Merge branch 'master' into fix_host_parsing

.github/workflows/coding-style.yml

@@ -10,7 +10,7 @@ jobs:
             - uses: actions/checkout@v3
             - uses: shivammathur/setup-php@v2
               with:
-                  php-version: 7.2
+                  php-version: 8.1
                   coverage: none
 
             - run: composer create-project nette/code-checker temp/code-checker ^3 --no-progress
@@ -24,7 +24,7 @@ jobs:
             - uses: actions/checkout@v3
             - uses: shivammathur/setup-php@v2
               with:
-                  php-version: 8.0
+                  php-version: 8.1
                   coverage: none
 
             - run: composer create-project nette/coding-standard temp/coding-standard ^3 --no-progress

.github/workflows/static-analysis.yml

@@ -13,7 +13,7 @@ jobs:
             - uses: actions/checkout@v3
             - uses: shivammathur/setup-php@v2
               with:
-                  php-version: 7.4
+                  php-version: 8.1
                   coverage: none
 
             - run: composer install --no-progress --prefer-dist

.github/workflows/tests.yml

@@ -12,7 +12,7 @@ jobs:
         strategy:
             matrix:
                 os: [ubuntu-latest, windows-latest, macOS-latest]
-                php: ['7.2', '7.3', '7.4', '8.0', '8.1', '8.2']
+                php: ['8.1', '8.2', '8.3']
                 sapi: ['php', 'php-cgi']
 
             fail-fast: false
@@ -42,7 +42,7 @@ jobs:
             - uses: actions/checkout@v3
             - uses: shivammathur/setup-php@v2
               with:
-                  php-version: 7.2
+                  php-version: 8.1
                   coverage: none
                   extensions: ${{ env.php-extensions }}
 
@@ -57,7 +57,7 @@ jobs:
             - uses: actions/checkout@v3
             - uses: shivammathur/setup-php@v2
               with:
-                  php-version: 7.4
+                  php-version: 8.1
                   coverage: none
                   extensions: ${{ env.php-extensions }}
 

composer.json

@@ -15,13 +15,13 @@
 		}
 	],
 	"require": {
-		"php": ">=7.2 <8.3",
-		"nette/utils": "^3.2.1 || ~4.0.0"
+		"php": "8.1 - 8.3",
+		"nette/utils": "^4.0.4"
 	},
 	"require-dev": {
-		"nette/di": "^3.0",
+		"nette/di": "^3.1 || ^4.0",
 		"nette/tester": "^2.4",
-		"nette/security": "^3.0",
+		"nette/security": "^4.0",
 		"tracy/tracy": "^2.8",
 		"phpstan/phpstan": "^1.0"
 	},
@@ -42,7 +42,7 @@
 	},
 	"extra": {
 		"branch-alias": {
-			"dev-master": "3.2-dev"
+			"dev-master": "4.0-dev"
 		}
 	}
 }

readme.md

@@ -35,7 +35,7 @@ Installation
 composer require nette/http
 ```
 
-It requires PHP version 7.2 and supports PHP up to 8.2.
+It requires PHP version 8.1 and supports PHP up to 8.3.
 
 
 HTTP Request

src/Bridges/HttpDI/HttpExtension.php

@@ -18,8 +18,7 @@
  */
 class HttpExtension extends Nette\DI\CompilerExtension
 {
-	/** @var bool */
-	private $cliMode;
+	private bool $cliMode;
 
 
 	public function __construct(bool $cliMode = false)
@@ -115,11 +114,11 @@ private function sendHeaders()
 			}
 
 			$value = self::buildPolicy($config->$key);
-			if (strpos($value, "'nonce'")) {
+			if (str_contains($value, "'nonce'")) {
 				$this->initialization->addBody('$cspNonce = base64_encode(random_bytes(16));');
 				$value = Nette\DI\ContainerBuilder::literal(
 					'str_replace(?, ? . $cspNonce, ?)',
-					["'nonce", "'nonce-", $value]
+					["'nonce", "'nonce-", $value],
 				);
 			}
 
@@ -140,7 +139,7 @@ private function sendHeaders()
 		if (!$config->disableNetteCookie) {
 			$this->initialization->addBody(
 				'Nette\Http\Helpers::initCookie($this->getService(?), $response);',
-				[$this->prefix('request')]
+				[$this->prefix('request')],
 			);
 		}
 	}

src/Bridges/HttpDI/SessionExtension.php

@@ -19,11 +19,8 @@
  */
 class SessionExtension extends Nette\DI\CompilerExtension
 {
-	/** @var bool */
-	private $debugMode;
-
-	/** @var bool */
-	private $cliMode;
+	private bool $debugMode;
+	private bool $cliMode;
 
 
 	public function __construct(bool $debugMode = false, bool $cliMode = false)
@@ -41,7 +38,7 @@ public function getConfigSchema(): Nette\Schema\Schema
 			'expiration' => Expect::string()->dynamic(),
 			'handler' => Expect::string()->dynamic(),
 			'readAndClose' => Expect::bool(),
-			'cookieSamesite' => Expect::anyOf(IResponse::SameSiteLax, IResponse::SameSiteStrict, IResponse::SameSiteNone, true)
+			'cookieSamesite' => Expect::anyOf(IResponse::SameSiteLax, IResponse::SameSiteStrict, IResponse::SameSiteNone)
 				->firstIsDefault(),
 		])->otherItems('mixed');
 	}
@@ -67,16 +64,6 @@ public function loadConfiguration()
 			$config->cookieDomain = $builder::literal('$this->getByType(Nette\Http\IRequest::class)->getUrl()->getDomain(2)');
 		}
 
-		if (isset($config->cookieSecure)) {
-			trigger_error("The item 'session\u{a0}›\u{a0}cookieSecure' is deprecated, use 'http\u{a0}›\u{a0}cookieSecure' (it has default value 'auto').", E_USER_DEPRECATED);
-			unset($config->cookieSecure);
-		}
-
-		if ($config->cookieSamesite === true) {
-			trigger_error("In 'session\u{a0}›\u{a0}cookieSamesite' replace true with 'Lax'.", E_USER_DEPRECATED);
-			$config->cookieSamesite = IResponse::SameSiteLax;
-		}
-
 		$this->compiler->addExportedType(Nette\Http\IRequest::class);
 
 		if ($this->debugMode && $config->debugger) {

src/Bridges/HttpTracy/SessionPanel.php

@@ -18,8 +18,6 @@
  */
 class SessionPanel implements Tracy\IBarPanel
 {
-	use Nette\SmartObject;
-
 	/**
 	 * Renders tab.
 	 */

src/Http/Context.php

@@ -9,21 +9,14 @@
 
 namespace Nette\Http;
 
-use Nette;
-
 
 /**
  * HTTP-specific tasks.
  */
 class Context
 {
-	use Nette\SmartObject;
-
-	/** @var IRequest */
-	private $request;
-
-	/** @var IResponse */
-	private $response;
+	private IRequest $request;
+	private IResponse $response;
 
 
 	public function __construct(IRequest $request, IResponse $response)
@@ -35,9 +28,8 @@ public function __construct(IRequest $request, IResponse $response)
 
 	/**
 	 * Attempts to cache the sent entity by its last modification date.
-	 * @param  string|int|\DateTimeInterface  $lastModified
 	 */
-	public function isModified($lastModified = null, ?string $etag = null): bool
+	public function isModified(string|int|\DateTimeInterface|null $lastModified = null, ?string $etag = null): bool
 	{
 		if ($lastModified) {
 			$this->response->setHeader('Last-Modified', Helpers::formatDate($lastModified));
@@ -54,7 +46,7 @@ public function isModified($lastModified = null, ?string $etag = null): bool
 		} elseif ($ifNoneMatch !== null) {
 			$etag = $this->response->getHeader('ETag');
 
-			if ($etag === null || strpos(' ' . strtr($ifNoneMatch, ",\t", '  '), ' ' . $etag) === false) {
+			if ($etag === null || !str_contains(' ' . strtr($ifNoneMatch, ",\t", '  '), ' ' . $etag)) {
 				return true;
 
 			} else {

src/Http/FileUpload.php

@@ -10,6 +10,7 @@
 namespace Nette\Http;
 
 use Nette;
+use Nette\Utils\Image;
 
 
 /**
@@ -29,28 +30,15 @@ final class FileUpload
 {
 	use Nette\SmartObject;
 
-	public const ImageMimeTypes = ['image/gif', 'image/png', 'image/jpeg', 'image/webp'];
+	/** @deprecated */
+	public const IMAGE_MIME_TYPES = ['image/gif', 'image/png', 'image/jpeg', 'image/webp'];
 
-	/** @deprecated use FileUpload::ImageMimeTypes */
-	public const IMAGE_MIME_TYPES = self::ImageMimeTypes;
-
-	/** @var string */
-	private $name;
-
-	/** @var string|null */
-	private $fullPath;
-
-	/** @var string|false|null */
-	private $type;
-
-	/** @var int */
-	private $size;
-
-	/** @var string */
-	private $tmpName;
-
-	/** @var int */
-	private $error;
+	private string $name;
+	private string|null $fullPath;
+	private string|false|null $type = null;
+	private int $size;
+	private string $tmpName;
+	private int $error;
 
 
 	public function __construct(?array $value)
@@ -75,6 +63,7 @@ public function __construct(?array $value)
 	 */
 	public function getName(): string
 	{
+		trigger_error(__METHOD__ . '() is deprecated, use getUntrustedName()', E_USER_DEPRECATED);
 		return $this->name;
 	}
 
@@ -96,7 +85,7 @@ public function getUntrustedName(): string
 	 */
 	public function getSanitizedName(): string
 	{
-		$name = Nette\Utils\Strings::webalize($this->name, '.', false);
+		$name = Nette\Utils\Strings::webalize($this->name, '.', lower: false);
 		$name = str_replace(['-.', '.-'], '.', $name);
 		$name = trim($name, '.-');
 		$name = $name === '' ? 'unknown' : $name;
@@ -137,7 +126,7 @@ public function getContentType(): ?string
 
 
 	/**
-	 * Returns the path of the temporary location of the uploaded file.
+	 * Returns the size of the uploaded file in bytes.
 	 */
 	public function getSize(): int
 	{
@@ -193,9 +182,8 @@ public function hasFile(): bool
 
 	/**
 	 * Moves an uploaded file to a new location. If the destination file already exists, it will be overwritten.
-	 * @return static
 	 */
-	public function move(string $dest)
+	public function move(string $dest): static
 	{
 		$dir = dirname($dest);
 		Nette\Utils\FileSystem::createDir($dir);
@@ -205,7 +193,7 @@ public function move(string $dest)
 			[$this->tmpName, $dest],
 			function (string $message) use ($dest): void {
 				throw new Nette\InvalidStateException("Unable to move uploaded file '$this->tmpName' to '$dest'. $message");
-			}
+			},
 		);
 		@chmod($dest, 0666); // @ - possible low permission to chmod
 		$this->tmpName = $dest;
@@ -214,22 +202,23 @@ function (string $message) use ($dest): void {
 
 
 	/**
-	 * Returns true if the uploaded file is a JPEG, PNG, GIF, or WebP image.
+	 * Returns true if the uploaded file is an image supported by PHP.
 	 * Detection is based on its signature, the integrity of the file is not checked. Requires PHP extension fileinfo.
 	 */
 	public function isImage(): bool
 	{
-		return in_array($this->getContentType(), self::ImageMimeTypes, true);
+		$types = array_map(fn($type) => Image::typeToMimeType($type), Image::getSupportedTypes());
+		return in_array($this->getContentType(), $types, strict: true);
 	}
 
 
 	/**
 	 * Loads an image.
 	 * @throws Nette\Utils\ImageException  If the upload was not successful or is not a valid image
 	 */
-	public function toImage(): Nette\Utils\Image
+	public function toImage(): Image
 	{
-		return Nette\Utils\Image::fromFile($this->tmpName);
+		return Image::fromFile($this->tmpName);
 	}
 
 

src/Http/Helpers.php

@@ -23,15 +23,11 @@ final class Helpers
 	/** @internal */
 	public const StrictCookieName = '_nss';
 
-	/** @deprecated */
-	public const STRICT_COOKIE_NAME = self::StrictCookieName;
-
 
 	/**
 	 * Returns HTTP valid date format.
-	 * @param  string|int|\DateTimeInterface  $time
 	 */
-	public static function formatDate($time): string
+	public static function formatDate(string|int|\DateTimeInterface $time): string
 	{
 		$time = DateTime::from($time)->setTimezone(new \DateTimeZone('GMT'));
 		return $time->format('D, d M Y H:i:s \G\M\T');
@@ -44,7 +40,7 @@ public static function formatDate($time): string
 	public static function ipMatch(string $ip, string $mask): bool
 	{
 		[$mask, $size] = explode('/', $mask . '/');
-		$tmp = function (int $n): string { return sprintf('%032b', $n); };
+		$tmp = fn(int $n): string => sprintf('%032b', $n);
 		$ip = implode('', array_map($tmp, unpack('N*', inet_pton($ip))));
 		$mask = implode('', array_map($tmp, unpack('N*', inet_pton($mask))));
 		$max = strlen($ip);
@@ -58,6 +54,6 @@ public static function ipMatch(string $ip, string $mask): bool
 
 	public static function initCookie(IRequest $request, IResponse $response)
 	{
-		$response->setCookie(self::StrictCookieName, '1', 0, '/', null, null, true, IResponse::SameSiteStrict);
+		$response->setCookie(self::StrictCookieName, '1', 0, '/', sameSite: IResponse::SameSiteStrict);
 	}
 }