Urgent - v2.1.1 - MessageTrait assertValue broken

[thomas-alrek]

PHP version: 7.4.27 (hint: php --version)

Description
I updated my dependencies, and guzzlehttp/psr7 was updated to v2.1.1. This broke an integration with a third party API that I'm working with. (Largest credit card payment processor in Scandiavia).

I have traced it down to the changes introduced in MessageTrait for the method assertValue.
When the response (which I am not in control over), contains the following header, I get an InvalidArgumentException XXX is not a valid header value.

X-Iinfo: 12-34567890-123456789 AAAA BC(12 34 5) DE(1234567890123 123) a(1 2 3 4) b(1 2) A1

I have changed the actual values from the header, as I'm not sure if it contains confidential information. The relevant part here is the whitespaces, which failes the parsing introduced in 2.1.1.

How to reproduce
Add the above header to a response.

Possible Solution
Revert the changes done in 2.1.1 back to the behavior in 2.1.0

Additional context

[mbabker]

I've got a second case that these changes are breaking.

$request->setHeaders(['User-Agent' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15');

[kissifrot]

I'm also getting it with the header x-generator: Drupal 7 (https://www.drupal.org) - value retrieved using curl CLI -, getting error "Drupal 7 (https://www.drupal.org)" is not valid header value)

[it-can]

guzzle/guzzle#2998

[it-can]

To reproduce, tested on php 8.1 and guzzle 7.4

<?php
$header = 'Linux f0f489981e90 5.10.104-linuxkit 1 SMP Wed Mar 9 19:05:23 UTC 2022 x86_64';

$client = new \GuzzleHttp\Client();
$response = $client->request('GET', 'https://enswyqyojtxm.x.pipedream.net', [
    'headers' => [
        'User-Agent' => 'testing/1.0',
        'Accept'     => 'application/json',
        'X-Foo'      => ['Bar', 'Baz'],
        'X-TEST'     => $header,
    ]
]);

This will throw an error: "Linux f0f489981e90 5.10.104-linuxkit #1 SMP Wed Mar 9 19:05:23 UTC 2022 x86_64" is not valid header value

[holtkamp]

Seems to also occur when upgrading guzzle/psr7 1.8.3 => 1.8.4

Here are the changes: 1.8.3...1.8.4

Forcing composer to install 1.8.3 using "guzzlehttp/psr7": "1.8.3" resolves the problem.

The string that was used as header value on a Heroku dyno running PHP 8.0.17:

Linux 2a6d8020-bdd7-4fd2-9341-dfbe8ac2506c 4.4.0-1101-aws #106-Ubuntu SMP Tue Mar 1 10:51:49 UTC 2022 x86_64

[GrahamCampbell]

If you'd like to propose a fix, please do, since this is urgent for you.

[GrahamCampbell]

I have prepared a fix. Please can you try this out @thomas-alrek @mbabker @kissifrot @it-can @holtkamp.

• 1.8.x line: Release 1.8.5 #491
• 2.1.x line: Release 2.1.2 #492

[GrahamCampbell]

cc @ibrasho

[it-can]

@GrahamCampbell yes the fix is working for me... Thanks for the quick-fix!

https://requestbin.com/r/en23lcyrh3o2p/26fRMDWJ8k32KhF1EAqZvPJU0vU