Header validation (InvalidArgumentException : ":<header>" is not valid header name)

Question

Header validation (InvalidArgumentException : ":<header>" is not valid header name)

guram-vashakidze opened this issue 3 months ago · comments

Description
There aren't way to use "not valid" headers (which isn't follow RFC7230). In my app I'm implementing app push notification trough APNS. This API is using headers: :method, :path, :scheme.

Solutions

Add option disable_header_validation - to disable assertHeader method
Add option header_regex - to change default regex /^[a-zA-Z0-9\'#$%&*+.^_|~!-]+$/D`
Add option header_validation - with closure which overwrite assertHeader method

Graham Campbell · Answer 1 · Wed Mar 06 2024 17:07:17 GMT+0800 (China Standard Time)

Does their API work if you encode the : as %3A?

Graham Campbell · Answer 2 · Wed Mar 06 2024 17:09:24 GMT+0800 (China Standard Time)

Actually, I think you are misunderstanding the spec you linked to. You are not supposed to add the :method etc headers as real headers. Those are pesudo-headers as part of HTTP/2. You need to set these values as the native method, path and schema on our request object, not as headers.

Graham Campbell · Answer 3 · Wed Mar 06 2024 17:09:42 GMT+0800 (China Standard Time)

See https://httpwg.org/specs/rfc7540.html#rfc.section.8.1.2.3.

Guram Vashakidze · Answer 4 · Wed Mar 06 2024 17:54:41 GMT+0800 (China Standard Time)

@GrahamCampbell Unfortunately these are the request headers not request body (also %3A - not working) - it's clear from their doc and I checked it.
I implement it on native cURL lib and it works.

Graham Campbell · Answer 5 · Wed Mar 06 2024 19:21:31 GMT+0800 (China Standard Time)

Their doc says to use HTTP/2. cURL is for sure correcting your mistake and not using those as real headers for you.

Graham Campbell · Answer 6 · Wed Mar 06 2024 19:22:28 GMT+0800 (China Standard Time)

If it's "not working", likely you need to instruct Guzzle to use HTTP/2. By default it will only use 1.0 or 1.1.