From c567262b7ef15276f6dadd51d9cf7ab608e90774 Mon Sep 17 00:00:00 2001 From: Jaik Dean Date: Wed, 7 Aug 2013 16:21:12 +0100 Subject: [PATCH 1/3] Fixed escaping of service identifiers in configuration --- .../TwigBundle/DependencyInjection/Configuration.php | 8 +++++++- .../Tests/DependencyInjection/Fixtures/php/full.php | 1 + .../Tests/DependencyInjection/Fixtures/xml/full.xml | 1 + .../Tests/DependencyInjection/Fixtures/yml/full.yml | 1 + .../Tests/DependencyInjection/TwigExtensionTest.php | 10 ++++++---- 5 files changed, 16 insertions(+), 5 deletions(-) diff --git a/src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php b/src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php index 5fd2002bed..27011f7f67 100644 --- a/src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php +++ b/src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php @@ -82,7 +82,13 @@ class Configuration implements ConfigurationInterface ->prototype('array') ->beforeNormalization() ->ifTrue(function($v){ return is_string($v) && 0 === strpos($v, '@'); }) - ->then(function($v){ return array('id' => substr($v, 1), 'type' => 'service'); }) + ->then(function($v){ + if (0 === strpos($v, '@@')) { + return substr($v, 1); + } + + return array('id' => substr($v, 1), 'type' => 'service'); + }) ->end() ->beforeNormalization() ->ifTrue(function($v){ diff --git a/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/php/full.php b/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/php/full.php index bad71a38e3..24ba3f60d3 100644 --- a/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/php/full.php +++ b/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/php/full.php @@ -8,6 +8,7 @@ $container->loadFromExtension('twig', array( ), 'globals' => array( 'foo' => '@bar', + 'baz' => '@@qux', 'pi' => 3.14, 'bad' => array('key' => 'foo'), ), diff --git a/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/xml/full.xml b/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/xml/full.xml index 0d3c053c18..85e2d8fd9a 100644 --- a/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/xml/full.xml +++ b/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/xml/full.xml @@ -11,6 +11,7 @@ MyBundle::form.html.twig + @@qux 3.14 path1 path2 diff --git a/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/yml/full.yml b/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/yml/full.yml index afc146154a..ecbc92aff3 100644 --- a/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/yml/full.yml +++ b/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/Fixtures/yml/full.yml @@ -4,6 +4,7 @@ twig: - MyBundle::form.html.twig globals: foo: "@bar" + baz: "@@qux" pi: 3.14 bad: {key: foo} auto_reload: true diff --git a/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/TwigExtensionTest.php b/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/TwigExtensionTest.php index e778a16212..6fb346d379 100644 --- a/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/TwigExtensionTest.php +++ b/src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/TwigExtensionTest.php @@ -63,13 +63,15 @@ class TwigExtensionTest extends TestCase $this->assertEquals(new Reference('templating.globals'), $calls[0][1][1]); $this->assertEquals('foo', $calls[1][1][0], '->load() registers services as Twig globals'); $this->assertEquals(new Reference('bar'), $calls[1][1][1], '->load() registers services as Twig globals'); - $this->assertEquals('pi', $calls[2][1][0], '->load() registers variables as Twig globals'); - $this->assertEquals(3.14, $calls[2][1][1], '->load() registers variables as Twig globals'); + $this->assertEquals('baz', $calls[2][1][0], '->load() registers variables as Twig globals'); + $this->assertEquals('@qux', $calls[2][1][1], '->load() allows escaping of service identifiers'); + $this->assertEquals('pi', $calls[3][1][0], '->load() registers variables as Twig globals'); + $this->assertEquals(3.14, $calls[3][1][1], '->load() registers variables as Twig globals'); // Yaml and Php specific configs if (in_array($format, array('yml', 'php'))) { - $this->assertEquals('bad', $calls[3][1][0], '->load() registers variables as Twig globals'); - $this->assertEquals(array('key' => 'foo'), $calls[3][1][1], '->load() registers variables as Twig globals'); + $this->assertEquals('bad', $calls[4][1][0], '->load() registers variables as Twig globals'); + $this->assertEquals(array('key' => 'foo'), $calls[4][1][1], '->load() registers variables as Twig globals'); } // Twig options From 49f50271d460abceaafc9485d207aa15d72340c4 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 8 Sep 2013 09:24:10 +0200 Subject: [PATCH 2/3] [HttpKernel] fixer HInclude src (closes #8951) --- .../Component/HttpKernel/Fragment/HIncludeFragmentRenderer.php | 3 ++- .../HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/Symfony/Component/HttpKernel/Fragment/HIncludeFragmentRenderer.php b/src/Symfony/Component/HttpKernel/Fragment/HIncludeFragmentRenderer.php index 92c4cecdc9..8aff28df8e 100644 --- a/src/Symfony/Component/HttpKernel/Fragment/HIncludeFragmentRenderer.php +++ b/src/Symfony/Component/HttpKernel/Fragment/HIncludeFragmentRenderer.php @@ -80,7 +80,8 @@ class HIncludeFragmentRenderer extends RoutableFragmentRenderer throw new \LogicException('You must use a proper URI when using the Hinclude rendering strategy or set a URL signer.'); } - $uri = $this->signer->sign($this->generateFragmentUri($uri, $request)); + // we need to sign the absolute URI, but want to return the path only. + $uri = str_replace($request->getSchemeAndHttpHost(), '', $this->signer->sign($this->generateFragmentUri($uri, $request, true))); } // We need to replace ampersands in the URI with the encoded form in order to return valid html/xml content. diff --git a/src/Symfony/Component/HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php b/src/Symfony/Component/HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php index d0d9bb286e..f024a54456 100644 --- a/src/Symfony/Component/HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php +++ b/src/Symfony/Component/HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php @@ -38,7 +38,7 @@ class HIncludeFragmentRendererTest extends \PHPUnit_Framework_TestCase { $strategy = new HIncludeFragmentRenderer(null, new UriSigner('foo')); - $this->assertEquals('', $strategy->render(new ControllerReference('main_controller', array(), array()), Request::create('/'))->getContent()); + $this->assertEquals('', $strategy->render(new ControllerReference('main_controller', array(), array()), Request::create('/'))->getContent()); } public function testRenderWithUri() From 719b2bf67f617e83107fb7e4e4cced80e060051a Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Sun, 8 Sep 2013 12:52:08 +0200 Subject: [PATCH 3/3] [HttpFoundation] fixed regression in the way the request format is handled for duplicated requests (closes #8917) --- src/Symfony/Component/HttpFoundation/Request.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Component/HttpFoundation/Request.php b/src/Symfony/Component/HttpFoundation/Request.php index 00c8ff6ab1..eb4bdb6481 100644 --- a/src/Symfony/Component/HttpFoundation/Request.php +++ b/src/Symfony/Component/HttpFoundation/Request.php @@ -407,7 +407,8 @@ class Request $dup->format = null; if (!$dup->get('_format')) { - $dup->setRequestFormat($this->getRequestFormat()); + // we set the request format to null if the current request is not known + $dup->setRequestFormat($this->getRequestFormat(null)); } return $dup;