This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation][Session] Fix memcache session handler
| Q | A
| ------------- | ---
| Branch? | 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 3.0, 3.1, master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commit 0216e05605 removed the opening of connection to memcached server on call to `open()`, because it's assumed that connection is already opened. However, `close()` still closes the connection. As a result no more read/write calls can be made if session got closed, as the connection does not get reestablished.
Basically MemcacheSessionHandler should follow same logic as Memcache**d**SessionHandler, which is exactly what this MR acomplishes.
Commits
-------
0423d894 [HttpFoundation][Session] memcached connection should not be closed
This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
* 2.3:
[ci] use hirak/prestissimo
[Filesystem] Fix transient tests
[HttpFoundation] Avoid warnings when checking malicious IPs
[HttpFoundation] Set the Content-Range header if the requested Range is unsatisfied
Conflicts:
appveyor.yml
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] Set the Content-Range header if the requested Range is unsatisfied
| Q | A
| ------------- | ---
| Branch | 2.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This is a followup to https://github.com/symfony/symfony/pull/17150#issuecomment-174509954
[RFC2616](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) specifies the Content-Range header SHOULD be included with a *416 Requested Range Not Satisfiable* response:
> When this status code is returned for a byte-range request, the response SHOULD include a Content-Range entity-header field specifying the current length of the selected resource (see section 14.16). This response MUST NOT use the multipart/byteranges content- type.
[RFC 7233](https://tools.ietf.org/html/rfc7233#section-4.2) specifies what should be the header's value. It's in the "Request for comments" state, but it's the best definition I could find. This value is valid according to rfc2616 as well.
Commits
-------
54329d8 [HttpFoundation] Set the Content-Range header if the requested Range is unsatisfied
* 2.3:
[Finder] Partially revert #17134 to fix a regression
[HttpKernel] Fix mem usage when stripping the prod container
exception when registering bags for started sessions
Conflicts:
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] exception when registering bags for started sessions
| Q | A
| ------------- | ---
| Branch | 2.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10707, #16136
| License | MIT
| Doc PR |
Commits
-------
c4a5b67 exception when registering bags for started sessions
* 2.3:
[HttpFoundation] Fix transient test
[HttpFoundation] Add a dependency on the mbstring polyfill
add readme files where missing
Don't use reflections when possible
[Form] Update form tests after the ICU data update
[Intl] Update tests and the number formatter to match behaviour of the intl extension
[Intl] Update the ICU data to version 55
[Intl] Fix the update-data.php script in preparation for ICU 5.5
Use constant instead of function call.
fixed test name
automatically generate safe fallback filename
Conflicts:
src/Symfony/Component/Debug/Debug.php
src/Symfony/Component/HttpFoundation/composer.json
src/Symfony/Component/Serializer/Tests/Normalizer/GetSetMethodNormalizerTest.php
* 2.3:
[DomCrawler] Dont use LIBXML_PARSEHUGE by default
[Filesystem] Reduce complexity of ->remove()
added tests for non-trusted proxies
add 'guid' to list of exception to filter out
Ensure backend slashes for symlinks on Windows systems
[Filesystem] Try to delete broken symlinks
* 2.3:
#17676 - making the proxy instantiation compatible with ProxyManager 2.x by detecting proxy features
Fix bug when using an private aliased factory service
ChoiceFormField of type "select" could be "disabled"
Update contributing docs
[Console] Fix escaping of trailing backslashes
Fix constraint validator alias being required
[ci] clone with depth=1 to kill push-forced PRs
Add check on If-Range header
This PR was merged into the 2.3 branch.
Discussion
----------
Static code analysis
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Things that done:
* fix case in method calls
* removed unused imports
* use shorter concat where it possible
* optimize some css
* removed duplicated array keys
* removed redurant return statements
* removed one-time variables
* do not pass arguments that not used in functions
Commits
-------
8db691a Static code analysis
* 2.3:
[Request] Ignore invalid IP addresses sent by proxies
Able to load big xml files with DomCrawler
fixed typo
[Form] Fix constraints could be null if not set
[Finder] Check PHP version before applying a workaround for a PHP bug
fixed CS
sort bundles in config:dump-reference command
Fixer findings.
* 2.3:
[SecurityBundle] Optimize dependency injection tests
[HttpFoundation] Do not overwrite the Authorization header if it is already set
tag for dumped PHP objects must be a local one
* 2.3:
[Process] Remove a misleading comment
Improve the phpdoc of SplFileInfo methods
[Process] Use stream based storage to avoid memory issues
Fixed the documentation of VoterInterface::supportsAttribute
Remove useless duplicated tests
[FrameworkBundle] Optimize framework extension tests
Use is_subclass_of instead of Reflection when possible
