symfony
diff --git a/‎src/Symfony/Component/DomCrawler/Tests/UriResolverTest.php
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Component/DomCrawler/Tests/UriResolverTest.php
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Component/DomCrawler/UriResolver.php
Lines changed: 1 addition & 5 deletions b/‎src/Symfony/Component/DomCrawler/UriResolver.php
Lines changed: 1 addition & 5 deletions
diff --git a/‎src/Symfony/Component/HttpClient/CurlHttpClient.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpClient/CurlHttpClient.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpClient/HttpClientTrait.php
Lines changed: 6 additions & 7 deletions b/‎src/Symfony/Component/HttpClient/HttpClientTrait.php
Lines changed: 6 additions & 7 deletions
diff --git a/‎src/Symfony/Component/HttpClient/Response/CurlResponse.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpClient/Response/CurlResponse.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpClient/Tests/HttpClientTestCase.php
Lines changed: 9 additions & 0 deletions b/‎src/Symfony/Component/HttpClient/Tests/HttpClientTestCase.php
Lines changed: 9 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpClient/Tests/HttpClientTraitTest.php
Lines changed: 3 additions & 3 deletions b/‎src/Symfony/Component/HttpClient/Tests/HttpClientTraitTest.php
Lines changed: 3 additions & 3 deletions
diff --git a/‎src/Symfony/Component/HttpClient/composer.json
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpClient/composer.json
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/Request.php
Lines changed: 4 additions & 7 deletions b/‎src/Symfony/Component/HttpFoundation/Request.php
Lines changed: 4 additions & 7 deletions
diff --git a/‎src/Symfo E4A7 ny/Component/HttpFoundation/Tests/RequestTest.php
Lines changed: 2 additions & 1 deletion b/‎src/Symfo E4A7 ny/Component/HttpFoundation/Tests/RequestTest.php
Lines changed: 2 additions & 1 deletion
diff --git a/‎src/Symfony/Contracts/HttpClient/Test/Fixtures/web/index.php
Lines changed: 6 additions & 0 deletions b/‎src/Symfony/Contracts/HttpClient/Test/Fixtures/web/index.php
Lines changed: 6 additions & 0 deletions
@@ -87,6 +87,7 @@ public static function provideResolverTests()
 
             ['http://', 'http://localhost', 'http://'],
             ['/foo:123', 'http://localhost', 'http://localhost/foo:123'],
+            ['foo:123', 'http://localhost/', 'foo:123'],
         ];
     }
 }
@@ -32,12 +32,8 @@ public static function resolve(string $uri, ?string $baseUri): string
     {
         $uri = trim($uri);
 
-        if (false === ($scheme = parse_url($uri, \PHP_URL_SCHEME)) && '/' === ($uri[0] ?? '')) {
-            $scheme = parse_url($uri.'#', \PHP_URL_SCHEME);
-        }
-
         // absolute URL?
-        if (null !== $scheme) {
+        if (null !== parse_url(\strlen($uri) !== strcspn($uri, '?#') ? $uri : $uri.'#', \PHP_URL_SCHEME)) {
             return $uri;
         }
 
 
@@ -436,7 +436,7 @@ private static function createRedirectResolver(array $options, string $host): \C
                 $redirectHeaders['with_auth'] = array_filter($redirectHeaders['with_auth'], $filterContentHeaders);
             }
 
-            if ($redirectHeaders && $host = parse_url('http:'.$location['authority'], \PHP_URL_HOST)) {
+            if ($redirectHeaders && $host = parse_url($location['authority'] ?? '#', \PHP_URL_HOST)) {
                 $requestHeaders = $redirectHeaders['host'] === $host ? $redirectHeaders['with_auth'] : $redirectHeaders['no_auth'];
                 curl_setopt($ch, \CURLOPT_HTTPHEADER, $requestHeaders);
             } elseif ($noContent && $redirectHeaders) {
 
@@ -514,11 +514,10 @@ private static function resolveUrl(array $url, ?array $base, array $queryDefault
      */
     private static function parseUrl(string $url, array $query = [], array $allowedSchemes = ['http' => 80, 'https' => 443]): array
     {
-        if (false === $parts = parse_url($url)) {
-            if ('/' !== ($url[0] ?? '') || false === $parts = parse_url($url.'#')) {
-                throw new InvalidArgumentException(sprintf('Malformed URL "%s".', $url));
-            }
-            unset($parts['fragment']);
+        $tail = '';
+
+        if (false === $parts = parse_url(\strlen($url) !== strcspn($url, '?#') ? $url : $url.$tail = '#')) {
+            throw new InvalidArgumentException(sprintf('Malformed URL "%s".', $url));
         }
 
         if ($query) {
@@ -529,7 +528,7 @@ private static function parseUrl(string $url, array $query = [], array $allowedS
 
         if (null !== $scheme = $parts['scheme'] ?? null) {
             if (!isset($allowedSchemes[$scheme = strtolower($scheme)])) {
-                throw new InvalidArgumentException(sprintf('Unsupported scheme in "%s".', $url));
+                throw new InvalidArgumentException(sprintf('Unsupported scheme in "%s": "%s" expected.', $url, implode('" or "', array_keys($allowedSchemes))));
 
             $port = $allowedSchemes[$scheme] === $port ? 0 : $port;
@@ -564,7 +563,7 @@ private static function parseUrl(string $url, array $query = [], array $allowedS
             'authority' => null !== $host ? '//'.(isset($parts['user']) ? $parts['user'].(isset($parts['pass']) ? ':'.$parts['pass'] : '').'@' : '').$host : null,
             'path' => isset($parts['path'][0]) ? $parts['path'] : null,
             'query' => isset($parts['query']) ? '?'.$parts['query'] : null,
-            'fragment' => isset($parts['fragment']) ? '#'.$parts['fragment'] : null,
+            'fragment' => isset($parts['fragment']) && !$tail ? '#'.$parts['fragment'] : null,
         ];
     }
 
 
@@ -435,7 +435,7 @@ private static function parseHeaderLine($ch, string $data, array &$info, array &
                 curl_setopt($ch, \CURLOPT_FOLLOWLOCATION, false);
                 curl_setopt($ch, \CURLOPT_MAXREDIRS, $options['max_redirects']);
             } else {
-                $url = parse_url($location ?? ':');
+                $url = parse_url($location.'#');
 
                 if (isset($url['host']) && null !== $ip = $multi->dnsCache->hostnames[$url['host'] = strtolower($url['host'])] ?? null) {
                     // Populate DNS cache for redirects if needed
 
@@ -466,4 +466,13 @@ public function testMisspelledScheme()
 
         $httpClient->request('GET', 'http:/localhost:8057/');
     }
+
+    public function testNoRedirectWithInvalidLocation()
+    {
+        $client = $this->getHttpClient(__FUNCTION__);
+
+        $response = $client->request('GET', 'http://localhost:8057/302-no-scheme');
+
+        $this->assertSame(302, $response->getStatusCode());
+    }
 }
@@ -127,14 +127,14 @@ public static function provideResolveUrl(): array
     public function testResolveUrlWithoutScheme()
     {
         $this->expectException(InvalidArgumentException::class);
-        $this->expectExceptionMessage('Invalid URL: scheme is missing in "//localhost:8080". Did you forget to add "http(s)://"?');
+        $this->expectExceptionMessage('Unsupported scheme in "localhost:8080": "http" or "https" expected.');
         self::resolveUrl(self::parseUrl('localhost:8080'), null);
     }
 
-    public function testResolveBaseUrlWitoutScheme()
+    public function testResolveBaseUrlWithoutScheme()
     {
         $this->expectException(InvalidArgumentException::class);
-        $this->expectExceptionMessage('Invalid URL: scheme is missing in "//localhost:8081". Did you forget to add "http(s)://"?');
+        $this->expectExceptionMessage('Unsupported scheme in "localhost:8081": "http" or "https" expected.');
         self::resolveUrl(self::parseUrl('/foo'), self::parseUrl('localhost:8081'));
     }
 
 
@@ -25,7 +25,7 @@
         "php": ">=7.2.5",
         "psr/log": "^1|^2|^3",
         "symfony/deprecation-contracts": "^2.1|^3",
-        "symfony/http-client-contracts": "^2.5.3",
+        "symfony/http-client-contracts": "^2.5.4",
         "symfony/polyfill-php73": "^1.11",
         "symfony/polyfill-php80": "^1.16",
         "symfony/service-contracts": "^1.0|^2|^3"
 
@@ -358,12 +358,7 @@ public static function create(string $uri, string $method = 'GET', array $parame
         $server['PATH_INFO'] = '';
         $server['REQUEST_METHOD'] = strtoupper($method);
 
-        if (false === ($components = parse_url($uri)) && '/' === ($uri[0] ?? '')) {
-            $components = parse_url($uri.'#');
-            unset($components['fragment']);
-        }
-
-        if (false === $components) {
+        if (false === $components = parse_url(\strlen($uri) !== strcspn($uri, '?#') ? $uri : $uri.'#')) {
             throw new BadRequestException('Invalid URI.');
         }
 
@@ -386,9 +381,11 @@ public static function create(string $uri, string $method = 'GET', array $parame
             if ('https' === $components['scheme']) {
                 $server['HTTPS'] = 'on';
                 $server['SERVER_PORT'] = 443;
-            } else {
+            } elseif ('http' === $components['scheme']) {
                 unset($server['HTTPS']);
                 $server['SERVER_PORT'] = 80;
+            } else {
+                throw new BadRequestException('Invalid URI: http(s) scheme expected.');
             }
         }
 
 
@@ -310,7 +310,8 @@ public function testCreateWithRequestUri()
      *           ["foo\u0000"]
      *           [" foo"]
      *           ["foo "]
-     *           [":"]
+     *           ["//"]
+     *           ["foo:bar"]
      */
     public function testCreateWithBadRequestUri(string $uri)
     {
 
@@ -98,6 +98,12 @@
         }
         break;
 
+    case '/302-no-scheme':
+        if (!isset($vars['HTTP_AUTHORIZATION'])) {
+            header('Location: localhost:8067', true, 302);
+        }
+        break;
+
     case '/302/relative':
         header('Location: ..', true, 302);
         break;
Original file line number	Diff line number	Diff line change
`@@ -87,6 +87,7 @@ public static function provideResolverTests()`
`87`	`87`
`88`	`88`	`['http://', 'http://localhost', 'http://'],`
`89`	`89`	`['/foo:123', 'http://localhost', 'http://localhost/foo:123'],`
	`90`	`+ ['foo:123', 'http://localhost/', 'foo:123'],`
`90`	`91`	`];`
`91`	`92`	`}`
`92`	`93`	`}`
Original file line number	Diff line number	Diff line change
`@@ -32,12 +32,8 @@ public static function resolve(string $uri, ?string $baseUri): string`
`32`	`32`	`{`
`33`	`33`	`$uri = trim($uri);`
`34`	`34`
`35`		`- if (false === ($scheme = parse_url($uri, \PHP_URL_SCHEME)) && '/' === ($uri[0] ?? '')) {`
`36`		`- $scheme = parse_url($uri.'#', \PHP_URL_SCHEME);`
`37`		`- }`
`38`		`-`
`39`	`35`	`// absolute URL?`
`40`		`- if (null !== $scheme) {`
	`36`	`+ if (null !== parse_url(\strlen($uri) !== strcspn($uri, '?#') ? $uri : $uri.'#', \PHP_URL_SCHEME)) {`
`41`	`37`	`return $uri;`
`42`	`38`	`}`
`43`	`39`
Original file line number	Diff line number	Diff line change
`@@ -436,7 +436,7 @@ private static function createRedirectResolver(array $options, string $host): \C`
`436`	`436`	`$redirectHeaders['with_auth'] = array_filter($redirectHeaders['with_auth'], $filterContentHeaders);`
`437`	`437`	`}`
`438`	`438`
`439`		`- if ($redirectHeaders && $host = parse_url('http:'.$location['authority'], \PHP_URL_HOST)) {`
	`439`	`+ if ($redirectHeaders && $host = parse_url($location['authority'] ?? '#', \PHP_URL_HOST)) {`
`440`	`440`	`$requestHeaders = $redirectHeaders['host'] === $host ? $redirectHeaders['with_auth'] : $redirectHeaders['no_auth'];`
`441`	`441`	`curl_setopt($ch, \CURLOPT_HTTPHEADER, $requestHeaders);`
`442`	`442`	`} elseif ($noContent && $redirectHeaders) {`
Original file line number	Diff line number	Diff line change
`@@ -466,4 +466,13 @@ public function testMisspelledScheme()`
`466`	`466`
`467`	`467`	`$httpClient->request('GET', 'http:/localhost:8057/');`
`468`	`468`	`}`
	`469`	`+`
	`470`	`+ public function testNoRedirectWithInvalidLocation()`
	`471`	`+ {`
	`472`	`+ $client = $this->getHttpClient(__FUNCTION__);`
	`473`	`+`
	`474`	`+ $response = $client->request('GET', 'http://localhost:8057/302-no-scheme');`
	`475`	`+`
	`476`	`+ $this->assertSame(302, $response->getStatusCode());`
	`477`	`+ }`
`469`	`478`	`}`
Original file line number	Diff line number	Diff line change
`@@ -127,14 +127,14 @@ public static function provideResolveUrl(): array`
`127`	`127`	`public function testResolveUrlWithoutScheme()`
`128`	`128`	`{`
`129`	`129`	`$this->expectException(InvalidArgumentException::class);`
`130`		`- $this->expectExceptionMessage('Invalid URL: scheme is missing in "//localhost:8080". Did you forget to add "http(s)://"?');`
	`130`	`+ $this->expectExceptionMessage('Unsupported scheme in "localhost:8080": "http" or "https" expected.');`
`131`	`131`	`self::resolveUrl(self::parseUrl('localhost:8080'), null);`
`132`	`132`	`}`
`133`	`133`
`134`		`- public function testResolveBaseUrlWitoutScheme()`
	`134`	`+ public function testResolveBaseUrlWithoutScheme()`
`135`	`135`	`{`
`136`	`136`	`$this->expectException(InvalidArgumentException::class);`
`137`		`- $this->expectExceptionMessage('Invalid URL: scheme is missing in "//localhost:8081". Did you forget to add "http(s)://"?');`
	`137`	`+ $this->expectExceptionMessage('Unsupported scheme in "localhost:8081": "http" or "https" expected.');`
`138`	`138`	`self::resolveUrl(self::parseUrl('/foo'), self::parseUrl('localhost:8081'));`
`139`	`139`	`}`
`140`	`140`