \InvalidArgumentException
@@ -107,8 +107,16 @@ public function set($name, $values, $replaceExistingHeader = true)
             $date = clone $values;
             $date->setTimezone(new \DateTimeZone('GMT'));
             $values = [$date->format('D, d M Y H:i:s') . ' GMT'];
+        } elseif (is_string($values)) {
+            $values = [$values];
+        } elseif (is_array($values)) {
+            array_walk($values, function ($item) {
+                if (!is_string($item)) {
+                    throw new \InvalidArgumentException(sprintf('The header value must be a string, string array or an instance of DateTimeInterface, but the given array contains an instance of %s', is_object($item) ? get_class($item) : gettype($item)), 1523973518);
+                }
+            });
         } else {
-            $values = (array) $values;
+            throw new \InvalidArgumentException(sprintf('The header value must be a string, string array or an instance of DateTimeInterface, given: %s', is_object($values) ? get_class($values) : gettype($values)), 1513332376);
         }
 
         switch ($name) {

Neos.Flow/Classes/Http/Response.php

@@ -487,13 +487,13 @@ public function makeStandardsCompliant(Request $request)
 
         if ($request->getMethod() === 'HEAD') {
             if (!$this->headers->has('Content-Length')) {
-                $this->headers->set('Content-Length', strlen($this->content));
+                $this->headers->set('Content-Length', (string)strlen($this->content));
             }
             $this->content = '';
         }
 
         if (!$this->headers->has('Content-Length')) {
-            $this->headers->set('Content-Length', strlen($this->content));
+            $this->headers->set('Content-Length', (string)strlen($this->content));
         }
 
         if ($this->headers->has('Transfer-Encoding')) {

Neos.Flow/Tests/Unit/Http/HeadersTest.php

@@ -149,6 +149,40 @@ public function setGetAndGetAllConvertDatesFromDateObjectsToStringAndViceVersa()
         $this->assertEquals($nowInGmt->format(DATE_RFC2822), $headers->get('X-Test-Run-At')->format(DATE_RFC2822));
     }
 
+    public function setThrowsExceptionForInvalidValuesDataProvider()
+    {
+        return [
+            [new \stdClass()],
+            [1234],
+            [true],
+            [['foo', 'bar', 123]],
+        ];
+    }
+
+    /**
+     * @test
+     * @expectedException \InvalidArgumentException
+     * @dataProvider setThrowsExceptionForInvalidValuesDataProvider
+     */
+    public function setThrowsExceptionForInvalidValues($value)
+    {
+        $headers = new Headers();
+        $headers->set('X-Test', $value);
+    }
+
+    /**
+     * @test
+     * @expectedException \InvalidArgumentException
+     */
+    public function setThrowsExceptionWhenValueIsAnInteger()
+    {
+        $headers = new Headers();
+        $headers->set('X-Test', 123);
+    }
+
+
+    #$headers->set('X-Array', ['some', 'array', 123]);
+
     /**
      * @test
      */
@@ -329,7 +363,7 @@ public function setCacheControlDirectiveSetsVisibilityCorrectly()
     public function setExceptsHttpsHeaders()
     {
         $headers = new Headers();
-        $headers->set('HTTPS', 1);
+        $headers->set('HTTPS', '1');
     }
 
     /**
@@ -469,4 +503,48 @@ public function getCacheControlDirectiveReturnsTheSpecifiedDirectiveValueIfPrese
         }
         $this->assertEquals($value, $headers->getCacheControlDirective($name));
     }
+
+    /**
+     * @test
+     */
+    public function getPreparedValuesRendersStringsAsIs()
+    {
+        $headers = new Headers();
+        $headers->set('X-String', 'Some String');
+
+        $expectedResult = [
+            'X-String: Some String',
+        ];
+        $this->assertSame($expectedResult, $headers->getPreparedValues());
+    }
+
+    /**
+     * @test
+     */
+    public function getPreparedValuesRendersDateTimeInstancesAsGmtString()
+    {
+        $headers = new Headers();
+        $headers->set('X-Date', new \DateTimeImmutable('1980-12-13'));
+
+        $expectedResult = [
+            'X-Date: Sat, 13 Dec 1980 00:00:00 GMT',
+        ];
+        $this->assertSame($expectedResult, $headers->getPreparedValues());
+    }
+
+    /**
+     * @test
+     */
+    public function getPreparedValuesRendersOneHeaderPerArrayItem()
+    {
+        $headers = new Headers();
+        $headers->set('X-Array', ['some', 'array', '123']);
+
+        $expectedResult = [
+            'X-Array: some',
+            'X-Array: array',
+            'X-Array: 123',
+        ];
+        $this->assertSame($expectedResult, $headers->getPreparedValues());
+    }
 }

Neos.Flow/Tests/Unit/Http/ResponseTest.php

@@ -357,9 +357,9 @@ public function getAgeReturnsTimeSpecifiedInAgeHeaderIfExists()
 
         $response = new Response();
         $response->setNow($now);
-        $response->setHeader('Age', 123);
+        $response->setHeader('Age', '123');
 
-        $this->assertSame(123, $response->getAge());
+        $this->assertSame('123', $response->getAge());
     }
 
     /**
@@ -472,7 +472,7 @@ public function makeStandardsCompliantRemovesTheContentLengthHeaderIfTransferLen
 
         $response->setContent($content);
         $response->setHeader('Transfer-Encoding', 'chunked');
-        $response->setHeader('Content-Length', strlen($content));
+        $response->setHeader('Content-Length', (string)strlen($content));
         $response->makeStandardsCompliant($request);
         $this->assertFalse($response->hasHeader('Content-Length'));
     }
@@ -526,9 +526,9 @@ public function makeStandardsCompliantSetsBodyAndContentLengthForHeadRequests()
         $this->assertEquals(strlen($content), $response->getHeader('Content-Length'));
 
         $response = new Response();
-        $response->setHeader('Content-Length', 275);
+        $response->setHeader('Content-Length', '275');
         $response->makeStandardsCompliant($request);
-        $this->assertEquals(275, $response->getHeader('Content-Length'));
+        $this->assertEquals('275', $response->getHeader('Content-Length'));
     }
 
     /**
@@ -560,7 +560,7 @@ public function makeStandardsCompliantRemovesMaxAgeDireciveIfExpiresHeaderIsPres
     public function makeStandardsCompliantReturns304ResponseIfResourceWasNotModified()
     {
         $modifiedSince = \DateTime::createFromFormat(DATE_RFC2822, 'Sun, 20 May 2012 12:00:00 GMT');
-        $lastModified = \DateTime::createFromFormat(DATE_RFC2822, 'Fr, 18 May 2012 12:00:00 GMT');
+        $lastModified = \DateTime::createFromFormat(DATE_RFC2822, 'Fri, 18 May 2012 12:00:00 GMT');
 
         $request = Request::create(new Uri('http://localhost'));
         $response = new Response();