From c3744202f60aa617135238acc51232c98dcbb6e4 Mon Sep 17 00:00:00 2001
From: Craig Menning <cmenning@novatexsolutions.com>
Date: Thu, 28 Jan 2016 13:26:57 -0600
Subject: [PATCH] Remove _path from query parameters when fragment is a
 subrequest and request attributes are already set Added tests for _path
 removal in FragmentListener

---
 .../EventListener/FragmentListener.php        |  9 ++++++-
 .../EventListener/FragmentListenerTest.php    | 25 +++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php b/src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
index 04193aadd2..7b5dfb0119 100644
--- a/src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
+++ b/src/Symfony/Component/HttpKernel/EventListener/FragmentListener.php
@@ -58,7 +58,14 @@ class FragmentListener implements EventSubscriberInterface
     {
         $request = $event->getRequest();
 
-        if ($request->attributes->has('_controller') || $this->fragmentPath !== rawurldecode($request->getPathInfo())) {
+        if ($this->fragmentPath !== rawurldecode($request->getPathInfo())) {
+            return;
+        }
+
+        if ($request->attributes->has('_controller')) {
+            // Is a sub-request: no need to parse _path but it should still be removed from query parameters as below.
+            $request->query->remove('_path');
+
             return;
         }
 
diff --git a/src/Symfony/Component/HttpKernel/Tests/EventListener/FragmentListenerTest.php b/src/Symfony/Component/HttpKernel/Tests/EventListener/FragmentListenerTest.php
index fd5d63b167..7cfce98f2e 100644
--- a/src/Symfony/Component/HttpKernel/Tests/EventListener/FragmentListenerTest.php
+++ b/src/Symfony/Component/HttpKernel/Tests/EventListener/FragmentListenerTest.php
@@ -89,6 +89,31 @@ class FragmentListenerTest extends \PHPUnit_Framework_TestCase
         $this->assertFalse($request->query->has('_path'));
     }
 
+    public function testRemovesPathWithControllerDefined()
+    {
+        $request = Request::create('http://example.com/_fragment?_path=foo%3Dbar%26_controller%3Dfoo');
+
+        $listener = new FragmentListener(new UriSigner('foo'));
+        $event = $this->createGetResponseEvent($request, HttpKernelInterface::SUB_REQUEST);
+
+        $listener->onKernelRequest($event);
+
+        $this->assertFalse($request->query->has('_path'));
+    }
+
+    public function testRemovesPathWithControllerNotDefined()
+    {
+        $signer = new UriSigner('foo');
+        $request = Request::create($signer->sign('http://example.com/_fragment?_path=foo%3Dbar'), 'GET', array(), array(), array(), array('REMOTE_ADDR' => '10.0.0.1'));
+
+        $listener = new FragmentListener($signer);
+        $event = $this->createGetResponseEvent($request);
+
+        $listener->onKernelRequest($event);
+
+        $this->assertFalse($request->query->has('_path'));
+    }
+
     private function createGetResponseEvent(Request $request, $requestType = HttpKernelInterface::MASTER_REQUEST)
     {
         return new GetResponseEvent($this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface'), $request, $requestType);