* fixes a problem with security (/foo/bar and /foo///bar are not the same URL as far as security is concerned)
* this can still be done in your web server configuration or by adding a core.request listener
* hhamon/cookie_path_fix:
[Security] renamed Cookie::isHttponly() to Cookie::isHttpOnly()
[HttpKernel] renamed Cookie::isHttponly() to Cookie::isHttpOnly()
[BrowserKit] renamed Cookie::isHttponly() to Cookie::isHttpOnly()
[HttpFoundation] fix cookie path default value to / and added some new unit tests to cover the class
* DuoSRX/code-coverage:
[HttpFoundation] Fixed a typo in response->setLastModified()
[HttpFoundation] Added some more tests on response
[HttpFoundation] Added some tests on Response
[HttpFoundation] Replace a duplicated test with a method in Response
Fixed code coverage generation when resources folder are deeper
* jakzal/FileLocatorTest:
[Config] Added missing tests to satisfy 100% test coverage of FileLocator. Made sure that every path returned with locate() is unique.
* digitalkaoz/httpkernel-debug:
[HttpKernel] added tests for debug stuff
[HttpKernel] reset handling if subject::handle throws an exception, otherwise it wouldnt be able to handle furthermore
* schmittjoh/security:
[Security] forward the entire access denied exception instead of only the message
[Security] changed defaults for MessageDigestEncoder
TICKET #9557: session isn't required when using http basic authentification mecanism for example
[Security] improved entropy to make collision attacks harder
[Security] added the 'key' attribute of RememberMeToken to serialized string to be stored in session
Fix the Acl schema generator script.
Added support for the full range of escaped values in double quoted
strings in chapter 5 of the YAML 1.1 and 1.2 specs. The escaping
and unescaping strategies were factored out into separate classes to
keep the logic isolated.
Added examples from the spec to the unit tests for all escaped values.
* kriswallsmith/dic/auto-ext-load:
[HttpKernel] added an subclass merge extension configuration compiler pass to ensure each bundle's "main" extension is loaded
[DependencyInjection] extensions should only load if called during configuration
* schmittjoh/security:
[Security] added method to retrieve the configured remember-me parameter
[Security] Copy token attributes when auth providers create a new token from another
* cristiangsp/Translation_FallbackLocale:
[Translation] Modified Translation unit test "testTransWithFallbackLocale"
[Translation] Fixed the addition of the fallbackLocale catalogue to the current locale catalogue.
[Translation] Added search to FallbackLocale Catalogue.
Now the test shows the behavior when is requested a translation to an undefined locale catalogue and, therefore, the fallbacklocale catalogue must be queried. The original test function only checks the step to reach the language catalog not to the fallbacklocale one (even the fallbacklocale isn't set). This test gives error in the current version of symfony/symfony.