This PR was merged into the 2.0 branch.
Commits
-------
e6bb156 remove realpath call
Discussion
----------
[HttpKernel] remove realpath call
I'm trying to create an executable phar archive from a Symfony application, but when I run the phar, it fails to find any commands because of this php bug/feature:
https://bugs.php.net/bug.php?id=52769
After this change, my archive works just like a normal app/console call
I'm trying to create an executable phar archive from a Symfony application, but when I run the phar, it fails to find any commands because of this php bug/feature:
https://bugs.php.net/bug.php?id=52769
After this change, my archive works just like a normal app/console call
This PR was merged into the 2.0 branch.
Commits
-------
8bb3208 [Config] Loader::import must return imported data
Discussion
----------
[2.0][2.1][2.2] [Config] Loader::import must return imported data
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
License of the code: MIT
---------------------------------------------------------------------------
by fabpot at 2012-12-07T13:40:58Z
why?
---------------------------------------------------------------------------
by hason at 2012-12-07T20:57:06Z
We should support both approaches to importing. The first case assumes shared object accross all the loaders (loading DI configuration) and the second case requires returning of imported object (merging route collections).
---------------------------------------------------------------------------
by stof at 2012-12-07T21:38:42Z
@fabpot As ``load`` can have a return value, this PR makes sense IMO
---------------------------------------------------------------------------
by fabpot at 2012-12-10T12:44:09Z
This change should be done in master then.
---------------------------------------------------------------------------
by stof at 2012-12-10T14:43:18Z
@fabpot I would consider it as a bugfix. The routing loaders are simply broken (as of 2.0) if the loader does not extend from FileLoader (which overwrites the ``import`` method and takes care to return the value). the routing loaders expect to receive the loaded data when importing instead of loosing the imported data entirely: https://github.com/symfony/Routing/blob/2.0/Loader/XmlFileLoader.php#L80
This PR was merged into the 2.0 branch.
Commits
-------
447ff91 [HttpFoundation] changed UploadedFile::move() to use move_uploaded_file() when possible (closes#5878, closes#6185)
Discussion
----------
[HttpFoundation] changed UploadedFile::move() to use move_uploaded_file() when possible (closes#5878, closes#6185)
An alternative for #5878 and it fixes#6185.
This PR was merged into the 2.0 branch.
Commits
-------
0489799 [HttpFoundation] added a check for the host header value
Discussion
----------
[HttpFoundation] added a check for the host header value
alternative for #3865
This PR was merged into the 2.0 branch.
Commits
-------
5fe58bf [Locale] fixed tests
500cc3c [Config] Fixed tests on Windows
Discussion
----------
[2.0] Fixed tests
---------------------------------------------------------------------------
by fabpot at 2012-12-05T15:25:23Z
Is it a backport of some commits that were merged in 2.1/master?
---------------------------------------------------------------------------
by hason at 2012-12-05T22:17:15Z
I backported 65281fb56c and modified 90d6dc3791
This makes the app global variable available also when accessing the Twig
environment directly instead of using the TwigEngine.
Conflicts:
src/Symfony/Bridge/Twig/CHANGELOG.md
src/Symfony/Bundle/TwigBundle/Resources/config/twig.xml
src/Symfony/Bundle/TwigBundle/TwigEngine.php
This PR was merged into the 2.0 branch.
Commits
-------
eec7885 needs to use simpleContent in xsd to allow empty elements
Discussion
----------
needs to use simpleContent in xsd to allow empty elements
This PR was merged into the 2.0 branch.
Commits
-------
57edf56 removed wrong routing xsd statement `mixed="true"`
Discussion
----------
removed wrong routing xsd statement `mixed="true"`
mixed="true" means that the element could contain both text and other elements, e.g.
`<requirement key="_locale">text <subelement /></requirement>`
But this wrong and such a definition would not even validate against the scheme as the xsd does not define which elements would be expected inside.
This PR was merged into the 2.0 branch.
Commits
-------
d5623b4 removed unused attribute from routing.xsd
Discussion
----------
removed unused attribute from routing.xsd
mixed="true" means that the element could contain both text and other elements, e.g.
`<requirement key="_locale">text <subelement /></requirement>`
But this wrong and such a definition would not even validate against the scheme as the xsd does not define which elements would be expected inside.
This PR was merged into the 2.0 branch.
Commits
-------
ac77c5b [Form] Updated checks for the ICU version from 4.5+ to 4.7+ due to test failures with ICU 4.6
Discussion
----------
[Form] Updated checks for the ICU version from 4.5+ to 4.7+
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
This PR was merged into the 2.0 branch.
Commits
-------
2d9a6fc Use Norm Data instead of Data
Discussion
----------
[Form] Use Norm Data instead of App Data
This listener is triggered when normalized data are binded.
We have to use $event->getForm()->getNormData() instead of $event->getForm()->getData().
I have made a new FormType having 'entity' as parent and having a NormTransformer. I encountered a problem in MergeCollectionListener when the request is binded.
My commit fix it.
This PR was merged into the 2.0 branch.
Commits
-------
29bfa13 small fix of #5984 when the container param is not set
Discussion
----------
small fix of #5984 when the container param is not set
this can happen when the config for the router is unset, but this method does not need to depend on routing. reading an unset config would raise an exception.
---------------------------------------------------------------------------
by Tobion at 2012-11-19T20:44:31Z
Ops, I guess it's wrong. Travis will probably confirm this in a moment.
I will correct that.
---------------------------------------------------------------------------
by flojon at 2012-11-20T22:40:07Z
Yeah you changed the logic...
---------------------------------------------------------------------------
by Tobion at 2012-11-21T14:42:48Z
ok it's fixed.
this can happen when the config for the router is unset, but this method
does not need to depend on routing. reading an unset config would raise an exception.
This PR was merged into the 2.0 branch.
Commits
-------
64b54dc Use better default ports in urlRedirectAction
64216f2 Add tests for urlRedirectAction
Discussion
----------
Default to current port in urlRedirectAction
I was a bit surprised when I used urlRedirectAction from a non-standard port (8000) it redirected me to port 80. I would argue that the default should be to use the current port instead. This is a simple patch to change that. This should only break in the case someone is relying on the current default to redirect from a non-standard port to the standard port, which should be a really rare case...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T20:29:54Z
The idea is right but the implementation not. Seems this patch is not as "simple" as you said.
When you're on HTTPS and want to redirect to $scheme = HTTP, then it still uses the current HTTPS port which is wrong.
---------------------------------------------------------------------------
by flojon at 2012-11-11T20:36:47Z
Ah, I see the problem. So I guess the correct behavior would be to use the current port if staying with the same scheme or go to standard port if switching scheme. Unless the user has specified a port which will always override...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T20:42:18Z
That would be the best solution that is currently possible but not the best solution that should be possible.
Because if you switch scheme but the other scheme does not use the standard port, it still doesn't work.
Ideally the Request class had an option that allows to define the ports symfony should use for HTTP and HTTPS.
This logic is in RequestContext, but it's not used here.
---------------------------------------------------------------------------
by flojon at 2012-11-11T21:32:55Z
Bummer, I forgot to check if the current port is a standard port...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T21:35:13Z
add some tests
---------------------------------------------------------------------------
by flojon at 2012-11-11T23:28:18Z
Added tests and fixed my previous error
---------------------------------------------------------------------------
by flojon at 2012-11-15T18:25:12Z
@Tobion is there anything else I needed for this?
---------------------------------------------------------------------------
by fabpot at 2012-11-19T12:56:04Z
To be consistent with how we manage HTTP ports elsewhere, I'd rather use the values of the `request_listener.http_port` and `request_listener.https_port`:
```php
if (null === $httpPort) {
$httpPort = $this->container->getParameter('request_listener.http_port');
}
if (null === $httpsPort) {
$httpsPort = $this->container->getParameter('request_listener.https_port');
}
```
This is done in the `security.authentication.retry_entry_point` service and for the `router_listener` listener.
The parameter name is probably not the best one, but that could be changed then in master.
---------------------------------------------------------------------------
by flojon at 2012-11-19T13:49:18Z
@fabpot But then you would need to set that parameter manually right? It wouldn't automatically redirect you to the same port, which was what I wanted to achieve...
Could this be the right order of preference:
If a value was specified in the route use that.
Otherwise use the current port
unless switching scheme then use the parameter value
---------------------------------------------------------------------------
by fabpot at 2012-11-19T13:52:17Z
Your order of preference looks good to me.
---------------------------------------------------------------------------
by flojon at 2012-11-19T19:13:19Z
Man this was more involved than I thought... :)
Changed the logic to use the parameters when not using the current port. Also tried clean up the tests a little bit... Enjoy!
This PR was merged into the 2.0 branch.
Commits
-------
f2cbea3 [Security] remove escape charters from username provided by Digest DigestAuthenticationListener
80f6992 [Security] added test extra for digest authentication
d66b03c fixed CS
694697d [Security] Fixed digest authentication
c067586 [Security] Fixed digest authentication
Discussion
----------
Fix digest authentication
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets:
Todo: -
License of the code: MIT
Documentation PR: -
Replaces: #5485
This adds the missing fixes.
My only concerns is the ```\"``` removing.
```\"``` is only needed for the HTTP transport, but keeping them would require to also store the username with the escapes as well.
---------------------------------------------------------------------------
by fabpot at 2012-10-30T11:25:28Z
The digest authentication mechanism is not that widespread due to its limitation. And the transport is not HTTP, I think we are talking about very few cases.
---------------------------------------------------------------------------
by sstok at 2012-10-30T12:49:14Z
Apache seems to remove (ignore) escape characters.
```c
if (auth_line[0] == '=') {
auth_line++;
while (apr_isspace(auth_line[0])) {
auth_line++;
}
vv = 0;
if (auth_line[0] == '\"') { /* quoted string */
auth_line++;
while (auth_line[0] != '\"' && auth_line[0] != '\0') {
if (auth_line[0] == '\\' && auth_line[1] != '\0') {
auth_line++; /* escaped char */
}
value[vv++] = *auth_line++;
}
if (auth_line[0] != '\0') {
auth_line++;
}
}
else { /* token */
while (auth_line[0] != ',' && auth_line[0] != '\0'
&& !apr_isspace(auth_line[0])) {
value[vv++] = *auth_line++;
}
}
value[vv] = '\0';
}
```
But would this change be a BC break for people already using quotes but without a comma and thus they never hit this bug?
The change it self is minimum, just calling ```str_replace('\\\\', '\\', str_replace('\\"', '"', $value))``` when getting the username.
---------------------------------------------------------------------------
by fabpot at 2012-11-13T13:00:12Z
@sstok Doing the same as Apache seems the best option here (just document the BC break).
---------------------------------------------------------------------------
by sstok at 2012-11-15T16:05:00Z
Hopefully I did this correct, but the needed escapes seem correctly removed.
`\"` is changed to `"` `\\` is changed to `\`
`\'` it kept as it is, as this needs no correcting.
@Vincent-Simonin Can you verify please.
---------------------------------------------------------------------------
by Vincent-Simonin at 2012-11-19T09:28:18Z
Authentication didn't work with this configuration :
```
providers:
in_memory:
name: in_memory
users:
te"st: { password: test, roles: [ 'ROLE_USER' ] }
```
`te"st` was set in authentication form's user field.
(Must we also escape `"` in configuration file ?)
Tests were performed with nginx.
---------------------------------------------------------------------------
by sstok at 2012-11-19T09:33:34Z
Yes. YAML escapes using an duplicate quote, like SQL.
```yaml
providers:
in_memory:
name: in_memory
users:
"te""st": { password: test, roles: [ 'ROLE_USER' ] }
```
This PR was merged into the 2.0 branch.
Commits
-------
32dc31e [SecurityBundle] Convert Http method to uppercase in the config
Discussion
----------
[SecurityBundle] Convert Http method to uppercase in the config
This is not striclty required as method names would be converted to uppercase by the matcher after #5988.
However I think it is better to always use uppercase for http method names.
The config UT has also been improved as part of this PR.
This is good to propagate to 2.1 & 2.2 also.
This PR was submitted for the master branch but it was merged into the 2.0 branch instead (closes#6015).
Commits
-------
f61c019 Update src/Symfony/Component/DomCrawler/Tests/FormTest.php
9b3aaf2 Update src/Symfony/Component/DomCrawler/Form.php
Discussion
----------
FIX: Malformed field path ""
In case we have the name attribute empty.
---------------------------------------------------------------------------
by fabpot at 2012-11-15T06:12:35Z
Can you add a unit test for that case?
---------------------------------------------------------------------------
by bierdok at 2012-11-15T09:21:01Z
Voila.