From 452d19f945ee41345fd8a50c18b60783546b7bd3 Mon Sep 17 00:00:00 2001
From: thecaliskan <bilgi@emrecaliskan.com.tr>
Date: Mon, 26 May 2025 11:39:29 +0300
Subject: [PATCH 1/2] fixed Via regex

---
 Request.php           | 2 +-
 Tests/RequestTest.php | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/Request.php b/Request.php
index 922014133..42a3a8a2c 100644
--- a/Request.php
+++ b/Request.php
@@ -1466,7 +1466,7 @@ public function isMethodCacheable(): bool
     public function getProtocolVersion(): ?string
     {
         if ($this->isFromTrustedProxy()) {
-            preg_match('~^(HTTP/)?([1-9]\.[0-9]) ~', $this->headers->get('Via') ?? '', $matches);
+            preg_match('~^(HTTP/)?([1-9]\.[0-9])\b~', $this->headers->get('Via') ?? '', $matches);
 
             if ($matches) {
                 return 'HTTP/'.$matches[2];
diff --git a/Tests/RequestTest.php b/Tests/RequestTest.php
index f1aa0ebea..a2eace70e 100644
--- a/Tests/RequestTest.php
+++ b/Tests/RequestTest.php
@@ -2402,6 +2402,8 @@ public static function protocolVersionProvider()
             'trusted with via and protocol name' => ['HTTP/2.0', true, 'HTTP/1.0 fred, HTTP/1.1 nowhere.com (Apache/1.1)', 'HTTP/1.0'],
             'trusted with broken via' => ['HTTP/2.0', true, 'HTTP/1^0 foo', 'HTTP/2.0'],
             'trusted with partially-broken via' => ['HTTP/2.0', true, '1.0 fred, foo', 'HTTP/1.0'],
+            'trusted with simple via' => ['HTTP/2.0', true, 'HTTP/1.0', 'HTTP/1.0'],
+            'trusted with only version via' => ['HTTP/2.0', true, '1.0', 'HTTP/1.0'],
         ];
     }
 

From 23dd60256610c86a3414575b70c596e5deff6ed9 Mon Sep 17 00:00:00 2001
From: Nicolas Grekas <nicolas.grekas@gmail.com>
Date: Mon, 23 Jun 2025 17:07:14 +0200
Subject: [PATCH 2/2] Revert "minor #60377 [HttpFoundation] Emit PHP warning
 when `Response::sendHeaders()` is called while output has already been sent
 (ivo95v)"

This reverts commit cf554e1be6338c1176832dd4cdf713d88d3144ad, reversing
changes made to 392d0c9c407d6b06a072600fe9dc2a779b231ce0.
---
 Response.php | 5 -----
 1 file changed, 5 deletions(-)

diff --git a/Response.php b/Response.php
index 6766f2c77..638b5bf60 100644
--- a/Response.php
+++ b/Response.php
@@ -317,11 +317,6 @@ public function sendHeaders(?int $statusCode = null): static
     {
         // headers have already been sent by the developer
         if (headers_sent()) {
-            if (!\in_array(\PHP_SAPI, ['cli', 'phpdbg', 'embed'], true)) {
-                $statusCode ??= $this->statusCode;
-                header(\sprintf('HTTP/%s %s %s', $this->version, $statusCode, $this->statusText), true, $statusCode);
-            }
-
             return $this;
         }
 

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://github.com/symfony/http-foundation/compare/v7.3.0...v7.3.1.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://github.com/symfony/http-foundation/compare/v7.3.0...v7.3.1.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://github.com/symfony/http-foundation/compare/v7.3.0...v7.3.1.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://github.com/symfony/http-foundation/compare/v7.3.0...v7.3.1.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>