Fedora 28: FEDORA-2018-71e9650fa9 Critical: Request Management Update

Zend\Http is a primary foundational component of Zend Framework.

Since much of what PHP does is web-based, specifically HTTP,

it makes sense to have a performant, extensible, concise and

consistent API to do all things HTTP.

Documentation: https://zendframework.github.io/zend-http/

## 2.8.1 - 2018-08-01 ### Added - Nothing. ### Changed - This release

modifies how `Zend\Http\PhpEnvironment\Request` marshals the request URI. In

prior releases, we would attempt to inspect the `X-Rewrite-Url` and `X

-Original-Url` headers, using their values, if present. These headers are

issued by the ISAPI_Rewrite module for IIS (developed by HeliconTech).

However, we have no way of guaranteeing that the module is what issued the

headers, making it an unreliable source for discovering the URI. As such, we

have removed this feature in this release of zend-http. If you are developing

a zend-mvc application, you can mimic the functionality by adding a bootstrap

listener like the following: ``` public function onBootstrap(MvcEvent

$mvcEvent) { $request = $mvcEvent->getRequest(); $requestUri null; $httpXRewriteUrl = $request->getHeader('X-Rewrite-Url'); if

($httpXRewriteUrl) { $requestUri = $httpXRewriteUrl->getFieldValue();

} $httpXOriginalUrl = $request->getHeader('X-Original-Url'); if

($httpXOriginalUrl) { $requestUri $httpXOriginalUrl->getFieldValue(); } if ($requestUri) {

$request->setUri($requestUri) } } ``` If you use a listener such as

the above, make sure you also instruct your web server to strip any incoming

headers of the same name so that you can guarantee they are issued by the

ISAPI_Rewrite module. ### Deprecated - Nothing. ### Removed - Nothing. ###

Fixed - Nothing.

* Thu Aug 2 2018 Shawn Iwinski - 2.8.1-1

- Update to 2.8.1 (ZF2018-01)

* Fri Jul 13 2018 Fedora Release Engineering - 2.8.0-3

- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

* Fri Apr 27 2018 Remi Collet - 2.8.0-2

- update to 2.8.0

- use range dependencies

- switch to phpunit7

su -c 'dnf upgrade --advisory FEDORA-2018-71e9650fa9' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QCK33H3LCMNKSVA7RLCTVXFWDLD7NIHH/