diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Support session cookie options with cookie_ prefix

This commit is contained in:
Miha Vrhovnik 2012-02-29 09:44:47 +01:00
parent e0fba80057
commit 6e2a7dabb6
13 changed files with 188 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG-2.1.md
View File

@ -42,6 +42,8 @@ To get the diff between two versions, go to https://github.com/symfony/symfony/c
* added support for placeholders in route defaults and requirements (replaced by the value set in the service container)
* added Filesystem component as a dependency
* added support for hinclude (use ``standalone: 'js'`` in render tag)
* session options: lifetime, path, domain, secure, httponly were deprecated.
Prefixed versions should now be used instead: cookie_lifetime, cookie_path, cookie_domain, cookie_secure, cookie_httponly
* [BC BREAK] following session options: 'lifetime', 'path', 'domain', 'secure', 'httponly'
are now prefixed with cookie_ when dumped to the container
@ -244,7 +246,7 @@ To get the diff between two versions, go to https://github.com/symfony/symfony/c
* Added `Symfony\Component\HttpFoundation\Session\Storage\AbstractSessionStorage` base class for
session storage drivers.
* Added `SessionHandlerInterface` interface which storage drivers should implement after inheriting from
`Symfony\Component\HttpFoundation\Session\Storage\AbstractSessionStorage` when writing custom
`Symfony\Component\HttpFoundation\Session\Storage\AbstractSessionStorage` when writing custom
session save handlers using PHP 5.3. This interface is a stub for the PHP 5.4 interface.
* [BC BREAK] `SessionStorageInterface` methods removed: `write()`, `read()` and `remove()`. Added
`getBag()`, `registerBag()`.

48
UPGRADE-2.1.md
View File

@ -112,9 +112,9 @@ UPGRADE FROM 2.0 to 2.1
protected function load()
{
parent::load();
// load choices
$this->choices = $choices;
}
}
@ -128,7 +128,7 @@ UPGRADE FROM 2.0 to 2.1
public function __construct()
{
// load choices
parent::__construct($choices);
}
}
@ -143,7 +143,7 @@ UPGRADE FROM 2.0 to 2.1
protected function loadChoiceList()
{
// load choices
return new SimpleChoiceList($choices);
}
}
@ -216,7 +216,7 @@ UPGRADE FROM 2.0 to 2.1
```
$builder->add('tags', 'collection', array('prototype' => 'proto'));
// results in the name "$$proto$$" in the template
```
@ -224,7 +224,7 @@ UPGRADE FROM 2.0 to 2.1
```
$builder->add('tags', 'collection', array('prototype' => '__proto__'));
// results in the name "__proto__" in the template
```
@ -244,7 +244,7 @@ UPGRADE FROM 2.0 to 2.1
$this->setMessage($constraint->message, array(
'{{ value }}' => $value,
));
return false;
}
}
@ -260,7 +260,7 @@ UPGRADE FROM 2.0 to 2.1
$this->context->addViolation($constraint->message, array(
'{{ value }}' => $value,
));
return false;
}
}
@ -295,7 +295,7 @@ UPGRADE FROM 2.0 to 2.1
If you used these methods on bound forms, you should consider moving your
logic to an event listener that observes one of the following events:
`FormEvents::PRE_BIND`, `FormEvents::BIND_CLIENT_DATA` or
`FormEvents::BIND_NORM_DATA`.
`FormEvents::BIND_NORM_DATA`.
### Session
@ -341,3 +341,33 @@ UPGRADE FROM 2.0 to 2.1
Any session storage driver that wants to use custom save handlers should
implement `SessionHandlerInterface`.
### FrameworkBundle
* session options: lifetime, path, domain, secure, httponly were deprecated.
Prefixed versions should now be used instead: cookie_lifetime, cookie_path, cookie_domain, cookie_secure, cookie_httponly
Before:
```
framework:
session:
lifetime: 3600
path: \
domain: example.com
secure: true
httponly: true
```
After:
```
framework:
session:
cookie_lifetime: 3600
cookie_path: \
cookie_domain: example.com
cookie_secure: true
cookie_httponly: true
```

15
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
View File

@ -169,11 +169,16 @@ class Configuration implements ConfigurationInterface
->booleanNode('auto_start')->defaultFalse()->end()
->scalarNode('storage_id')->defaultValue('session.storage.native_file')->end()
->scalarNode('name')->end()
->scalarNode('lifetime')->end()
->scalarNode('path')->end()
->scalarNode('domain')->end()
->booleanNode('secure')->end()
->booleanNode('httponly')->end()
->scalarNode('cookie_lifetime')->end()
->scalarNode('cookie_path')->end()
->scalarNode('cookie_domain')->end()
->booleanNode('cookie_secure')->end()
->booleanNode('cookie_httponly')->end()
->scalarNode('lifetime')->setInfo('DEPRECATED! Please use: cookie_lifetime')->end()
->scalarNode('path')->setInfo('DEPRECATED! Please use: cookie_path')->end()
->scalarNode('domain')->setInfo('DEPRECATED! Please use: cookie_domain')->end()
->booleanNode('secure')->setInfo('DEPRECATED! Please use: cookie_secure')->end()
->booleanNode('httponly')->setInfo('DEPRECATED! Please use: cookie_httponly')->end()
->end()
->end()
->end()

8
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
View File

@ -294,14 +294,16 @@ class FrameworkExtension extends Extension
// session storage
$container->setAlias('session.storage', $config['storage_id']);
$options = array();
foreach (array('name', 'auto_start') as $key) {
foreach (array('name', 'cookie_lifetime', 'cookie_path', 'cookie_domain', 'cookie_secure', 'cookie_httponly', 'auto_start') as $key) {
if (isset($config[$key])) {
$options[$key] = $config[$key];
}
}
//drivers require correct names for cookie options e.g the one with cookie_ prefix
//we deprecated session options without cookie_ prefix, but we are still supporting them,
//Let's merge the ones that were supplied without prefix
foreach (array('lifetime', 'path', 'domain', 'secure', 'httponly') as $key) {
if (isset($config[$key])) {
if (!isset($options['cookie_'.$key]) && isset($config[$key])) {
$options['cookie_'.$key] = $config[$key];
}
}

7
src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd
View File

@ -75,11 +75,18 @@
<xsd:complexType name="session">
<xsd:attribute name="storage-id" type="xsd:string" />
<xsd:attribute name="name" type="xsd:string" />
<xsd:attribute name="cookie-lifetime" type="xsd:integer" />
<xsd:attribute name="cookie-path" type="xsd:string" />
<xsd:attribute name="cookie-domain" type="xsd:string" />
<xsd:attribute name="cookie-secure" type="xsd:boolean" />
<xsd:attribute name="cookie-httponly" type="xsd:boolean" />
<!-- deprecated attributes -->
<xsd:attribute name="lifetime" type="xsd:integer" />
<xsd:attribute name="path" type="xsd:string" />
<xsd:attribute name="domain" type="xsd:string" />
<xsd:attribute name="secure" type="xsd:boolean" />
<xsd:attribute name="httponly" type="xsd:boolean" />
<!-- end of deprecated attributes -->
<xsd:attribute name="cache-limiter" type="xsd:string" />
<xsd:attribute name="auto-start" type="xsd:boolean" />
</xsd:complexType>

21
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/deprecated_merge_full.php Normal file
View File

@ -0,0 +1,21 @@
<?php
$container->loadFromExtension('framework', array(
'secret' => 's3cr3t',
'session' => array(
'auto_start' => true,
'storage_id' => 'session.storage.native_file',
'name' => '_SYMFONY',
'lifetime' => 2012,
'path' => '/sf2',
'domain' => 'sf2.example.com',
'secure' => false,
'httponly' => false,
'cookie_lifetime' => 86400,
'cookie_path' => '/',
'cookie_domain' => 'example.com',
'cookie_secure' => true,
'cookie_httponly' => true,
),
));

18
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/deprecated_merge_partial.php Normal file
View File

@ -0,0 +1,18 @@
<?php
$container->loadFromExtension('framework', array(
'secret' => 's3cr3t',
'session' => array(
'auto_start' => true,
'storage_id' => 'session.storage.native_file',
'name' => '_SYMFONY',
'lifetime' => 2012,
'path' => '/sf2',
'domain' => 'sf2.example.com',
'secure' => false,
'cookie_lifetime' => 86400,
'cookie_path' => '/',
'cookie_httponly' => true,
),
));

12
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/deprecated_merge_full.xml Normal file
View File

@ -0,0 +1,12 @@
<?xml version="1.0" ?>
<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:framework="http://symfony.com/schema/dic/symfony"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd
http://symfony.com/schema/dic/symfony http://symfony.com/schema/dic/symfony/symfony-1.0.xsd">
<framework:config secret="s3cr3t">
<framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" lifetime="2012" path="/sf2" domain="sf2.example.com" secure="false" httponly="false" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-httponly="true" />
</framework:config>
</container>

12
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/deprecated_merge_partial.xml Normal file
View File

@ -0,0 +1,12 @@
<?xml version="1.0" ?>
<container xmlns="http://symfony.com/schema/dic/services"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:framework="http://symfony.com/schema/dic/symfony"
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd
http://symfony.com/schema/dic/symfony http://symfony.com/schema/dic/symfony/symfony-1.0.xsd">
<framework:config secret="s3cr3t">
<framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" lifetime="2012" path="/sf2" domain="sf2.example.com" secure="false" httponly="false" cookie-lifetime="86400" cookie-path="/" cookie-httponly="true" />
</framework:config>
</container>

2
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml
View File

@ -12,7 +12,7 @@
<framework:esi enabled="true" />
<framework:profiler only-exceptions="true" />
<framework:router resource="%kernel.root_dir%/config/routing.xml" type="xml" />
<framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" lifetime="86400" path="/" domain="example.com" secure="true" httponly="true" />
<framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-httponly="true" />
<framework:templating assets-version="SomeVersionScheme" cache="/path/to/cache" >
<framework:loader>loader.foo</framework:loader>
<framework:loader>loader.bar</framework:loader>

16
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/deprecated_merge_full.yml Normal file
View File

@ -0,0 +1,16 @@
framework:
secret: s3cr3t
session:
auto_start: true
storage_id: session.storage.native_file
name: _SYMFONY
lifetime: 2012
path: /sf2
domain: sf2.example.com
secure: false
httponly: false
cookie_lifetime: 86400
cookie_path: /
cookie_domain: example.com
cookie_secure: true
cookie_httponly: true

14
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/deprecated_merge_partial.yml Normal file
View File

@ -0,0 +1,14 @@
framework:
secret: s3cr3t
session:
auto_start: true
storage_id: session.storage.native_file
name: _SYMFONY
lifetime: 2012
path: /sf2
domain: sf2.example.com
secure: false
httponly: false
cookie_lifetime: 86400
cookie_path: /
cookie_httponly: true

30
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
View File

@ -89,6 +89,36 @@ abstract class FrameworkExtensionTest extends TestCase
$this->assertTrue($options['cookie_httponly']);
}
public function testSessionDeprecatedMergeFull()
{
$container = $this->createContainerFromFile('deprecated_merge_full');
$this->assertTrue($container->hasDefinition('session'), '->registerSessionConfiguration() loads session.xml');
$options = $container->getParameter('session.storage.options');
$this->assertEquals('_SYMFONY', $options['name']);
$this->assertEquals(86400, $options['cookie_lifetime']);
$this->assertEquals('/', $options['cookie_path']);
$this->assertEquals('example.com', $options['cookie_domain']);
$this->assertTrue($options['cookie_secure']);
$this->assertTrue($options['cookie_httponly']);
}
public function testSessionDeprecatedMergePartial()
{
$container = $this->createContainerFromFile('deprecated_merge_partial');
$this->assertTrue($container->hasDefinition('session'), '->registerSessionConfiguration() loads session.xml');
$options = $container->getParameter('session.storage.options');
$this->assertEquals('_SYMFONY', $options['name']);
$this->assertEquals(86400, $options['cookie_lifetime']);
$this->assertEquals('/', $options['cookie_path']);
$this->assertEquals('sf2.example.com', $options['cookie_domain']);
$this->assertFalse($options['cookie_secure']);
$this->assertTrue($options['cookie_httponly']);
}
public function testTemplating()
{
$container = $this->createContainerFromFile('full');