* 2.3:
[Routing] use constants in tests
[Validator] Allow an empty path in a URL with only a fragment or a query
[HttpFoundation] Fix some typo in the Request doc
fixed CS
Added separated handling of root paths
This PR was squashed before being merged into the 3.0-dev branch (closes#8967).
Discussion
----------
[HttpFoundation] Request->getRequestFormat should only rely on the request attributes
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | possibly
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8966
| License | MIT
| Doc PR |
Added test case and fix for #8966. Is this functionality relied on somewhere?
Commits
-------
7115c1e [HttpFoundation] Request->getRequestFormat should only rely on the request attributes
* 2.3:
Windows and Intl fixes
Add appveyor.yml for C.I. on Windows
[travis] merge php: nightly and deps=high test-matrix lines
[Security] Add missing docblock in PreAuthenticatedToken
Conflicts:
.travis.yml
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/HttpFoundation/JsonResponse.php
src/Symfony/Component/Intl/DateFormatter/IntlDateFormatter.php
* 2.6:
[Security] fix check for empty usernames
[Form] updated exception message of ButtonBuilder::setRequestHandler()
[travis] Fix deps=high jobs
[HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
[DependencyInjection] Remove unused code in XmlFileLoader
[HttpFoundation] Behaviour change in PHP7 for substr
bumped Symfony version to 2.3.32
updated VERSION for 2.3.31
update CONTRIBUTORS for 2.3.31
updated CHANGELOG for 2.3.31
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/composer.json
* 2.3:
[Security] fix check for empty usernames
[Form] updated exception message of ButtonBuilder::setRequestHandler()
[travis] Fix deps=high jobs
[HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
[DependencyInjection] Remove unused code in XmlFileLoader
[HttpFoundation] Behaviour change in PHP7 for substr
bumped Symfony version to 2.3.32
updated VERSION for 2.3.31
update CONTRIBUTORS for 2.3.31
updated CHANGELOG for 2.3.31
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was squashed before being merged into the 2.3 branch (closes#15249).
Discussion
----------
[HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | not yet
* Allows to fix tests of https://github.com/symfony/psr-http-message-bridge with PHP 5.6.
* Ease the transition to PSR-7 (in PSR-7, almost everything is stream - #15186)
Maybe should I open it against 2.8 but it can be considered a bug fix at least for the part "returning a string as a resource".
Commits
-------
059964d [HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content
In PHP7 the behaviour of substr() changed.
To resume: "Truncating an entire string should result in a string."
See: https://bugs.php.net/bug.php?id=62922
* 2.6:
Added 'default' color
[HttpFoundation] Reload the session after regenerating its id
[HttpFoundation] Add a test case to confirm a bug in session migration
[2.6] Static Code Analysis for Components and Bundles
[Finder] Command::addAtIndex() fails with Command instance argument
[DependencyInjection] Freeze also FrozenParameterBag::remove
[Twig][Bridge] replaced `extends` with `use` in bootstrap_3_horizontal_layout.html.twig
fix CS
fixed CS
Add a way to reset the singleton
[Security] allow to use `method` in XML configs
Remove duplicate example
Remove var not used due to returning early (introduced in 8982c32)
Enhance hhvm test skip message
* 2.3:
Added 'default' color
[HttpFoundation] Reload the session after regenerating its id
[HttpFoundation] Add a test case to confirm a bug in session migration
[Finder] Command::addAtIndex() fails with Command instance argument
[DependencyInjection] Freeze also FrozenParameterBag::remove
fix CS
fixed CS
Add a way to reset the singleton
[Security] allow to use `method` in XML configs
Remove var not used due to returning early (introduced in 8982c32)
Enhance hhvm test skip message
* 2.3:
Fixed the regexp for the validator of Maestro-based credit/debit cards
[Console] Fix STDERR output text on IBM iSeries OS400
[HttpFoundation] Use convention to allow throwing from __toString()
[Form] Fixed: remove quoted strings from Intl date formats (e.g. es_ES full pattern)
[bugfix][MonologBridge] WebProcessor: passing to BaseWebProcessor
[2.3] Static Code Analysis for Components
[Translation][update cmd] taken account into bundle overrides path.
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/TranslationUpdateCommand.php
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/Validator/Constraints/CardSchemeValidator.php
* 2.6:
[Validator] remove partial deprecation annotation
Updated UPGRADE-2.4.md
[Form] Support DateTimeImmutable in transform()
[Form] add test to avoid regression of #14891
without this change allways the legacy code get called
[Form] Fix call to removed method (BC broken in 2.3)
[HttpFoundation] Get response content as resource several times for PHP >= 5.6
Improved duplicated code in FileLocator
* 2.3:
[Form] Support DateTimeImmutable in transform()
[Form] Fix call to removed method (BC broken in 2.3)
[HttpFoundation] Get response content as resource several times for PHP >= 5.6
Improved duplicated code in FileLocator
* 2.6: (30 commits)
[Translation] fixed JSON loader on PHP 7 when file is empty
Fix typo
Check instance of FormBuilderInterface instead of FormBuilder
[Security] TokenBasedRememberMeServices test to show why encoding username is required
[Security] AbstractRememberMeServices::encodeCookie() validates cookie parts
fixed typo
[console][formater] allow format toString object.
[HttpFoundation] Fix baseUrl when script filename is contained in pathInfo
Avoid redirection to XHR URIs
[HttpFoundation] IpUtils::checkIp4() should allow networks
[2.6] Fix HTML escaping of to-source links
Fix HTML escaping of to-source links
ExceptionHandler: More Encoding
Fix the rendering of deprecation log messages
[FrameworkBundle] Removed unnecessary parameter in TemplateController
[DomCrawler] Throw an exception if a form field path is incomplete.
Fixed the indentation in the compiled template for the DumpNode
[Console] Delete duplicate test in CommandTest
[TwigBundle] Refresh twig paths when resources change.
WebProfiler break words
...
Conflicts:
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/logger.html.twig
src/Symfony/Component/Debug/ExceptionHandler.php
* 2.3:
Fix typo
Check instance of FormBuilderInterface instead of FormBuilder
[Security] TokenBasedRememberMeServices test to show why encoding username is required
[Security] AbstractRememberMeServices::encodeCookie() validates cookie parts
[console][formater] allow format toString object.
[HttpFoundation] Fix baseUrl when script filename is contained in pathInfo
Avoid redirection to XHR URIs
[HttpFoundation] IpUtils::checkIp4() should allow networks
Fix HTML escaping of to-source links
[FrameworkBundle] Removed unnecessary parameter in TemplateController
[DomCrawler] Throw an exception if a form field path is incomplete.
[Console] Delete duplicate test in CommandTest
[TwigBundle] Refresh twig paths when resources change.
WebProfiler break words
fixed typo
Update README.md
[HttpKernel] Handle an array vary header in the http cache store
[Security][Translation] fixes#14584
[Framework] added test for Router commands.
Handled bearer authorization header in REDIRECT_ form
Conflicts:
src/Symfony/Component/Debug/ExceptionHandler.php
This PR was squashed before being merged into the 2.3 branch (closes#14335).
Discussion
----------
[HttpFoundation] Fix baseUrl when script filename is contained in pathInfo
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13617
| License | MIT
| Doc PR |
When the script filename is just /index.php, dirname() returns '/' for it. In Request::prepareBaseUrl() we append '/' to it (as introduced in #13039), which is wrong in this scenario as the resulting string is '//'.
When we rtrim('/') the output of dirname() then '/' would be constructed in this case, and in all other cases it makes no difference as dirname() already trims the right forward slash if there are path segments.
The test-cases should clarify the exact scenario.
Commits
-------
f24a6dd [HttpFoundation] Fix baseUrl when script filename is contained in pathInfo
* 2.6:
[DebugBundle] Allow alternative destination for dumps
[DebugBundle] Use output mechanism of dumpers instead of echoing
[DebugBundle] Always collect dumps
Fix tests in HHVM
CS: Pre incrementation/decrementation should be used if possible
Conflicts:
src/Symfony/Component/Finder/Expression/Glob.php
* 2.3:
Fix tests in HHVM
CS: Pre incrementation/decrementation should be used if possible
Conflicts:
src/Symfony/Bundle/TwigBundle/Command/LintCommand.php
src/Symfony/Component/Console/Helper/TableHelper.php
src/Symfony/Component/EventDispatcher/Tests/EventDispatcherTest.php
src/Symfony/Component/HttpKernel/DataCollector/LoggerDataCollector.php
src/Symfony/Component/HttpKernel/HttpCache/EsiResponseCacheStrategy.php
src/Symfony/Component/Security/Acl/Dbal/AclProvider.php
src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeServices.php
This PR was merged into the 2.3 branch.
Discussion
----------
CS: Pre incrementation/decrementation should be used if possible
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Fixes provided by new fixer: https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/1113
If this pr is merged I would change the level of the fixer to `symfony`.
Commits
-------
c5123d6 CS: Pre incrementation/decrementation should be used if possible
* 2.6: (25 commits)
[2.6] link to https://symfony.com where possible
Do not override PHP constants, only use when available
link to https://symfony.com where possible
[FrameworkBundle] Added missing log in server:run command
[Finder] Only use GLOB_BRACE when available
[HttpFoundation] Allow curly braces in trusted host patterns
Fix merge
Fix typo in variable name
[profiler][security] check authenticated user by tokenClass instead of username.
[WebProfiler] fix html syntax for input types
[TwigBundle] Fix deprecated use of FlattenException
[DependencyInjection] Removed extra strtolower calls
Use https://symfony.com/search for searching
[Debug] PHP7 compatibility with BaseException
[Validator] Fixed Choice when an empty array is used in the "choices" option
Fixed tests
[StringUtil] Fixed singularification of 'selfies'
Fix Portuguese (Portugal) translation for Security
improved exception when missing required component
[DependencyInjection] resolve circular reference
...
Conflicts:
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/config.html.twig
src/Symfony/Component/Form/README.md
src/Symfony/Component/Intl/README.md
src/Symfony/Component/Security/README.md
src/Symfony/Component/Translation/README.md
src/Symfony/Component/Validator/README.md
* 2.3:
link to https://symfony.com where possible
[FrameworkBundle] Added missing log in server:run command
[HttpFoundation] Allow curly braces in trusted host patterns
[profiler][security] check authenticated user by tokenClass instead of username.
Use https://symfony.com/search for searching
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Test/WebTestCase.php
src/Symfony/Component/Form/README.md
src/Symfony/Component/Intl/README.md
src/Symfony/Component/Routing/composer.json
src/Symfony/Component/Security/README.md
src/Symfony/Component/Translation/README.md
src/Symfony/Component/Validator/README.md
* 2.6: (24 commits)
[HttpKernel] Embed the original exception as previous to bounced exceptions
[Enhancement] netbeans - force interactive shell when limited detection
[FrameworkBundle] fixes displaying of deprecation notices.
Revert "Added missing changelog entry"
[Debug] Tweak docblocks
[Debug] Rework a bit the PHP doc
Added missing changelog entry
[StringUtil] Fixed singularification of 'movies'
[Debug] Renamed "context" key to "scope_vars" to avoid any ambiguity
Fix some phpdocs for Twig extensions & templating helpers
[Debug] Made code in ErrorHandler easier to read
Use specialized config methods instead of the generic ifTrue() method
Fix the AJAX profiling
bumped Symfony version to 2.6.7
updated VERSION for 2.6.6
updated CHANGELOG for 2.6.6
Safe escaping of fragments for eval()
bumped Symfony version to 2.3.28
updated VERSION for 2.3.27
update CONTRIBUTORS for 2.3.27
...
Conflicts:
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.3:
bumped Symfony version to 2.3.28
updated VERSION for 2.3.27
update CONTRIBUTORS for 2.3.27
updated CHANGELOG for 2.3.27
isFromTrustedProxy to confirm request came from a trusted proxy.
Safe escaping of fragments for eval()
Conflicts:
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpKernel/HttpCache/Esi.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.6:
Fix small coding style
[2.3] Static Code Analysis for Components
[Form] fixed phpdoc
CS: Convert double quotes to single quotes
Fixed MongoODM entity loader. Improved loading behavior of entities and documents by reusing entity loader.
[Validator] added Japanese translation for unmatched charset (id: 80)
[WebProfilerBundle] fixed undefined buttons.
[WebProfilerBundle] Fix javascript toolbar on IE8
[DependencyInjection] Highest precedence for user parameters
bumped Symfony version to 2.6.6
[Translation][MoFileLoader] fixed load empty translation.
updated VERSION for 2.6.5
updated CHANGELOG for 2.6.5
bumped Symfony version to 2.3.27
updated VERSION for 2.3.26
update CONTRIBUTORS for 2.3.26
updated CHANGELOG for 2.3.26
[HttpKernel] UriSigner::buildUrl - default params for http_build_query
Conflicts:
src/Symfony/Bridge/Propel1/Tests/DataCollector/PropelDataCollectorTest.php
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Http/Firewall/AbstractPreAuthenticatedListener.php
src/Symfony/Component/Validator/Resources/translations/validators.ja.xlf
* 2.6:
[HttpFoundation] MongoDbSessionHandler::read() now checks for valid session age
Changed visibility of setUp() and tearDown to protected
[WebProfilerBundle] Set debug+charset on the ExceptionHandler fallback
Added default button class
used HTML5 meta charset tag and removed hardcoded ones
Revert "bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)"
fixed XSS in the exception handler
Php Inspections (EA Extended) - static code analysis includes:
[2.3] Remove most refs uses
Test with local components instead of waiting for the subtree-splitter when possible
Conflicts:
.travis.yml
* 2.3:
Changed visibility of setUp() and tearDown to protected
fixed XSS in the exception handler
Php Inspections (EA Extended) - static code analysis includes:
[2.3] Remove most refs uses
Test with local components instead of waiting for the subtree-splitter when possible
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php
src/Symfony/Component/Config/Util/XmlUtils.php
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/OptionsResolver/Options.php
src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php
src/Symfony/Component/Yaml/Inline.php
Reduce couple count calls in [Yaml]
Modernize type casting, fix several strict comparisons
Unsets merged
Elvis operator usage
Short syntax for applied operations
* 2.6: (46 commits)
fixxed order of usage
[2.7] [Form] Replaced calls to array_search() by in_array() where is no need to get the index
[Process] Make test AbstractProcessTest::testStartAfterATimeout useful again
removed non-sense example
Fixes small typo.
[Validator] Remove unnecessary include in tests
[HttpFoundation] minor: clarify Request::getUrlencodedPrefix() regex
fixed typo
[Validator] fix DOS-style line endings
Drop useless execution bit
bumped Symfony version to 2.6.5
[Serializer] update changelog
updated VERSION for 2.6.4
updated CHANGELOG for 2.6.4
bumped Symfony version to 2.5.11
[HttpKernel] Added use of provided by #12022 method to instantiate controller class in bundle's controller resolver
updated VERSION for 2.5.10
updated CHANGELOG for 2.5.10
[Validator] Add a Russian translation for invalid charset message
[2.3] [Validator] spanish translation for invalid charset message
...
Conflicts:
src/Symfony/Bridge/Doctrine/Validator/Constraints/UniqueEntityValidator.php
src/Symfony/Component/HttpKernel/Exception/FatalErrorException.php
src/Symfony/Component/HttpKernel/Exception/FlattenException.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Tests/Generator/UrlGeneratorTest.php
src/Symfony/Component/Validator/Resources/translations/validators.de.xlf
src/Symfony/Component/Validator/Resources/translations/validators.en.xlf
src/Symfony/Component/Validator/Resources/translations/validators.es.xlf
src/Symfony/Component/Validator/Resources/translations/validators.fr.xlf
src/Symfony/Component/Validator/Resources/translations/validators.pl.xlf
src/Symfony/Component/Validator/Resources/translations/validators.ru.xlf
src/Symfony/Component/Validator/Resources/translations/validators.sl.xlf
* 2.5:
fixxed order of usage
[2.7] [Form] Replaced calls to array_search() by in_array() where is no need to get the index
[Process] Make test AbstractProcessTest::testStartAfterATimeout useful again
[Validator] Remove unnecessary include in tests
[HttpFoundation] minor: clarify Request::getUrlencodedPrefix() regex
fixed typo
[Validator] fix DOS-style line endings
bumped Symfony version to 2.5.11
updated VERSION for 2.5.10
updated CHANGELOG for 2.5.10
[Validator] Add a Russian translation for invalid charset message
[2.3] [Validator] spanish translation for invalid charset message
[Routing] make host matching case-insensitive according to RFC 3986
Conflicts:
src/Symfony/Component/Console/Application.php
src/Symfony/Component/Console/Tests/Fixtures/application_1.txt
src/Symfony/Component/Console/Tests/Fixtures/application_2.txt
src/Symfony/Component/Console/Tests/Fixtures/application_astext1.txt
src/Symfony/Component/Console/Tests/Fixtures/application_astext2.txt
src/Symfony/Component/Console/Tests/Fixtures/application_gethelp.txt
src/Symfony/Component/Console/Tests/Fixtures/application_run1.txt
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Validator/Resources/translations/validators.bg.xlf
src/Symfony/Component/Validator/Resources/translations/validators.es.xlf
src/Symfony/Component/Validator/Resources/translations/validators.ru.xlf
* 2.3:
fixxed order of usage
[2.7] [Form] Replaced calls to array_search() by in_array() where is no need to get the index
[Process] Make test AbstractProcessTest::testStartAfterATimeout useful again
[Validator] Remove unnecessary include in tests
[HttpFoundation] minor: clarify Request::getUrlencodedPrefix() regex
fixed typo
[Validator] fix DOS-style line endings
[Validator] Add a Russian translation for invalid charset message
[2.3] [Validator] spanish translation for invalid charset message
[Routing] make host matching case-insensitive according to RFC 3986
Conflicts:
src/Symfony/Component/Routing/Tests/Generator/UrlGeneratorTest.php
src/Symfony/Component/Validator/Resources/translations/validators.es.xlf
src/Symfony/Component/Validator/Resources/translations/validators.ru.xlf
* 2.6:
[2.3] [HttpFoundation] [MimeTypeGuesser]
Removed dead code and various cleaning
Removed dead code and various cleaning
[FrameworkBundle][xsd] added missing logging attribute.
[Console] Make it clear that the second argument is not about command options.
Added the '-' character for spaceless on tag start and end to be consistent for block, if, set and for nodes
[Yaml] fixed parse shortcut Key after unindented collection.
[Console] fixed#10531
Make the container considered non-fresh if the environment parameters are changed
* 2.5:
[2.3] [HttpFoundation] [MimeTypeGuesser]
Removed dead code and various cleaning
[Console] Make it clear that the second argument is not about command options.
Added the '-' character for spaceless on tag start and end to be consistent for block, if, set and for nodes
[Yaml] fixed parse shortcut Key after unindented collection.
[Console] fixed#10531
Make the container considered non-fresh if the environment parameters are changed
Conflicts:
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
* 2.3:
[2.3] [HttpFoundation] [MimeTypeGuesser]
Removed dead code and various cleaning
[Console] Make it clear that the second argument is not about command options.
Added the '-' character for spaceless on tag start and end to be consistent for block, if, set and for nodes
[Yaml] fixed parse shortcut Key after unindented collection.
[Console] fixed#10531
Make the container considered non-fresh if the environment parameters are changed
Conflicts:
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
src/Symfony/Bridge/Twig/Resources/views/Form/form_table_layout.html.twig
src/Symfony/Component/Console/Tests/ApplicationTest.php
src/Symfony/Component/Security/Core/Authentication/Provider/PreAuthenticatedAuthenticationProvider.php
* 2.6:
Minor plural/singular change
print error message if server couldn't be started
[HttpFoundation] [Request] fix baseUrl parsing to fix wrong path_info
[Twig][Bridge][TranslationDefaultDomain] add support of named arguments.
[Form] Improved exception message if the data class is not found
Fixes ArgvInput's argument getter with empty tokens
execute cheaper checks before more expensive ones
[DependencyInjection] Fix missing ExpressionLanguageProviders on extension bild
[FrameworkBundle] FormDataCollector should be loaded only if form config is enabled
* 2.5:
[HttpFoundation] [Request] fix baseUrl parsing to fix wrong path_info
[Twig][Bridge][TranslationDefaultDomain] add support of named arguments.
[Form] Improved exception message if the data class is not found
Fixes ArgvInput's argument getter with empty tokens
execute cheaper checks before more expensive ones
[FrameworkBundle] FormDataCollector should be loaded only if form config is enabled
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Resources/config/collectors.xml
* 2.3:
[HttpFoundation] [Request] fix baseUrl parsing to fix wrong path_info
[Twig][Bridge][TranslationDefaultDomain] add support of named arguments.
[Form] Improved exception message if the data class is not found
Fixes ArgvInput's argument getter with empty tokens
execute cheaper checks before more expensive ones
Conflicts:
src/Symfony/Component/Form/FormConfigBuilder.php
This PR was squashed before being merged into the 2.3 branch (closes#13039).
Discussion
----------
[HttpFoundation] [Request] fix baseUrl parsing to fix wrong path_info
Hi everyone!
We at trivago had an issue with the Request object. It seems that all versions of symfony 2.x and 3.x are affected from this (possible) bug (don't checked 1.x).
Here is the problem:
some old legacy pages are deployed in the Document Root, let's say /var/www/www.test.com/ .
one or more new applications based on symfony are deployed to /var/release/new_app1/ , /var/release/new_app2/ , ... .
in /var/www/www.test.com/ there is a symlink "app" to /var/release/new_app1/web, like:
/var/www/www.test.com/app --> /var/release/new_app1/web/
there is a "SEO"/human-readable rewrite rule for Document Root (if called path/file not exist): (.*) --> app/app.php
the problem comes, when the user calls a uri starting with "app" or whatever the rewrite rule / symlink points to:
the user calls "http://www.test.com/apparthotel-1234"
results in $_SERVER parameters like this
```
'DOCUMENT_ROOT' =>'/var/www/www.test.com',
'SCRIPT_FILENAME' => '/var/www/www.test.com/app/app.php',
'SCRIPT_NAME' => '/app/app.php',
'PHP_SELF' => '/app/app.php/apparthotel-1234'
```
in Request::prepareBaseUrl() there are checks to find the baseUrl:
```
if ($baseUrl && false !== $prefix = $this->getUrlencodedPrefix($requestUri, $baseUrl)) {
// full $baseUrl matches
return $prefix;
}
if ($baseUrl && false !== $prefix = $this->getUrlencodedPrefix($requestUri, dirname($baseUrl))) {
// directory portion of $baseUrl matches
return rtrim($prefix, '/');
}
```
first it is checked if (in our case) "/app/app.php" is in the request uri (/apparthotel-1234).
it's not.
then it takes the dirname (of /app/app.php) which is /app and checks if it is in the request uri (/apparthotel-1234), and YES, it is! and "/app" is returned, but this is wrong, it should be empty (because it comes from a rewrite rule from root: /)!
later in preparePathInfo(), if there is a baseUrl, then the baseUrl is removed from the request uri:
/apparthotel-1234 ---> /arthotel-1234
The cause is, the second baseUrl check, checks if the path of the application is already in the uri, like when the request was "http://www.test.com/app/apparthotel-1234" and hit a rewrite rule like (.*) --> app.php in there, but because it matches a directory it must match "dirname($baseUrl) . '/'".
I also needed to fix one unit test of the getBaseUrl test:
the request uri recently was "/foo%20bar".
but from the $_SERVER infos "foo bar" is a directory, see:
```
'SCRIPT_FILENAME' => '/home/John Doe/public_html/foo bar/app.php',
'SCRIPT_NAME' => '/foo bar/app.php',
'PHP_SELF' => '/foo bar/app.php',
```
webservers will redirect a request "http://www.test.com/foo%20bar" to "http://www.test.com/foo%20bar/" when "foo bar" is a directory. checked this for apache 2.x and nginx 1.4.x.
this fix is for symfony master (3.0.x, see #13039).
I also prepared a merge request for actual 2.7 branch, it will also follow in some minutes. (see #13040)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | this, #13040, #13038, #7329
| License | MIT
[HttpFoundation] [Request]
* added missing slash to baseUrl-path part check to remove the path, only when it's also a path in the uri
[HttpFoundation] [Tests] [RequestTest]
* fixed and added unittests
This is the symfony 2.3 branch fix for the issue related to #13038 and #13040
Happy christmas!
Commits
-------
3a3ecd3 [HttpFoundation] [Request] fix baseUrl parsing to fix wrong path_info
* 2.5:
[2.3] Remove useless tests skips
[ClassLoader] removes deprecated classes from documentation.
[ClassLoader] added missing deprecation notice.
[HttpFoundation] Fix an issue caused by php's Bug #66606.
[Yaml] Update README.md
Don't add Accept-Range header on unsafe HTTP requests
simplify hasScheme method
adapted merge to 2.5
adapted previous commit for 2.3
[Security] Don't send remember cookie for sub request
[Security] fixed wrong phpdoc
[HttpKernel] Fix UriSigner::check when _hash is not at the end of the uri
[2.3] Cleanup deprecations
Conflicts:
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/logger.html.twig
src/Symfony/Component/HttpKernel/composer.json
* 2.5:
Use PHPUnit ini_set wrapper in tests
[Process] Added a test skip check for Windows
[Process] Removed unused variable assignment
Fixes various phpdoc and coding standards.
Fixes Issue #13184 - incremental output getters now return empty strings
Updated copyright to 2015
Updated copyright to 2015
Clarify a comment.
Conflicts:
src/Symfony/Component/HttpKernel/Fragment/EsiFragmentRenderer.php
* 2.3:
Use PHPUnit ini_set wrapper in tests
[Process] Added a test skip check for Windows
[Process] Removed unused variable assignment
Fixes various phpdoc and coding standards.
Fixes Issue #13184 - incremental output getters now return empty strings
Updated copyright to 2015
Conflicts:
src/Symfony/Bridge/Doctrine/Form/ChoiceList/EntityChoiceList.php
src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
src/Symfony/Bundle/TwigBundle/Command/LintCommand.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
* 2.5:
Updated generateSql tool
Fix the implementation of deprecated Locale classes
Fix phpdoc and coding standards
Replace usages of the deprecated TypeTestCase by the new one
Remove usages of deprecated constants
Update functional tests to use the PSR NullLogger
fix regression in form tests after pr #13027 | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | -
Make fabbot happy
Clean up testing
No global state for isolated tests and other fixes
No global state for isolated tests and other fixes
fix#10054 - form data collector with dynamic fields
[TwigBundle] Moved the setting of the default escaping strategy from the Twig engine to the Twig environment
[Debug] fix checkip6
[HttpFoundation] fixed error when an IP in the X-Forwarded-For HTTP header contains a port
Update the note about origins of the CssSelector component.
Use the correct cssselect library name in docblocks.
[DomCrawler] fixed bug #12143
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Templating/GlobalVariables.php
src/Symfony/Component/Serializer/Normalizer/DenormalizableInterface.php
* 2.3:
No global state for isolated tests and other fixes
[TwigBundle] Moved the setting of the default escaping strategy from the Twig engine to the Twig environment
[Debug] fix checkip6
[HttpFoundation] fixed error when an IP in the X-Forwarded-For HTTP header contains a port
Update the note about origins of the CssSelector component.
Use the correct cssselect library name in docblocks.
* 2.5:
Configure firewall's kernel exception listener with configured entry point or a default entry point
PSR-2 fixes
[DependencyInjection] make paths relative to __DIR__ in the generated container
Fixed the syntax of a composer.json file
Fixed the symfony/config version constraint
Tweaked the password-compat version constraint
Docblock fixes
Remove dialog usage
define constant only if it wasn't defined before
Fix incorrect spanish translation
Fixed typos
Conflicts:
src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/OptionsResolver/Options.php
src/Symfony/Component/OptionsResolver/OptionsResolverInterface.php
src/Symfony/Component/Process/ProcessPipes.php
src/Symfony/Component/Security/Http/Tests/Firewall/RememberMeListenerTest.php
src/Symfony/Component/Serializer/Normalizer/DenormalizableInterface.php
src/Symfony/Component/Validator/ConstraintViolation.php
src/Symfony/Component/Yaml/Inline.php
src/Symfony/Component/Yaml/Parser.php
* 2.3:
Configure firewall's kernel exception listener with configured entry point or a default entry point
PSR-2 fixes
[DependencyInjection] make paths relative to __DIR__ in the generated container
Fixed the syntax of a composer.json file
Fixed the symfony/config version constraint
Tweaked the password-compat version constraint
Docblock fixes
define constant only if it wasn't defined before
Fix incorrect spanish translation
Fixed typos
Conflicts:
composer.json
src/Symfony/Bridge/Twig/TwigEngine.php
src/Symfony/Bundle/FrameworkBundle/Controller/Controller.php
src/Symfony/Bundle/FrameworkBundle/Templating/Loader/FilesystemLoader.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Console/Descriptor/MarkdownDescriptor.php
src/Symfony/Component/Console/Helper/TableHelper.php
src/Symfony/Component/Console/Tests/Helper/HelperSetTest.php
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/Finder/Tests/Iterator/RecursiveDirectoryIteratorTest.php
src/Symfony/Component/Form/Tests/Extension/Core/DataMapper/PropertyPathMapperTest.php
src/Symfony/Component/HttpFoundation/Response.php
src/Symfony/Component/HttpFoundation/StreamedResponse.php
src/Symfony/Component/HttpKernel/Controller/ControllerResolver.php
src/Symfony/Component/HttpKernel/Controller/ControllerResolverInterface.php
src/Symfony/Component/HttpKernel/Debug/TraceableEventDispatcher.php
src/Symfony/Component/HttpKernel/Fragment/RoutableFragmentRenderer.php
src/Symfony/Component/HttpKernel/Tests/DataCollector/RequestDataCollectorTest.php
src/Symfony/Component/Intl/NumberFormatter/NumberFormatter.php
src/Symfony/Component/Process/Process.php
src/Symfony/Component/Process/Tests/AbstractProcessTest.php
src/Symfony/Component/PropertyAccess/PropertyAccessorBuilder.php
src/Symfony/Component/Routing/Tests/Fixtures/validpattern.php
src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeServices.php
src/Symfony/Component/Security/composer.json
src/Symfony/Component/Serializer/Encoder/XmlEncoder.php
src/Symfony/Component/Serializer/Normalizer/GetSetMethodNormalizer.php
src/Symfony/Component/Stopwatch/StopwatchEvent.php
src/Symfony/Component/Stopwatch/StopwatchPeriod.php
src/Symfony/Component/Templating/PhpEngine.php
src/Symfony/Component/Templating/TemplateReference.php
src/Symfony/Component/Templating/TemplateReferenceInterface.php
src/Symfony/Component/Translation/TranslatorInterface.php
src/Symfony/Component/Validator/ConstraintViolation.php
src/Symfony/Component/Validator/ExecutionContextInterface.php
src/Symfony/Component/Validator/Mapping/ClassMetadata.php
src/Symfony/Component/Validator/MetadataFactoryInterface.php
* 2.5:
reformat code as suggested by @fabpot
Fix typo
Make `\Request::get` more performant.
[Form][WebProfiler] Empty form names fix
[FrameworkBundle] cache:clear command fills *.php.meta files with wrong data
bumped Symfony version to 2.5.8
updated VERSION for 2.5.7
update CONTRIBUTORS for 2.5.7
updated CHANGELOG for 2.5.7
bumped Symfony version to 2.3.23
fixed typo
updated VERSION for 2.3.22
update CONTRIBUTORS for 2.3.22
updated CHANGELOG for 2.3.22
Conflicts:
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/form.html.twig
src/Symfony/Component/HttpKernel/Kernel.php
* 2.3:
reformat code as suggested by @fabpot
Fix typo
Make `\Request::get` more performant.
[FrameworkBundle] cache:clear command fills *.php.meta files with wrong data
bumped Symfony version to 2.3.23
fixed typo
updated VERSION for 2.3.22
update CONTRIBUTORS for 2.3.22
updated CHANGELOG for 2.3.22
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 2.5:
added missing files
[TwigBundle] added a test
Indicate which file was being parsed if an exception is thrown while running translation:debug
[ClassLoader] Cast $useIncludePath property to boolean
[HttpFoundation] Minor spelling fix in PHPDocs
improve error message for multiple documents
Remove aligned '=>' and '='
[Session] remove invalid workaround in session regenerate
[Kernel] ensure session is saved before sending response
[Routing] serialize the compiled route to speed things up
[Form] Fixed usage of "name" variable in form_start block
[Validator] Fixed Regex::getHtmlPattern() to work with complex and negated patterns
[DependencyInjection] use inheritdoc for loaders
[Config] fix filelocator with empty name
[Form] fix form handling with unconventional request methods like OPTIONS
CSRF warning docs on Request::enableHttpMethodParameterOverride()
Conflicts:
src/Symfony/Component/Console/Helper/ProgressBar.php
* 2.3:
added missing files
[TwigBundle] added a test
Indicate which file was being parsed if an exception is thrown while running translation:debug
[ClassLoader] Cast $useIncludePath property to boolean
[HttpFoundation] Minor spelling fix in PHPDocs
improve error message for multiple documents
[Session] remove invalid workaround in session regenerate
[Kernel] ensure session is saved before sending response
[Routing] serialize the compiled route to speed things up
[Validator] Fixed Regex::getHtmlPattern() to work with complex and negated patterns
[DependencyInjection] use inheritdoc for loaders
[Config] fix filelocator with empty name
[Form] fix form handling with unconventional request methods like OPTIONS
CSRF warning docs on Request::enableHttpMethodParameterOverride()
Conflicts:
src/Symfony/Component/Routing/Route.php
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] CSRF warning docs on Request::enableHttpMethodParameterOverride()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #12043
| License | MIT
| Doc PR | /
Since I wanted to understand this issue I did some research and altered the comment block. Is this a clear enough explanation or does it need more?
Commits
-------
deb70ab CSRF warning docs on Request::enableHttpMethodParameterOverride()
* 2.5:
Remove aligned '=>' and '='
Break infinite loop while resolving aliases
[Security][listener] change priority of switchuser
Improved the phpdoc for security token classes
bumped Symfony version to 2.5.7
updated VERSION for 2.5.6
updated CHANGELOG for 2.5.6
bumped Symfony version to 2.3.22
updated VERSION for 2.3.21
update CONTRIBUTORS for 2.3.21
updated CHANGELOG for 2.3.21
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/AbstractFactory.php
src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/Debug/ExceptionHandler.php
src/Symfony/Component/Form/Extension/Core/Type/BaseType.php
src/Symfony/Component/Form/Extension/Core/Type/ChoiceType.php
src/Symfony/Component/Form/Extension/Core/Type/DateTimeType.php
src/Symfony/Component/Form/Extension/Core/Type/DateType.php
src/Symfony/Component/Form/Extension/Core/Type/TimeType.php
src/Symfony/Component/Form/Extension/Validator/Type/FormTypeValidatorExtension.php
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MongoDbSessionHandler.php
src/Symfony/Component/HttpFoundation/Session/Storage/Handler/PdoSessionHandler.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Core/SecurityContextInterface.php
src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationFailureHandler.php
src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php
src/Symfony/Component/Security/Http/Firewall/AnonymousAuthenticationListener.php
src/Symfony/Component/Serializer/Serializer.php
src/Symfony/Component/Validator/Constraints/File.php
[HttpFoundation] fixed the docs so that it gives some explanation about how you are vulnerable to CSRF when you enable the httpMethodeParameterOverride
This PR was merged into the 2.6-dev branch.
Discussion
----------
[2.3] Update src/Symfony/Component/HttpFoundation/Request.php
This makes `getContentType()` work when a regular form is submitted. It would return `"form"`
Commits
-------
c81ec4d Update src/Symfony/Component/HttpFoundation/Request.php
* 2.5: (43 commits)
[Form] Fix PHPDoc for builder setData methods The underlying data variable is typed as mixed whereas the methods paramers where typed as array.
fixed CS
[Intl] Improved bundle reader implementations
[Console] guarded against invalid aliases
switch before_script to before_install and script to install
fixed typo
[HttpFoundation] Request - URI - comment improvements
[Validator] The ratio of the ImageValidator is rounded to two decimals now
[Security] Added more tests
remove `service` parameter type from XSD
[Intl] Added exception handler to command line scripts
[Intl] Fixed a few bugs in TextBundleWriter
[Intl] Updated icu.ini up to ICU 53
[Intl] Removed non-working $fallback argument from ArrayAccessibleResourceBundle
Use separated function to resolve command and related arguments
[SwiftmailerBridge] Bump allowed versions of swiftmailer
[FrameworkBundle] Remove invalid markup
[Intl] Added "internal" tag to all classes under Symfony\Component\Intl\ResourceBundle
Remove routes for removed WebProfiler actions
[Security] Fix usage of unexistent method in DoctrineAclCache.
...
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Command/ServerRunCommand.php
src/Symfony/Component/HttpKernel/HttpCache/Esi.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Translation/Tests/Dumper/XliffFileDumperTest.php
src/Symfony/Component/Yaml/Parser.php
src/Symfony/Component/Yaml/Tests/InlineTest.php
* 2.3: (35 commits)
[Form] Fix PHPDoc for builder setData methods The underlying data variable is typed as mixed whereas the methods paramers where typed as array.
fixed CS
[Intl] Improved bundle reader implementations
[Console] guarded against invalid aliases
switch before_script to before_install and script to install
fixed typo
[HttpFoundation] Request - URI - comment improvements
[Security] Added more tests
remove `service` parameter type from XSD
[Intl] Added exception handler to command line scripts
[Intl] Fixed a few bugs in TextBundleWriter
[Intl] Updated icu.ini up to ICU 53
[Intl] Removed non-working $fallback argument from ArrayAccessibleResourceBundle
Use separated function to resolve command and related arguments
[SwiftmailerBridge] Bump allowed versions of swiftmailer
[FrameworkBundle] Remove invalid markup
[Intl] Added "internal" tag to all classes under Symfony\Component\Intl\ResourceBundle
Remove routes for removed WebProfiler actions
[Security] Fix usage of unexistent method in DoctrineAclCache.
backport more error information from 2.6 to 2.3
...
Conflicts:
.travis.yml
src/Symfony/Component/DependencyInjection/Loader/YamlFileLoader.php
src/Symfony/Component/DependencyInjection/Tests/Loader/XmlFileLoaderTest.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Process/PhpExecutableFinder.php
* 2.5: (23 commits)
[HttpKernel] fixed some unit tests for 2.4 (signature now uses SHA256 instead of MD5)
[HttpKernel] simplified code
[HttpKernel] fixed internal fragment handling
fixing yaml indentation
Unexpexted ));"
[WebProfiler] replaced the import/export feature from the web interface to a CLI tool
Forced all fragment uris to be signed, even for ESI
Add tests and more assertions
[FrameworkBundle][Translator] Validate locales.
[HttpFoundation] added some missing tests
[HttpFoundation] Improve string values in test codes
[Security] Add more tests for StringUtils::equals
fix comment: not fourth but sixth argument
fixing typo in a comment
[FrameworkBundle] fixed CS
[FrameworkBundle] PhpExtractor bugfix and improvements
[Finder] Fix findertest readability
[Filesystem] Add FTP stream wrapper context option to enable overwrite (override)
fix parsing of Authorization header
Test examples from Drupal SA-CORE-2014-003
...
Conflicts:
src/Symfony/Bundle/WebProfilerBundle/Resources/views/Profiler/admin.html.twig
src/Symfony/Component/Filesystem/Filesystem.php
src/Symfony/Component/HttpKernel/Fragment/EsiFragmentRenderer.php
* 2.3:
[HttpKernel] fixed internal fragment handling
fixing yaml indentation
[WebProfiler] replaced the import/export feature from the web interface to a CLI tool
Forced all fragment uris to be signed, even for ESI
Add tests and more assertions
[FrameworkBundle][Translator] Validate locales.
[HttpFoundation] added some missing tests
[HttpFoundation] Improve string values in test codes
fix comment: not fourth but sixth argument
fixing typo in a comment
[FrameworkBundle] fixed CS
[FrameworkBundle] PhpExtractor bugfix and improvements
[Finder] Fix findertest readability
[Filesystem] Add FTP stream wrapper context option to enable overwrite (override)
fix parsing of Authorization header
Test examples from Drupal SA-CORE-2014-003
Fix potential DoS when parsing HOST
Made optimization deprecating modulus operator
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Resources/config/esi.xml
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
src/Symfony/Component/HttpKernel/Fragment/EsiFragmentRenderer.php
This PR was merged into the 2.3 branch.
Discussion
----------
n/a
n/a
Commits
-------
9e1bc22 Add tests and more assertions
101a3b7 [FrameworkBundle][Translator] Validate locales.
This PR was merged into the 2.3 branch.
Discussion
----------
n/a
n/a
Commits
-------
1ee96a8 Test examples from Drupal SA-CORE-2014-003
5506ee8 Fix potential DoS when parsing HOST
* 2.3:
Added missing `break` statement
don't disable constructor calls to mockups of classes that extend internal PHP classes
Small comment update according to PSR-2
[Console] Fixed notice in DialogHelper
[HttpFoundation] Fixed Request::getPort returns incorrect value under IPv6
[Filesystem] Fix test suite on OSX
Add framework-bundle
Conflicts:
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php
See [PSR-2](http://www.php-fig.org/psr/psr-2/) paragraph 5.2
> There MUST be a comment such as `// no break` when fall-through is intentional in a non-empty case body.
Related to #11181
* 2.3:
PHP Fatal error when getContainer method of ContainerAwareCommand has be...
[HttpFoundation] Fixed isSecure() check to be compliant with the docs
Update MimeTypeExtensionGuesser.php
fix test src/Symfony/Component/HttpFoundation/Tests/BinaryFileResponseTest.php
Fixed the Travis build on PHP 5.3.3
* 2.3:
Minor doc fix.
Simplified the way to update PHPUnit to the latest version
[Process] Minor README update
[HttpFoundation] Basic auth in url is broken when using PHP CGI/FPM
Fixed a html error "Element ul is not closed" in logger.html.twig
[HttpFoundation] Officialize the 308 redirect RFC
issue #10808 crawler test
Empty select with attribute name="foo[]" bug fix
Fixed contextually wrong translation
Request#getUser() and Request#getPassword() introduced in
aecfd0a891 do not handle the lack of
PHP_AUTH_USER and PHP_AUTH_PW in $this->server when using PHP-FPM. Use
$this->headers instead.
Furthermore, the test of empty password now expects an empty string
instead of NULL according to a450d002f2.
* 2.3:
Textarea value should default to empty string instead of null.
Fix doc blocks
[Process] Fix#10681, process are failing on Windows Server 2003
[Security] fix DBAL connection typehint
[HttpFoundation] status 201 is allowed to have a body
unified return null usages
Conflicts:
src/Symfony/Component/Console/Helper/DescriptorHelper.php
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/Finder/Tests/Iterator/RecursiveDirectoryIteratorTest.php
src/Symfony/Component/Form/Extension/Core/DataTransformer/IntegerToLocalizedStringTransformer.php
src/Symfony/Component/HttpKernel/Fragment/InlineFragmentRenderer.php
This PR was merged into the 2.3 branch.
Discussion
----------
unified return null usages
| Q | A
| ------------- | ---
| License | MIT
This PR unifies the way we return `null` from a function or method:
* always use `return;` instead of `return null;` (the current code base uses both);
* never use `return;` at the end of a function/method.
Commits
-------
d1d569b unified return null usages
* 2.3:
made {@inheritdoc} annotations consistent across the board
fixed types in phpdocs
made phpdoc types consistent with those defined in Hack
Add support Thai translations
made types consistent with those defined in Hack
removed extra/unsupported arguments
[HttpKernel] fixed an error message
[TwigBundle] removed undefined argument
[Translation] Make IcuDatFileLoader/IcuResFileLoader::load invalid resource compatible with HHVM.
Conflicts:
src/Symfony/Bridge/ProxyManager/Tests/LazyProxy/Fixtures/php/lazy_service.php
src/Symfony/Bundle/FrameworkBundle/Command/ContainerDebugCommand.php
src/Symfony/Bundle/FrameworkBundle/Templating/Loader/FilesystemLoader.php
src/Symfony/Bundle/WebProfilerBundle/EventListener/WebDebugToolbarListener.php
src/Symfony/Component/Config/Definition/ReferenceDumper.php
src/Symfony/Component/Console/Helper/DescriptorHelper.php
src/Symfony/Component/Debug/ErrorHandler.php
src/Symfony/Component/Finder/Tests/Iterator/RecursiveDirectoryIteratorTest.php
src/Symfony/Component/Form/Extension/Core/DataTransformer/IntegerToLocalizedStringTransformer.php
src/Symfony/Component/Form/Tests/Extension/Core/DataMapper/PropertyPathMapperTest.php
src/Symfony/Component/HttpFoundation/Response.php
src/Symfony/Component/HttpFoundation/StreamedResponse.php
src/Symfony/Component/HttpKernel/Debug/TraceableEventDispatcher.php
src/Symfony/Component/HttpKernel/EventListener/ProfilerListener.php
src/Symfony/Component/HttpKernel/Fragment/FragmentHandler.php
src/Symfony/Component/HttpKernel/Fragment/RoutableFragmentRenderer.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/HttpKernel/Tests/Fixtures/KernelForTest.php
src/Symfony/Component/Intl/NumberFormatter/NumberFormatter.php
src/Symfony/Component/Security/Core/Authorization/AccessDecisionManager.php
src/Symfony/Component/Stopwatch/StopwatchPeriod.php
src/Symfony/Component/Translation/TranslatorInterface.php
src/Symfony/Component/Validator/ConstraintValidatorFactory.php
* 2.3:
bumped Symfony version to 2.3.10
updated VERSION for 2.3.9
update CONTRIBUTORS for 2.3.9
updated CHANGELOG for 2.3.9
Add support SAPI cli-server
Fix hardcoded listenerTag name in error message
[HttpFoundation] Documented public properties.
[Routing] add missing unit tests for Route and RouteCollection classes
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Tests/RouteCollectionTest.php
* 2.3: (24 commits)
Add german translation for several validators (Greater/Equal/Less)
No Entity Manager defined exception
fixed CS
[Acl] Fix for issue #9433
[Validator] fix docblock typos
[DependencyInjection] removed the unused Reference and Parameter classes use statements from the compiled container class
Removed useless check if self::$trustProxies is set
Fix mistake in translation's service definition.
if handler_id is identical to null fix
CS fix
Fixed ModelChoiceList tests in Propel1 bridge.
[AclProvider] Fix incorrect behaviour when partial results returned from cache
Check if the pipe array is empty before calling stream_select()
[Intl] fixed datetime test as described in #9455
bumped Symfony version to 2.3.8
updated VERSION for 2.3.7
updated CHANGELOG for 2.3.7
re-factor Propel1 ModelChoiceList
[Form] Added method Form::getClickedButton() to remove memory leak in FormValidator
[Locale] fixed the failing test described in #9455
...
Conflicts:
src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
src/Symfony/Bridge/Propel1/Tests/Fixtures/ItemQuery.php
src/Symfony/Bridge/Propel1/Tests/Form/ChoiceList/ModelChoiceListTest.php
src/Symfony/Bridge/Propel1/Tests/Propel1TestCase.php
src/Symfony/Component/Form/Tests/CompoundFormTest.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Process/Process.php
In Request::getClientIps() on line 772 there is a check if self::$trustedProxies is not set. If this condition evaluates to true the method will return.
Because of this the second identical check on line 783 will never evaluate to true, as when reaching this position self::$trustedProxies must be set.
* 2.3: (25 commits)
bumped Symfony version to 2.2.11
updated VERSION for 2.2.10
update CONTRIBUTORS for 2.2.10
updated CHANGELOG for 2.2.10
fixed version
Request::overrideGlobals() may call invalid ini value
Force Luhn Validator to only work with strings
Fixed bug with lazy services
[Translation] fixed the error in the dumper test as described in #9475
deleted mixing string concatenation inside a sprintf
"__call()" should be displayed only if $this->magicCall is true
[Console] fix phpdoc and constructor default value
Add media-query for printing: Do not print the toolbar.
Fix ProgressHelper redraw when redrawFreq is greater than 1
Update toolbar.css.twig
slovenian translations fixed
slovenian translations fixed
[DependencyInjection] fixed YamlDumper did not make services private.
[FrameworkBundle] fix routing container parameter exception message
[Form] fix and unify phpdoc
...
Conflicts:
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.2:
bumped Symfony version to 2.2.11
updated VERSION for 2.2.10
update CONTRIBUTORS for 2.2.10
updated CHANGELOG for 2.2.10
fixed version
Request::overrideGlobals() may call invalid ini value
Force Luhn Validator to only work with strings
[Translation] fixed the error in the dumper test as described in #9475
[Console] fix phpdoc and constructor default value
Conflicts:
src/Symfony/Component/Console/Helper/ProgressHelper.php
src/Symfony/Component/HttpKernel/Kernel.php
According to http://php.net/manual/ja/ini.core.php ,
there's not variable_order, but variables_order (with trailing "s").
Perhaps it breaks BC for some developer who unsets
'request_order' ini value and sets 'variable_order' manually?
* 2.3:
Improve documentation of X-Forwarded-For header handling
[DoctrineBridge] Loosened CollectionToArrayTransformer::transform() to accept arrays
Removed unused use statements.
Make usleep longer and simplify assertions
Added japanese translation resource for security component.
Replaced the @inheritdoc with an actual list of params since the original method has a different signature.
fix typo : StdClass should be stdClass with little "s"
Remove unnecessary continue from Request
[Yaml] Fixed the escaping of strings starting with a dash when dumping
Fix in ChainLoader.php
fixed wrong started states
This PR was merged into the master branch.
Discussion
----------
[HttpFoundation] added a way to override the Request class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7461, #7453
| License | MIT
| Doc PR | symfony/symfony-docs#3021
This is an alternative implementation for #7461.
I've also reverted #7381 and #7390 as these changes are not needed anymore.
Todo:
- [ ] add some tests
Commits
-------
464439d [HttpFoundation] added a way to override the Request class
* 2.3:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[DependencyInjection] Prevented inlining of lazy loaded private service definitions.
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/Routing/Router.php
src/Symfony/Component/Security/Http/Firewall.php
* 2.2:
fixed Client when using the terminable event
Fix problem with Windows file links (backslash in JavaScript string)
[Security] fixed wrong phpdoc
[Routing] removed extra argument
[HttpFoundation] Header `HTTP_X_FORWARDED_PROTO` can contain various values Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows value chaining (`https, http`, where `https` is always first when request is encrypted).
Added doc comments
Conflicts:
src/Symfony/Component/HttpFoundation/Request.php
Some proxies use `ssl` instead of `https`, as well as Lighttpd mod_proxy allows
value chaining (`https, http`, where `https` is always first when request is encrypted).
* 2.3:
[WebProfilerBundle] fixed toolbar for IE8 (refs #8380)
[HttpFoundation] removed double-slashes (closes#8388)
[HttpFoundation] tried to keep the original Request URI as much as possible to avoid different behavior between ::createFromGlobals() and ::create()
[TwigBridge] fixed form rendering when used in a template with dynamic inheritance
* 2.2:
[HttpFoundation] removed double-slashes (closes#8388)
[HttpFoundation] tried to keep the original Request URI as much as possible to avoid different behavior between ::createFromGlobals() and ::create()
[TwigBridge] fixed form rendering when used in a template with dynamic inheritance
* 2.3:
Fixed docblock in UserInterface::getSalt()
[Process] Fix#8970 : read output once the process is finished, enable pipe tests on Windows
[DoctrineBridge] Improved test coverage of EntityChoiceList
[DoctrineBridge] Improved test coverage of EntityChoiceList
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
[Form] Improved test coverage of ChoiceList classes
[Form] Fixed expanded choice field to be marked invalid when unknown choices are submitted
[Form] Fixed ChoiceList::get*By*() methods to preserve order and array keys
[Form] Removed usage of the ChoiceList::getIndicesFor*() methods where they don't offer any performance benefit
Removed duplicate annotation
[HttpKernel] made code more reliable
[HttpFoundation] fixed regression in the way the request format is handled for duplicated requests (closes#8917)
[HttpKernel] fixer HInclude src (closes#8951)
Fixed escaping of service identifiers in configuration
Conflicts:
src/Symfony/Bridge/Doctrine/Tests/Form/ChoiceList/GenericEntityChoiceListTest.php
src/Symfony/Bridge/Doctrine/Tests/Form/Type/EntityTypeTest.php
src/Symfony/Component/HttpKernel/Tests/Fragment/HIncludeFragmentRendererTest.php
* 2.2:
[HttpFoundation] fixed regression in the way the request format is handled for duplicated requests (closes#8917)
[HttpKernel] fixer HInclude src (closes#8951)
Fixed escaping of service identifiers in configuration
* 2.3:
[HttpFoundation] removed extra parenthesis
[Process][2.2] Fix Process component on windows
[HttpFoundation] improve perf of previous merge (refs #8882)
Request->getPort() should prefer HTTP_HOST over SERVER_PORT
Fixing broken http auth digest in some circumstances (php-fpm + apache).
fixed typo
Conflicts:
src/Symfony/Component/Process/Process.php
* 2.2:
[HttpFoundation] removed extra parenthesis
[Process][2.2] Fix Process component on windows
[HttpFoundation] improve perf of previous merge (refs #8882)
Request->getPort() should prefer HTTP_HOST over SERVER_PORT
Fixing broken http auth digest in some circumstances (php-fpm + apache).
fixed typo
Conflicts:
src/Symfony/Component/Process/Process.php
* 2.3:
fixed request format when forwarding a request
[HttpKernel] added a comment to warn about possible inconsistencies
added a functional test for locale handling in sub-requests
Fixed issue #6932 - Inconsistent locale handling in subrequests
fixed locale of sub-requests when explicitely set by the developer (refs #8821)
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
src/Symfony/Component/HttpKernel/Fragment/RoutableFragmentRenderer.php
src/Symfony/Component/HttpKernel/Tests/Fragment/RoutableFragmentRendererTest.php
* 2.2:
fixed request format when forwarding a request
[HttpKernel] added a comment to warn about possible inconsistencies
added a functional test for locale handling in sub-requests
Fixed issue #6932 - Inconsistent locale handling in subrequests
fixed locale of sub-requests when explicitely set by the developer (refs #8821)
Conflicts:
src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
* 2.3:
[Locale] fixed build-data exit code in case of an error
fixed request format of sub-requests when explicitely set by the developer (closes#8787)
Sets _format attribute only if it wasn't set previously by the user.
Exclude little words of 'ee' to 'oo' plural transformation
fixed the format of the request used to render an exception
Fix typo in the check_path validator
added a missing use statement (closes#8808)
fix for Process:isSuccessful()
Include untrusted host in the exception message
Conflicts:
src/Symfony/Component/HttpKernel/EventListener/ExceptionListener.php
src/Symfony/Component/HttpKernel/Fragment/InlineFragmentRenderer.php
* 2.2:
Fix getPort() returning 80 instead of 443 when X-FORWARDED-PROTO is set to https
[Translation] fixed a unit test
Conflicts:
src/Symfony/Component/HttpFoundation/Request.php
This PR was squashed before being merged into the master branch (closes#7559).
Discussion
----------
[HttpFoundation] [HttpKernel] Internal sub-requests should have X-Forwarded-For header providing real client IP
This is a better alternative to fix issue highlighted in #7554 and #7557.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7554, #7557
| License | MIT
When dealing with inline fragment renderer, it emulates an internal request by overriding the REMOTE_ADDR on Request. This is true, since conceptually request came from local server.
The problem that this introduces is that overriding the server value, it turns into an impossible state to retrieve the real client ip, only returning the local server IP (which is hardcoded to 127.0.0.1).
This patch takes the same approach as a Varnish call (it behaves the exact same way, reusing all code built for handling client ip handling on sub-requests), populating the X-Forwarded-For header and also making getClientIp smarter by removing possible local IP addresses from being considered as the client IP address.
Commits
-------
773e109 [HttpFoundation] [HttpKernel] Internal sub-requests should have X-Forwarded-For header providing real client IP
* 2.2:
[Config] #7644 add tests for passing number looking attributes as strings
[HttpFoundation][BrowserKit] fixed path when converting a cookie to a string
[BrowserKit] removed dead code
[HttpFoundation] fixed empty domain= in Cookie::__toString()
fixed detection of secure cookies received over https
[2.2] Pass ESI header to subrequests
[Translation] removed an uneeded class property
[Translation] removed unneeded getter/setter
[Translator] added additional conversion for encodings other than utf-8
fixed source messages to accept pluralized messages [Validator][translation][japanese] add messages for new validator
fix a DI circular reference recognition bug
[HttpFoundation] fixed the creation of sub-requests under some circumstances for IIS
Conflicts:
src/Symfony/Component/HttpFoundation/Tests/CookieTest.php
* 2.1:
[HttpFoundation][BrowserKit] fixed path when converting a cookie to a string
[BrowserKit] removed dead code
[HttpFoundation] fixed empty domain= in Cookie::__toString()
fixed detection of secure cookies received over https
[Translation] removed an uneeded class property
[Translation] removed unneeded getter/setter
[Translator] added additional conversion for encodings other than utf-8
fix a DI circular reference recognition bug
[HttpFoundation] fixed the creation of sub-requests under some circumstances for IIS
This PR was merged into the 2.1 branch.
Discussion
----------
[HttpFoundation] fixes creation of sub requests under IIS & Rewite Module
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6936, #6923
| License | MIT
| Doc PR | N/A
There are a few bugs to address.
1. `HTTP_X_ORIGINAL_URL` wasn't removed from the server parameters, so is picked back up [here](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/ServerBag.php#L33) upon recreation of a sub request.
2. When `X_ORIGINAL_URL` is passed in the headers by IIS, `IIS_WasUrlRewritten` and `UNENCODED_URL` can also be passed as server vars, so they must also be removed for sub request URI's to be resolved correctly.
Additionally, I have removed the OS check for windows, because it was only done for 2 out of 4 of the IIS specific checks, and it made the code untestable.
Also added tests for all scenarios as there were none.
Commits
-------
9fcd2f6 [HttpFoundation] fixed the creation of sub-requests under some circumstances for IIS
* 2.2:
Fix default value handling for multi-value options
[HttpKernel] truncate profiler token to 6 chars (see #7665)
Disabled APC on Travis for PHP 5.5+ as it is not available
[HttpFoundation] do not use server variable PATH_INFO because it is already decoded and thus symfony is fragile to double encoding of the path
Fix download over SSL using IE < 8 and binary file response
[Console] Fix merging of application definition, fixes#7068, replaces #7158
[HttpKernel] fixed the Kernel when the ClassLoader component is not available (closes#7406)
fixed output of bag values
[Yaml] improved boolean naming ($notEOF -> !$EOF)
[Yaml] fixed handling an empty value
[Routing][XML Loader] Add a possibility to set a default value to null
[Console] fixed handling of "0" input on ask
The /e modifier for preg_replace() is deprecated in PHP 5.5; replace with preg_replace_callback()
fixed handling of "0" input on ask
[HttpFoundation] Fixed bug in key searching for NamespacedAttributeBag
[Form] DateTimeToRfc3339Transformer use proper transformation exteption in reverse transformation
Update PhpEngine.php
[PropertyAccess] Add objectives to pluralMap
[Security] Removed unused var
[HttpFoundation] getClientIp is fixed.
Conflicts:
src/Symfony/Component/Console/Tests/Command/CommandTest.php
src/Symfony/Component/Console/Tests/Input/ArgvInputTest.php
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpKernel/Kernel.php
* 2.1:
Fix default value handling for multi-value options
[HttpKernel] truncate profiler token to 6 chars (see #7665)
Disabled APC on Travis for PHP 5.5+ as it is not available
[HttpFoundation] do not use server variable PATH_INFO because it is already decoded and thus symfony is fragile to double encoding of the path
[Yaml] improved boolean naming ($notEOF -> !$EOF)
[Yaml] fixed handling an empty value
[Routing][XML Loader] Add a possibility to set a default value to null
The /e modifier for preg_replace() is deprecated in PHP 5.5; replace with preg_replace_callback()
[HttpFoundation] Fixed bug in key searching for NamespacedAttributeBag
[Form] DateTimeToRfc3339Transformer use proper transformation exteption in reverse transformation
Update PhpEngine.php
[HttpFoundation] getClientIp is fixed.
Conflicts:
.travis.yml
src/Symfony/Component/Routing/Loader/XmlFileLoader.php
src/Symfony/Component/Routing/Loader/schema/routing/routing-1.0.xsd
src/Symfony/Component/Routing/Tests/Fixtures/validpattern.xml
src/Symfony/Component/Routing/Tests/Loader/XmlFileLoaderTest.php
The getClientIp now returns ip of the earliest server in a proxy chain when all the servers in the chain are trusted proxies. Before this patch the getClientIp used to return null at such condition.
Some appropriate tests are added.
* 2.1:
#7106 - fix for ZTS builds
Added '@@' escaping strategy for YamlFileLoader and YamlDumper
[Yaml] fixed bugs with folded scalar parsing
[Form] made DefaultCsrfProvider using session_status() when available
Added unit tests to Dumper
Update .travis.yml (closes#7355)
[HttpFoudantion] fixed Request::getPreferredLanguage()
Revert "merged branch jfsimon/issue-6928 (PR #7378)"
Routing issue with installation in a sub-directory ref: https://github.com/symfony/symfony/issues/7129
Conflicts:
.travis.yml
src/Symfony/Bundle/FrameworkBundle/Routing/Router.php
src/Symfony/Component/Routing/RouteCollection.php
* 2.1:
Add a public modifier to an interface method
[HttpRequest] fixes Request::getLanguages() bug
[HttpCache] added a test (cached content should be kept after purging)
[DoctrineBridge] Fixed non-utf-8 recognition
[Security] fixed HttpUtils class tests
This PR was squashed before being merged into the 2.2 branch (closes#6999).
Commits
-------
de0f7b7 [HttpFoundation] Added getter for httpMethodParameterOverride state
Discussion
----------
[HttpFoundation] Added getter for httpMethodParameterOverride state
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6984
| License | MIT
| Doc PR | ~
* 2.1:
added support for the X-Forwarded-For header (closes#6982, closes#7000)
fixed the IP address in HttpCache when calling the backend
[EventDispatcher] Added assertion.
[EventDispathcer] Fix removeListener
[DependencyInjection] Add clone for resources which were introduced in 2.1
[DependencyInjection] Allow frozen containers to be dumped to graphviz
Fix 'undefined index' error, when entering scope recursively
[Security] fixed session creation on login (closes#7011)
Add dot character `.` to legal mime subtype regular expression
[HttpFoundation] fixed the creation of sub-requests under some circumstancies (closes#6923, closes#6936)
* 2.0:
[DependencyInjection] Allow frozen containers to be dumped to graphviz
Add dot character `.` to legal mime subtype regular expression
[HttpFoundation] fixed the creation of sub-requests under some circumstancies (closes#6923, closes#6936)
When creating a Request with Request::create(), some information can
come from the URI and the server variable. Until now, it was not clear
which information had precedence over the other and as a matter of fact,
this method was not consistent.
Now, information contained in the URI always take precedence over
information coming from the server array. That makes sense as the server
array is often copied from another existing Request object.
This PR was merged into the master branch.
Commits
-------
76fefe3 updated CHANGELOG and UPGRADE files
f7da1f0 added some unit tests (and fixed some bugs)
f17f586 moved the container aware HTTP kernel to the HttpKernel component
2eea768 moved the deprecation logic calls outside the new HttpContentRenderer class
bd102c5 made the content renderer work even when ESI is disabled or when no templating engine is available (the latter being mostly useful when testing)
a8ea4e4 [FrameworkBundle] deprecated HttpKernel::forward() (it is only used once now and not part of any interface anyway)
1240690 [HttpKernel] made the strategy a regular parameter in HttpContentRenderer::render()
adc067e [FrameworkBundle] made some services private
1f1392d [HttpKernel] simplified and enhanced code managing the hinclude strategy
403bb06 [HttpKernel] added missing phpdoc and tweaked existing ones
892f00f [HttpKernel] added a URL signer mechanism for hincludes
a0c49c3 [TwigBridge] added a render_* function to ease usage of custom rendering strategies
9aaceb1 moved the logic from HttpKernel in FrameworkBundle to the HttpKernel component
Discussion
----------
[WIP] Kernel refactor
Currently, the handling of sub-requests (including ESI and hinclude) is mostly done in FrameworkBundle. It makes these important features harder to implement for people using only HttpKernel (like Drupal and Silex for instance).
This PR moves the code to HttpKernel instead. The code has also been refactored to allow easier integration of other rendering strategies (refs #6108).
The internal route has been re-introduced but it can only be used for trusted IPs (so for the internal rendering which is managed by Symfony itself, or by a trusted reverse proxy like Varnish for ESI handling). For the hinclude strategy, when using a controller, the URL is automatically signed (see #6463).
The usage of a listener instead of a controller to handle internal sub-requests speeds up things quite a lot as it saves one sub-request handling. In Symfony 2.0 and 2.1, the handling of a sub-request actually creates two sub-requests.
Rendering a sub-request from a controller can be done with the following code:
```jinja
{# default strategy #}
{{ render(path("partial")) }}
{{ render(controller("SomeBundle:Controller:partial")) }}
{# ESI strategy #}
{{ render(path("partial"), { strategy: 'esi' }) }}
{{ render(controller("SomeBundle:Controller:partial"), { strategy: 'esi' }) }}
{# hinclude strategy #}
{{ render(path("default1"), { strategy: 'hinclude' }) }}
```
The second commit allows to simplify the calls a little bit thanks to some nice syntactic sugar:
```jinja
{# default strategy #}
{{ render(path("partial")) }}
{{ render(controller("SomeBundle:Controller:partial")) }}
{# ESI strategy #}
{{ render_esi(path("partial")) }}
{{ render_esi(controller("SomeBundle:Controller:partial")) }}
{# hinclude strategy #}
{{ render_hinclude(path("default1")) }}
```
---------------------------------------------------------------------------
by fabpot at 2013-01-03T17:58:49Z
I've just pushed a new version of the code that actually works in my browser (but I've not yet written any unit tests). I've updated the PR description accordingly.
All comments welcome!
---------------------------------------------------------------------------
by Koc at 2013-01-03T20:11:43Z
what about `render(controller="SomeBundle:Controller:partial", strategy="esi")`?
---------------------------------------------------------------------------
by stof at 2013-01-04T09:01:01Z
shouldn't we have interfaces for the UriSigner and the HttpContentRenderer ?
---------------------------------------------------------------------------
by lsmith77 at 2013-01-04T19:28:09Z
btw .. as mentioned in #6213 i think it would make sense to refactor the HttpCache to use a cache layer to allow more flexibility in where to cache the data (including clustering) and better invalidation. as such if you are refactoring HttpKernel .. it might also make sense to explore splitting off HttpCache.
---------------------------------------------------------------------------
by fabpot at 2013-01-04T19:30:07Z
@lsmith77 This is a totally different topic. This PR is just about moving things from FrameworkBundle to HttpKernel to make them more reusable outside of the full-stack framework.
---------------------------------------------------------------------------
by fabpot at 2013-01-05T09:39:52Z
I think this PR is almost ready now. I still need to update the docs and add some unit tests. Any other comments on the whole approach? The class names? The `controller` function thingy? The URI signer mechanism? The proxy protection for the internal controller? The proxy to handle internal routes?
---------------------------------------------------------------------------
by sstok at 2013-01-05T10:08:25Z
Looks good to me 👍
---------------------------------------------------------------------------
by sdboyer at 2013-01-07T18:17:08Z
@Crell asked me to weigh in, since i'm one of the Drupal folks who's likely to work most with this.
i think i've grokked about 60% of the big picture here, and i'm generally happy with what i see. the assumption that the HInclude strategy makes about working with templates probably isn't one that we'll be able to use (and so, would need to write our own), but that's not a big deal since the whole goal here is to make strategies pluggable.
so, yeah. +1.
---------------------------------------------------------------------------
by winzou at 2013-01-09T20:21:44Z
Just for my information: will this PR be merged for 2.2 version? Thanks.
---------------------------------------------------------------------------
by stof at 2013-01-09T20:41:04Z
@winzou according to the blog post announcing the beta 1 release, yes. It is explicitly listed as being one of the reason to make it a beta instead of the first RC.
---------------------------------------------------------------------------
by winzou at 2013-01-09T20:49:36Z
OK thanks, I've totally skipped this blog post.
---------------------------------------------------------------------------
by fabpot at 2013-01-10T15:26:15Z
I've just added a bunch of unit tests and fix some bugs I found while writing the tests.
- Removed useless error handlers around FormEvent as the triggering has
been fixed in it.
- Enhanced the triggering of deprecation errors for places where the BC
method provide some user logic needing to be converted to a new way.
- Enhanced the deprecation messages to mention the replacement whenever
possible.
This PR was merged into the master branch.
Commits
-------
36197dc Fixed typos
Discussion
----------
Fixed typos
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Fixes the following tickets: -
Todo: -
License of the code: MIT
* 2.1:
[Console] Fix style escaping parsing
[Console] Make style formatter matching less greedy to avoid having to escape when not needed
[Bundle] [FrameworkBundle] fixed indentation in esi.xml services file.
[Component] [Security] fixed PSR-2 coding violation in ClassUtilsTest class.
[Form] Fixed EntityChoiceList when loading objects with negative integer IDs
[TwigBundle] There is no CSS visibility of display, should be visible instead
[Form] corrected source node for a Danish translation
[DependencyInjection] fixed a bug where the strict flag on references were lost (closes#6607)
[HttpFoundation] Check if required shell functions for `FileBinaryMimeTypeGuesser` are not disabled
[CssSelector] added css selector with empty string
[HttpFoundation] Docblock for Request::isXmlHttpRequest() now points to Wikipedia
[DependencyInjection] refactored code to avoid logic duplication
[Form] Deleted references in FormBuilder::getFormConfig() to improve performance
[HttpFoundation] Update docblock for non-working method
Conflicts:
src/Symfony/Bundle/TwigBundle/Resources/views/Exception/trace.html.twig
src/Symfony/Bundle/TwigBundle/Resources/views/Exception/traces.html.twig
* 2.0:
[Bundle] [FrameworkBundle] fixed indentation in esi.xml services file.
[TwigBundle] There is no CSS visibility of display, should be visible instead
[DependencyInjection] fixed a bug where the strict flag on references were lost (closes#6607)
[HttpFoundation] Check if required shell functions for `FileBinaryMimeTypeGuesser` are not disabled
[CssSelector] added css selector with empty string
[HttpFoundation] Docblock for Request::isXmlHttpRequest() now points to Wikipedia
[DependencyInjection] refactored code to avoid logic duplication
Conflicts:
src/Symfony/Bundle/FrameworkBundle/Resources/config/esi.xml
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/HttpFoundation/File/MimeType/FileBinaryMimeTypeGuesser.php
* 2.1:
fixed CS
fixed CS
[Security] fixed path info encoding (closes#6040, closes#5695)
[HttpFoundation] added some tests for the previous merge and removed dead code (closes#6037)
Improved Cache-Control header when no-cache is sent
removed unneeded comment
Fix to allow null values in labels array
fix date in changelog
removed the Travis icon (as this is not stable enough -- many false positive, closes#6186)
Revert "merged branch gajdaw/finder_splfileinfo_fpassthu (PR #4751)" (closes#6224)
Fixed a typo
Fixed: HeaderBag::parseCacheControl() not parsing quoted zero correctly
[Form] Fix const inside an anonymous function
[Config] Loader::import must return imported data
[DoctrineBridge] Fixed caching in DoctrineType when "choices" or "preferred_choices" is passed
[Form] Fixed the default value of "format" in DateType to DateType::DEFAULT_FORMAT if "widget" is not "single_text"
[HttpFoundation] fixed a small regression
Conflicts:
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php
* 2.0:
fixed CS
removed the Travis icon (as this is not stable enough -- many false positive, closes#6186)
[Config] Loader::import must return imported data
[HttpFoundation] fixed a small regression
Conflicts:
README.md
src/Symfony/Bridge/Twig/Extension/FormExtension.php
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/attributes.html.php
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/form_widget.html.php
src/Symfony/Bundle/FrameworkBundle/Templating/Helper/FormHelper.php
src/Symfony/Component/Form/Form.php
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpFoundation/SessionStorage/PdoSessionStorage.php
tests/Symfony/Tests/Bridge/Doctrine/Logger/DbalLoggerTest.php
* 2.1:
[HttpFoundation] changed UploadedFile::move() to use move_uploaded_file() when possible (closes#5878, closes#6185)
[HttpFoundation] added a check for the host header value
[DoctrineBridge] Improved performance of the EntityType when used with the "query_builder" option
[DoctrineBridge] Improved exception message
[DoctrineBridge] Fixed: Exception is thrown if the entity class is not known to Doctrine
Removed useless branch alias for dev-master in composer.json
Conflicts:
composer.json
src/Symfony/Bridge/Doctrine/composer.json
src/Symfony/Bridge/Monolog/composer.json
src/Symfony/Bridge/Propel1/composer.json
src/Symfony/Bridge/Swiftmailer/composer.json
src/Symfony/Bridge/Twig/composer.json
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Bundle/SecurityBundle/composer.json
src/Symfony/Bundle/TwigBundle/composer.json
src/Symfony/Bundle/WebProfilerBundle/composer.json
src/Symfony/Component/BrowserKit/composer.json
src/Symfony/Component/ClassLoader/composer.json
src/Symfony/Component/Config/composer.json
src/Symfony/Component/Console/composer.json
src/Symfony/Component/CssSelector/composer.json
src/Symfony/Component/DependencyInjection/composer.json
src/Symfony/Component/DomCrawler/composer.json
src/Symfony/Component/EventDispatcher/composer.json
src/Symfony/Component/Filesystem/composer.json
src/Symfony/Component/Finder/composer.json
src/Symfony/Component/Form/composer.json
src/Symfony/Component/HttpFoundation/composer.json
src/Symfony/Component/HttpKernel/composer.json
src/Symfony/Component/Locale/composer.json
src/Symfony/Component/OptionsResolver/composer.json
src/Symfony/Component/Process/composer.json
src/Symfony/Component/Routing/composer.json
src/Symfony/Component/Security/composer.json
src/Symfony/Component/Serializer/composer.json
src/Symfony/Component/Templating/composer.json
src/Symfony/Component/Translation/composer.json
src/Symfony/Component/Validator/composer.json
src/Symfony/Component/Yaml/composer.json
* 2.0:
[HttpFoundation] changed UploadedFile::move() to use move_uploaded_file() when possible (closes#5878, closes#6185)
[HttpFoundation] added a check for the host header value
Conflicts:
src/Symfony/Component/HttpFoundation/File/File.php
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
This PR was merged into the 2.0 branch.
Commits
-------
0489799 [HttpFoundation] added a check for the host header value
Discussion
----------
[HttpFoundation] added a check for the host header value
alternative for #3865
* 2.1:
[TwigBundle] Moved the registration of the app global to the environment
needs to use simpleContent in xsd to allow empty elements
bumped Symfony version to 2.1.5-DEV
bumped Symfony version to 2.0.19-DEV
removed wrong routing xsd statement `mixed="true"`
removed unused attribute from routing.xsd
[HttpFoundation] added a small comment about the meaning of Request::hasSession() as this is a recurrent question (refs #4541)
updated VERSION for 2.1.4
updated CHANGELOG for 2.1.4
updated VERSION for 2.0.19
update CONTRIBUTORS for 2.0.19
updated CHANGELOG for 2.0.19
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Routing/Loader/schema/routing/routing-1.0.xsd
* 2.1:
replaced magic strings by proper constants
refactored tests for Request
fixed the logic in Request::isSecure() (if the information comes from a source that we trust, don't check other ones)
added a way to configure the X-Forwarded-XXX header names and a way to disable trusting them
fixed algorithm used to determine the trusted client IP
removed the non-standard Client-IP HTTP header
Conflicts:
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
* 2.0:
replaced magic strings by proper constants
refactored tests for Request
fixed the logic in Request::isSecure() (if the information comes from a source that we trust, don't check other ones)
added a way to configure the X-Forwarded-XXX header names and a way to disable trusting them
fixed algorithm used to determine the trusted client IP
removed the non-standard Client-IP HTTP header
Conflicts:
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php