PHPackages                             monkeyscloud/monkeyslegion-http - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [HTTP &amp; Networking](/categories/http)
4. /
5. monkeyscloud/monkeyslegion-http

ActiveLibrary[HTTP &amp; Networking](/categories/http)

monkeyscloud/monkeyslegion-http
===============================

High-performance PSR-7/PSR-15 HTTP message implementations, middleware, and SAPI emitter for the MonkeysLegion framework.

2.1.1(1mo ago)12.6k—7.7%[1 PRs](https://github.com/MonkeysCloud/MonkeysLegion-Http/pulls)10MITPHPPHP ^8.4

Since Jul 23Pushed 1mo ago1 watchersCompare

[ Source](https://github.com/MonkeysCloud/MonkeysLegion-Http)[ Packagist](https://packagist.org/packages/monkeyscloud/monkeyslegion-http)[ RSS](/packages/monkeyscloud-monkeyslegion-http/feed)WikiDiscussions main Synced yesterday

READMEChangelog (1)Dependencies (29)Versions (19)Used By (10)

MonkeysLegion HTTP
==================

[](#monkeyslegion-http)

[![PHP](https://camo.githubusercontent.com/7ee6e059598f89d0c686b058a5524ccebefb7d5feb16eb0902fa4a11b1c564d1/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7068702d253545382e342d3838393242462e737667)](https://php.net)[![License](https://camo.githubusercontent.com/8bb50fd2278f18fc326bf71f6e88ca8f884f72f179d3e555e20ed30157190d0d/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d677265656e2e737667)](LICENSE)

> High-performance PSR-7/PSR-15/PSR-17 HTTP message implementations, middleware stack, and SAPI emitter for the MonkeysLegion framework. Zero external dependencies beyond PSR interfaces.

Installation
------------

[](#installation)

```
composer require monkeyscloud/monkeyslegion-http
```

Features
--------

[](#features)

FeatureDescription**PSR-7 Messages**Immutable `ServerRequest`, `Response`, `JsonResponse`, `Stream`, `Uri`**PSR-15 Middleware**14 production-ready middleware components**PSR-17 Factories**`HttpFactory` for all message types**SAPI Emitter**Chunked streaming response emitter**Error Handler**OOM-safe error handler with PSR-3 logging**Content Negotiation**Accept header parsing and payload selection**Helper Functions**`response()`, `json()`, `redirect()`, `html()`**PHP 8.4 Native**`final` classes, `readonly` properties, `match` expressionsQuick Start
-----------

[](#quick-start)

```
use MonkeysLegion\Http\Message\ServerRequest;
use MonkeysLegion\Http\Message\JsonResponse;
use MonkeysLegion\Http\Emitter\SapiEmitter;

// Build request from PHP superglobals
$request = ServerRequest::fromGlobals();

// Convenience accessors
$email = $request->input('user.email');      // Dot-notation body access
$token = $request->bearerToken();            // Authorization: Bearer ...
$ip    = $request->ip();                     // Client IP
$agent = $request->userAgent();              // User-Agent header
$hash  = $request->fingerprint();            // SHA-256 request fingerprint

// Inspection helpers
$request->isJson();     // Expects JSON?
$request->isSecure();   // HTTPS?
$request->isAjax();     // XMLHttpRequest?
$request->isMethod('POST');

// Create responses
$response = new JsonResponse(['status' => 'ok'], 200);

// Emit to client
(new SapiEmitter())->emit($response);
```

ServerRequest Convenience API
-----------------------------

[](#serverrequest-convenience-api)

```
// Dot-notation input access
$email = $request->input('user.email', 'default@example.com');

// Get all parsed body fields
$all = $request->all();

// Get only specific fields
$credentials = $request->only(['email', 'password']);

// Bearer token extraction
$jwt = $request->bearerToken();

// Request fingerprint for dedup/caching
$fingerprint = $request->fingerprint(); // SHA-256 of method|path|query|body
```

JsonResponse
------------

[](#jsonresponse)

```
use MonkeysLegion\Http\Message\JsonResponse;

// Simple JSON response
$response = new JsonResponse(['users' => $users]);

// With status code
$response = new JsonResponse(['error' => 'Not Found'], 404);

// Envelope format: { status, data, meta, message }
$response = (new JsonResponse($data))
    ->withEnvelope(message: 'Success');

// With pagination metadata
$response = (new JsonResponse($items))
    ->withPagination(page: 1, perPage: 25, total: 100);
```

Middleware Stack
----------------

[](#middleware-stack)

### Available Middleware

[](#available-middleware)

MiddlewarePurpose`AuthMiddleware`Bearer token authentication with JWT support`CorsMiddleware`Full CORS preflight handling`CsrfMiddleware`CSRF token verification`RateLimitMiddleware`Sliding-window rate limiting with PSR-16 cache`SecurityHeadersMiddleware`Security headers (strict/relaxed/api presets)`ETagMiddleware`Conditional GET with ETag/If-None-Match`IpFilterMiddleware`IP whitelist/blacklist filtering`RequestIdMiddleware`UUID request correlation ID`RequestSizeLimitMiddleware`Request body size enforcement`TimingMiddleware`X-Response-Time header`LoggingMiddleware`PSR-3 request/response logging`TrustedProxyMiddleware`X-Forwarded-\* header handling`ContentNegotiationMiddleware`Accept header content negotiation`ErrorHandlerMiddleware`Exception → HTTP response conversion### Middleware Dispatcher

[](#middleware-dispatcher)

O(1) cursor-based dispatcher — no `array_shift` overhead:

```
use MonkeysLegion\Http\MiddlewareDispatcher;
use MonkeysLegion\Http\CoreRequestHandler;

$dispatcher = new MiddlewareDispatcher(
    middlewareStack: [
        new RequestIdMiddleware(),
        new SecurityHeadersMiddleware('strict'),
        new CorsMiddleware(
            allowedOrigins: ['https://example.com'],
            allowedMethods: ['GET', 'POST', 'PUT', 'DELETE'],
        ),
        new RateLimitMiddleware(maxRequests: 100, windowSeconds: 60),
        new AuthMiddleware(requiredToken: 'my-api-key'),
    ],
    finalHandler: new CoreRequestHandler($router),
);

$response = $dispatcher->handle($request);
```

### CORS Middleware

[](#cors-middleware)

```
use MonkeysLegion\Http\Middleware\CorsMiddleware;

$cors = new CorsMiddleware(
    allowedOrigins:  ['https://app.example.com'],
    allowedMethods:  ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
    allowedHeaders:  ['Content-Type', 'Authorization', 'X-Request-ID'],
    exposedHeaders:  ['X-Request-ID', 'X-Response-Time'],
    maxAge:          3600,
    allowCredentials: true,
);
```

### Rate Limiter

[](#rate-limiter)

```
use MonkeysLegion\Http\Middleware\RateLimitMiddleware;

$limiter = new RateLimitMiddleware(
    maxRequests:   100,        // Requests per window
    windowSeconds: 60,         // 1-minute window
    cache:         $psr16Cache, // Optional PSR-16 cache (falls back to in-memory)
);

// Per-route override via request attribute:
// $request = $request->withAttribute('rate_limit', 10);
```

### Security Headers

[](#security-headers)

```
use MonkeysLegion\Http\Middleware\SecurityHeadersMiddleware;

// Three built-in presets
$strict  = new SecurityHeadersMiddleware('strict');   // Production APIs
$relaxed = new SecurityHeadersMiddleware('relaxed');  // Development
$api     = new SecurityHeadersMiddleware('api');      // API-optimized

// Custom overrides
$custom = new SecurityHeadersMiddleware('strict', [
    'Content-Security-Policy' => "default-src 'self'",
]);
```

### Auth Middleware

[](#auth-middleware)

```
use MonkeysLegion\Http\Middleware\AuthMiddleware;

$auth = new AuthMiddleware(
    requiredToken: 'my-secret-token',
    publicPaths:   ['/health', '/login', '/register'],
    jwtDecoder:    fn(string $token) => JWT::decode($token, $key), // Optional
);
```

Error Handler
-------------

[](#error-handler)

Global error handler with OOM protection, recursive-exception guards, and PSR-3 logging:

```
use MonkeysLegion\Core\Error\ErrorHandler;
use MonkeysLegion\Core\Error\Renderer\ErrorRendererInterface;
use MonkeysLegion\Http\Error\Renderer\JsonErrorRenderer;
use MonkeysLegion\Core\Error\Renderer\HtmlErrorRenderer;

$handler = new ErrorHandler();
$handler->useRenderer(new JsonErrorRenderer());
$handler->useLogger($psrLogger);
$handler->register();

// Custom renderer example:
final class CustomErrorRenderer implements ErrorRendererInterface {
    public function render(\Throwable $exception, bool $debug = false): string {
        return 'Custom error output';
    }

    public function getContentType(): string {
        return 'text/plain';
    }
}

$handler->useRenderer(new CustomErrorRenderer());
```

### Error Renderers

[](#error-renderers)

RendererOutput`JsonErrorRenderer`Structured JSON error response`HtmlErrorRenderer`Styled HTML error page> Legacy HTTP namespace aliases are deprecated for these two types:
>
> - `MonkeysLegion\Http\Error\Renderer\ErrorRendererInterface`
> - `MonkeysLegion\Http\Error\Renderer\PlainTextErrorRenderer`
>
> Use Core namespace instead:
>
> - `MonkeysLegion\Core\Error\Renderer\ErrorRendererInterface`
> - `MonkeysLegion\Core\Error\Renderer\PlainTextErrorRenderer`

PSR-17 Factory
--------------

[](#psr-17-factory)

```
use MonkeysLegion\Http\Factory\HttpFactory;

$factory = new HttpFactory();

$response = $factory->createResponse(200, 'OK');
$stream   = $factory->createStream('Hello');
$uri      = $factory->createUri('https://example.com/api');
$request  = $factory->createServerRequest('GET', $uri);
```

SAPI Emitter
------------

[](#sapi-emitter)

```
use MonkeysLegion\Http\Emitter\SapiEmitter;

$emitter = new SapiEmitter(chunkSize: 8192);
$emitter->emit($response);
```

Features:

- Auto-injects `Content-Length` when body size is known
- Guards against `headers_sent()` — throws instead of silent corruption
- Configurable chunk size for streaming large responses

Helper Functions
----------------

[](#helper-functions)

```
// Plain text response
$r = response('Hello World', 200, ['X-Custom' => 'value']);

// JSON response
$r = json(['status' => 'ok']);

// Redirect response
$r = redirect('/dashboard', 302);

// HTML response
$r = html('Hello');
```

Requirements
------------

[](#requirements)

- PHP 8.4+
- `psr/http-message` ^2.0
- `psr/http-server-middleware` ^1.0
- `psr/http-server-handler` ^1.0
- `psr/http-factory` ^1.1

### Optional

[](#optional)

- `psr/simple-cache` ^3.0 — For `RateLimitMiddleware` persistent storage
- `psr/log` ^3.0 — For `ErrorHandler` and `LoggingMiddleware`

License
-------

[](#license)

MIT

###  Health Score

52

—

FairBetter than 96% of packages

Maintenance91

Actively maintained with recent releases

Popularity23

Limited adoption so far

Community20

Small or concentrated contributor base

Maturity63

Established project with proven stability

 Bus Factor1

Top contributor holds 68.2% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~25 days

Recently: every ~15 days

Total

13

Last Release

42d ago

Major Versions

1.0.8 → 2.0.02026-04-11

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/2913369?v=4)[Jorge Peraza](/maintainers/yorchperaza)[@yorchperaza](https://github.com/yorchperaza)

---

Top Contributors

[![yorchperaza](https://avatars.githubusercontent.com/u/2913369?v=4)](https://github.com/yorchperaza "yorchperaza (30 commits)")[![Amanar-Marouane](https://avatars.githubusercontent.com/u/155680356?v=4)](https://github.com/Amanar-Marouane "Amanar-Marouane (12 commits)")[![Copilot](https://avatars.githubusercontent.com/in/1143301?v=4)](https://github.com/Copilot "Copilot (2 commits)")

---

Tags

httphttp-serverphpphp-frameworkphp8

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/monkeyscloud-monkeyslegion-http/health.svg)

```
[![Health](https://phpackages.com/badges/monkeyscloud-monkeyslegion-http/health.svg)](https://phpackages.com/packages/monkeyscloud-monkeyslegion-http)
```

###  Alternatives

[cakephp/cakephp

The CakePHP framework

8.9k19.5M1.8k](/packages/cakephp-cakephp)[aws/aws-sdk-php

AWS SDK for PHP - Use Amazon Web Services in your PHP project

6.3k543.5M2.6k](/packages/aws-aws-sdk-php)[typo3/cms

TYPO3 CMS is a free open source Content Management Framework initially created by Kasper Skaarhoj and licensed under GNU/GPL.

1.2k1.9M122](/packages/typo3-cms)[shopware/core

Shopware platform is the core for all Shopware ecommerce products.

585.6M574](/packages/shopware-core)[typo3/cms-core

TYPO3 CMS Core

3713.2M5.1k](/packages/typo3-cms-core)[shopware/platform

The Shopware e-commerce core

3.4k1.5M3](/packages/shopware-platform)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
