regex, but also accepts ftps because both cURL and php support it. It no longer accepts thing like 'foo http://bar bax'
which was my main concern
Note the previous regex kind of looks more restrictive, but is not since saying "anything not containing a space
optionally followed by anything not containing a bunch of characters including a space" is the same as saying anything
with no spaces. See also r83296. This obviously doesn't catch all cases, but I personally think its sufficient.
At the very least it is a very significant improvement over the previous version that caught almost nothing.
* Do not follow redirects by default. This breaks on safe_mode, and may potentially open security vulnerabilities in callers which blacklist domain names. Instead, send followRedirects=true option in the HttpTest caller that needs it.
* Added a check for the cURL security vulnerability CVE-2009-0037, which allowed redirects to file:/// and scp://. Refuse to follow redirects if a vulnerable client library is present.
* Factored out the redirect compatibility test into public function canFollowRedirects() so that callers can provide this information to users.
* In PhpHttpRequest, only follow redirects to HTTP URLs, do not fopen() arbitrary locations. This is not quite as bad as it sounds, since the lack of response headers prevents file:/// content from being returned to the caller.
* Fixed vertical alignment in Http::request(), per style guide.
* 304, 305 and 306 responses are not really redirects and cannot contain a Location header.
* Document parseHeader()
* Separate out setStatus() so it can be called from execute()
* Avoid core dumps on older PHPs when using PhpHttpRequest and doing redirects
* Add getResponseHeader() for getting the response headers
* Add special handling on tests for older PHP
“make tap” spawns a new php instance for each test file.
Found some problems with date/time parsing on older 32bit php. I
forgot the year 2999 isn't a valid epoch date.
* fix up fopen warnings — I was bedazzled by phpUnit's
set_error_handler that turned warnings into exceptions and Tim set
me right.
* Use Tim's read loop
* No need for private $fh member
* Fix some minor problems with PHP versions (no "timeout" param in
pre-5.2.1, POST issue in Hardy's PHP version where timeout is null.)
* Fix how tests are run on old versions of phpUnit.
