diff --git a/src/Appwrite/Functions/Validator/Headers.php b/src/Appwrite/Functions/Validator/Headers.php index ec129f57b6..febaf73cd7 100644 --- a/src/Appwrite/Functions/Validator/Headers.php +++ b/src/Appwrite/Functions/Validator/Headers.php @@ -43,41 +43,38 @@ class Headers extends Validator return true; } - if (\is_string($value)) { - $value = \json_decode($value, true); - } - if (!\is_array($value)) { return false; } if (json_last_error() !== JSON_ERROR_NONE) { return false; - } else { - if (\is_array($value)) { - foreach ($value as $key => $val) { - // Reject non-string keys - if (!\is_string($key) || \strlen($key) === 0) { - return false; - } + } - // Check if the key is a single character and ensure it is an alphabetic character - if (\strlen($key) === 1 && !preg_match('/^[a-zA-Z]$/', $key)) { - return false; - } + if (\is_array($value)) { + foreach ($value as $key => $val) { + // Reject non-string keys + if (!\is_string($key) || \strlen($key) === 0) { + return false; + } - // Check for invalid characters in keys longer than one character - if (\strlen($key) > 1 && !preg_match('/^[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]$/', $key)) { - return false; - } - // Check for x-appwrite- prefix - if (str_starts_with($key, 'x-appwrite-')) { - return false; - } + // Check if the key is a single character and ensure it is an alphabetic character + if (\strlen($key) === 1 && !preg_match('/^[a-zA-Z]$/', $key)) { + return false; + } + + // Check for invalid characters in keys longer than one character + if (\strlen($key) > 1 && !preg_match('/^[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]$/', $key)) { + return false; + } + // Check for x-appwrite- prefix + if (str_starts_with($key, 'x-appwrite-')) { + return false; } } return true; } + return false; } /**