* 4.2:
[Cache] replace getNsSeparator by NS_SEPARATOR on AbstractTrait
[Cache] fix versioning with SimpleCacheAdapter
Fix expired lock not cleaned
[HttpFoundation] Fix SA/phpdoc JsonResponse
SimpleCacheAdapter fails to cache any item if a namespace is used
validate composite constraints in all groups
[Serializer] Handle true and false appropriately in CSV encoder
Fix binary operation `+`, `-` or `*` on string
[VarDumper] fix dumping objects that implement __debugInfo()
[Routing] fix absolute url generation when scheme is not known
* 3.4:
Fix expired lock not cleaned
[HttpFoundation] Fix SA/phpdoc JsonResponse
SimpleCacheAdapter fails to cache any item if a namespace is used
validate composite constraints in all groups
[Serializer] Handle true and false appropriately in CSV encoder
Fix binary operation `+`, `-` or `*` on string
[VarDumper] fix dumping objects that implement __debugInfo()
[Routing] fix absolute url generation when scheme is not known
* 3.4:
Removed non-existing parameters for LogoutUrlGenerator calls
[HttpKernel] Correctly merging cache directives in HttpCache/ResponseCacheStrategy
[Validator] Add the missing translations for the Latvian ("lv") locale
Fixed the DebugClassLoader compatibility with eval()'d code on Darwin
[Validator] Update Serbian translation file
* 3.4:
fixed CS
fixed short array CS in comments
fixed CS in ExpressionLanguage fixtures
fixed CS in generated files
fixed CS on generated container files
fixed CS on Form PHP templates
fixed CS on YAML fixtures
fixed fixtures
switched array() to []
* 3.4:
fix cs
SCA: consolidate non empty array checks across codebase
[cs] correct invalid @param types
[Bridge/PhpUnit] Use composer to download phpunit
[DI] fix taking lazy services into account when dumping the container
[Form] Fixed empty data for compound date interval
[Cache] fix optimizing Psr6Cache for AdapterInterface pools
deal with explicitly enabled workflow nodes
* 3.4:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 2.8:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 3.4:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[minor] SCA
[Validator] Remove BOM in some xlf files
Fix#27378: Error when rendering a DateIntervalType form with exactly 0 weeks
[HttpKernel] fix session tracking in surrogate master requests
* 2.8:
[HttpKernel] fix PHP 5.4 compat
Fix surrogate not using original request
[Finder] Update RealIteratorTestCase
[Routing] remove unneeded dev dep on doctrine/common
[Validator] Remove BOM in some xlf files
* 3.4:
fixed deprecations in tests
fixed Twig URL
[Cache] Add missing `@internal` tag on ProxyTrait
fix formatting arguments in plaintext format
Fix PSR exception context key
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
fix rendering exception stack traces
[Routing] Fix loading multiple class annotations for invokable classes
* 2.8:
fixed Twig URL
Don't assume that file binary exists on *nix OS
Fix that ESI/SSI processing can turn a \"private\" response \"public\"
[Form] Fixed trimming choice values
This PR was squashed before being merged into the 2.7 branch (closes#26643).
Discussion
----------
Fix that ESI/SSI processing can turn a "private" response "public"
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Under the condition that
* we are merging in at least one *embedded* response,
* all *embedded* responses are `public`,
* the *main* response is `private` and
* all responses use expiration-based caching (note: no `s-maxage` on the *main* response)
... the resulting response will turn to `Cache-Control: public`.
The real issue is that when all responses use expiration-based caching, a combined max age is computed. This is set on the *main* response using `Response::setSharedMaxAge()`, which implicitly sets `Cache-Control: public`.
The fix provided in this PR solves the problem by applying the same logic to the *main* response that is applied for *embedded* responses, namely that responses with `!Response::isCacheable()` will make the resulting response have `Cache-Control: private, no-cache, must-revalidate` and have `(s)max-age` removed.
This makes the change easy to understand, but makes responses uncacheable too often. This is because the `Response::isCacheable()` method was written to determine whether it is safe for a shared cache to keep the response, which is not the case as soon as a `private` response is involved. This might be improved upon in another PR.
Commits
-------
3d27b5946d Fix that ESI/SSI processing can turn a \"private\" response \"public\"
* 3.4: (24 commits)
moved Twig runtime to proper class
fixed deprecated messages in tests
add PHP errors options to XML schema definition
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
Import InvalidArgumentException in PdoAdapter
[DI] Do not suggest writing an implementation when multiple exist
[Intl] Update ICU data to 61.1
Use 3rd person verb form in command description
[Validator] Add Japanese translation
Support phpdbg SAPI in Debug::enable()
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
[DI] Fix hardcoded cache dir for warmups
[Routing] fix tests
[Routing] Fixed the importing of files using glob patterns that match multiple resources
[Ldap] cast to string when checking empty passwords
[Validator] sync validator translation id
[WebProfilerBundle] use the router to resolve file links
no type errors with invalid submitted data types
...
* 2.8:
fixed deprecated messages in tests
[HttpCache] Unlink tmp file on error
Added LB translation for #26327 (Errors sign for people that do not see colors)
[TwigBridge] Fix rendering of currency by MoneyType
[HttpKernel] DumpDataCollector: do not flush when a dumper is provided
* 3.4: (37 commits)
Remove some unused variables and properties
[appveyor] disable memory limit on composer up
[HttpFoundation] don't prefix cookies with "Set-Cookie:"
Remove some unused variables and properties
Fix debug:form definition
Remove some unused variables, properties and methods
fix some edge cases with indented blocks
[ExpressionLanguage] Fix parse error on 5.3
[HttpKernel] remove noisy frame in controller stack traces
[DI] Force root-namespace for function calls in the dumper container
[DI] Fix circular-aliases message
register system cache clearer only if it's used
doc : Namespace prefix must end with a "\"
[ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
Prevent a loop in aliases within the `findDefinition` method
[HttpKernel] Disable inlining on PHP 5
Ensure that inlined services with parameterized class name can be dumped
[DI] Fix non-string class handling in PhpDumper
Throw a sensible exception when controller has been removed
Remove LOCK_EX That Breaks Cache Usage on NFS
...
* 3.3: (21 commits)
[appveyor] disable memory limit on composer up
Remove some unused variables and properties
Remove some unused variables, properties and methods
fix some edge cases with indented blocks
[ExpressionLanguage] Fix parse error on 5.3
[HttpKernel] remove noisy frame in controller stack traces
[DI] Fix circular-aliases message
[ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
Prevent a loop in aliases within the `findDefinition` method
Fix php doc in Table class
bumped Symfony version to 3.3.15
updated VERSION for 3.3.14
updated CHANGELOG for 3.3.14
bumped Symfony version to 2.8.33
updated VERSION for 2.8.32
updated CHANGELOG for 2.8.32
bumped Symfony version to 2.7.40
updated VERSION for 2.7.39
update CONTRIBUTORS for 2.7.39
updated CHANGELOG for 2.7.39
...
* 2.8:
Remove some unused variables, properties and methods
[ExpressionLanguage] Fix parse error on 5.3
[HttpKernel] remove noisy frame in controller stack traces
[ExpressionLanguage] throw an SyntaxError instead of letting a undefined index notice
Fix php doc in Table class
bumped Symfony version to 2.8.33
updated VERSION for 2.8.32
updated CHANGELOG for 2.8.32
bumped Symfony version to 2.7.40
updated VERSION for 2.7.39
update CONTRIBUTORS for 2.7.39
updated CHANGELOG for 2.7.39