* 2.0:
replaced magic strings by proper constants
refactored tests for Request
fixed the logic in Request::isSecure() (if the information comes from a source that we trust, don't check other ones)
added a way to configure the X-Forwarded-XXX header names and a way to disable trusting them
fixed algorithm used to determine the trusted client IP
removed the non-standard Client-IP HTTP header
Conflicts:
src/Symfony/Component/HttpFoundation/Request.php
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
* 2.0:
[DependencyInjection] fixed composer.json
[Form] Updated checks for the ICU version from 4.5+ to 4.7+ due to test failures with ICU 4.6
fixed CS
small fix of #5984 when the container param is not set
fixed CS
Use better default ports in urlRedirectAction
Add tests for urlRedirectAction
Update src/Symfony/Component/DomCrawler/Tests/FormTest.php
Update src/Symfony/Component/DomCrawler/Form.php
[Security] remove escape charters from username provided by Digest DigestAuthenticationListener
[Security] added test extra for digest authentication
fixed CS
[Security] Fixed digest authentication
[Security] Fixed digest authentication
[SecurityBundle] Convert Http method to uppercase in the config
Use Norm Data instead of Data
Conflicts:
src/Symfony/Bridge/Doctrine/Form/EventListener/MergeCollectionListener.php
src/Symfony/Bundle/FrameworkBundle/Controller/RedirectController.php
src/Symfony/Component/DependencyInjection/composer.json
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#6106).
Commits
-------
e628c26 [Validator] Edited some minor grammar and style errors in russian validation file
Discussion
----------
[Validator] Edited some minor grammar and style errors in russian validation file
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR:
This PR was merged into the 2.1 branch.
Commits
-------
06ee53b [Form] improve error message with a "hasser" hint for PropertyAccessDeniedException
Discussion
----------
[Form] improve error msg w/ a "hasser" hint for PropertyAccessDeniedException
"Hasser" support was added under the 2.1 branch of the Form component
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: no, but fails exactly the same as without this fix
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: symfony/symfony-docs#1958
This PR was merged into the 2.1 branch.
Commits
-------
7cba683 Updated Bulgarian translation
Discussion
----------
[Validator][Form] Updated Bulgarian translation
Added Bulgarian translation for form component.
Updated Bulgarian translation for validator messages.
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: [](https://travis-ci.org/RoumenMe/symfony)
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
This PR was merged into the 2.0 branch.
Commits
-------
ac77c5b [Form] Updated checks for the ICU version from 4.5+ to 4.7+ due to test failures with ICU 4.6
Discussion
----------
[Form] Updated checks for the ICU version from 4.5+ to 4.7+
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: no, but fails exactly the same as without this fix
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: symfony/symfony-docs#1958
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#5028).
Commits
-------
5bfe757 Update src/Symfony/Component/Form/Extension/Core/Type/FileType.php
Discussion
----------
Update src/Symfony/Component/Form/Extension/Core/Type/FileType.php
fixed https://github.com/dustin10/VichUploaderBundle/issues/27
---------------------------------------------------------------------------
by bschussek at 2012-07-24T12:44:11Z
Thank you for the PR! Could you please add a test case?
---------------------------------------------------------------------------
by stfalcon at 2012-07-25T13:53:24Z
> Could you please add a test case?
And what to check? I added one static option :)
---------------------------------------------------------------------------
by bschussek at 2012-07-25T14:22:40Z
Whatever was the reason for adding the option ;) The test should fail when the option is not added and succeed when the option is there.
Probably it is sufficient to create a new field of type "file" in the test which comes prefilled with a `File` object.
```
$file = $this->getMock('Symfony\Component\HttpFoundation\File\File');
$this->factory->create('file', $file)
```
---------------------------------------------------------------------------
by stfalcon at 2012-11-15T12:32:01Z
sorry, it's bug in VichUploaderBundle
---------------------------------------------------------------------------
by stfalcon at 2012-11-21T17:00:59Z
or not :)
---------------------------------------------------------------------------
by stfalcon at 2012-11-22T19:47:34Z
@bschussek done! it was really a bug with FileType
---------------------------------------------------------------------------
by stfalcon at 2012-11-22T22:15:18Z
@stof who can merge it? I want close this bug https://github.com/dustin10/VichUploaderBundle/issues/27 :)
---------------------------------------------------------------------------
by stof at 2012-11-23T02:15:46Z
@stfalcon the rule is that only @fabpot merges PRs on symfony.
---------------------------------------------------------------------------
by stfalcon at 2012-11-23T10:12:05Z
@fabpot do you have a minute :)? it's simple PR but many people wait for it
This PR was merged into the 2.1 branch.
Commits
-------
82334d2 Force loader to be null or a EntityLoaderInterface
Discussion
----------
Force loader to be null or a EntityLoaderInterface
This PR was merged into the 2.0 branch.
Commits
-------
2d9a6fc Use Norm Data instead of Data
Discussion
----------
[Form] Use Norm Data instead of App Data
This listener is triggered when normalized data are binded.
We have to use $event->getForm()->getNormData() instead of $event->getForm()->getData().
I have made a new FormType having 'entity' as parent and having a NormTransformer. I encountered a problem in MergeCollectionListener when the request is binded.
My commit fix it.
This PR was merged into the 2.1 branch.
Commits
-------
84635bd [Form] allowed no type guesser to be registered
Discussion
----------
[Form] made the factory builder pass null when no type guesser registered
reopened#5422 against 2.1 as it's a bug fix
---------------------------------------------------------------------------
by stof at 2012-10-13T21:23:34Z
@fabpot anything left for this PR ?
---------------------------------------------------------------------------
by fabpot at 2012-10-14T09:41:29Z
@bamarni Can you add some unit tests and also update the FormExtensionInterface interface phpdoc as `getTypeGuesser` can now return `null`? Thanks. ping @bschussek
---------------------------------------------------------------------------
by bamarni at 2012-10-14T17:10:27Z
I've added a few tests covering this.
@fabpot : the phpdoc is already correct, it currently can return null, this only occurs with this convenient class.
---------------------------------------------------------------------------
by bschussek at 2012-10-16T07:43:41Z
This PR breaks FormFactory::createBuilderForProperty(), which expects a guesser to be present. Can you check the component for other uses of the guesser and add a null-check there?
---------------------------------------------------------------------------
by bamarni at 2012-10-16T10:57:54Z
I cannot find other places than the factory (searching for 'getTypeGuesser').
---------------------------------------------------------------------------
by bschussek at 2012-11-08T16:58:37Z
You should also adapt `FormRegistry::getTypeGuesser()` not to build a `FormTypeGuesserChain` if the array of guessers is empty. In that case it will return now `null` (adapt the doc block). We also need a different was of checking if the type guessers have already been parsed in FormRegistry. Otherwise the first if condition in `FormRegistry::getTypeGuesser()` will never become false. You could for example initialize the property `$guesser` to `false` and only set it to `null` after the first run of `getTypeGuesser()`.
---------------------------------------------------------------------------
by bamarni at 2012-11-08T18:40:00Z
good catch I had missed it! I've applied your suggestion in the latest commit. Do you see anything else before I squash?
---------------------------------------------------------------------------
by bschussek at 2012-11-08T18:45:15Z
A test for `FormRegistry::getTypeGuesser()` would of course be awesome.
---------------------------------------------------------------------------
by bamarni at 2012-11-08T18:52:13Z
Then it was already awesome! (see https://github.com/symfony/symfony/blob/master/src/Symfony/Component/Form/Tests/FormRegistryTest.php#L252)
I've also added one for the null case if it's what you meant.
This PR was merged into the 2.0 branch.
Commits
-------
29bfa13 small fix of #5984 when the container param is not set
Discussion
----------
small fix of #5984 when the container param is not set
this can happen when the config for the router is unset, but this method does not need to depend on routing. reading an unset config would raise an exception.
---------------------------------------------------------------------------
by Tobion at 2012-11-19T20:44:31Z
Ops, I guess it's wrong. Travis will probably confirm this in a moment.
I will correct that.
---------------------------------------------------------------------------
by flojon at 2012-11-20T22:40:07Z
Yeah you changed the logic...
---------------------------------------------------------------------------
by Tobion at 2012-11-21T14:42:48Z
ok it's fixed.
This PR was squashed before being merged into the 2.1 branch (closes#6079).
Commits
-------
bbeff54 Xliff with other node than source or target are ignored
Discussion
----------
Xliff with other node than source or target are ignored
Referring to the xliff XSD, the format can allow other nodes like <note>. Check only count is dangerous if others nodes are present, and we aren't sure that nodes are the two we wan't (source and target)
And the real problem if that if there is other node in translation, the translation is silently ignored.
---------------------------------------------------------------------------
by stloyd at 2012-11-20T17:44:47Z
You should add test that covers this, as well as #6078 should be closed (branch `2.1` is merged from time to time to `master`).
---------------------------------------------------------------------------
by xkobal at 2012-11-21T11:13:32Z
I have added a new node to xliff fixtures and edit test to be sure node isn't ignored.
this can happen when the config for the router is unset, but this method
does not need to depend on routing. reading an unset config would raise an exception.
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#6073).
Commits
-------
c1c822b Filesystem Component mirror symlinked directory fix
Discussion
----------
Filesystem Component mirror symlinked directory fix
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets:#6070
Todo:
License of the code: MIT
Documentation PR:
Because of the order in which file types (i.e. dir, link, file) are checked in the Filesystem component, symlinked directories get treated as directories instead of symlinks. As a result symlinked directories are not truly mirrored when performing a php app/console assets:install. This PR checks that a file is a symlink BEFORE checking that its a directory and properly symlinks as necessary.
This PR was merged into the 2.1 branch.
Commits
-------
915dd30 info about session namespace
4b21d18 fix upgrade info about locale
Discussion
----------
fix upgrade info about locale
it duplicated the header and had an irrelevant point inbetween
I also added an entry about session namespace.
This PR was merged into the 2.1 branch.
Commits
-------
0f4d8af [Process][Tests] fixed chainedCommandsOutput tests
Discussion
----------
[Process][Tests] fixed chainedCommandsOutput tests
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes (previously no)
Fixes the following tickets: -
Todo: -
License of the code: MIT
Currently, if you run the Process Component tests on an OS where echo does not support the -n option (like MacOS X), they will fail.
This PR fix that by using only a simple echo which is universal.
This PR was merged into the 2.0 branch.
Commits
-------
64b54dc Use better default ports in urlRedirectAction
64216f2 Add tests for urlRedirectAction
Discussion
----------
Default to current port in urlRedirectAction
I was a bit surprised when I used urlRedirectAction from a non-standard port (8000) it redirected me to port 80. I would argue that the default should be to use the current port instead. This is a simple patch to change that. This should only break in the case someone is relying on the current default to redirect from a non-standard port to the standard port, which should be a really rare case...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T20:29:54Z
The idea is right but the implementation not. Seems this patch is not as "simple" as you said.
When you're on HTTPS and want to redirect to $scheme = HTTP, then it still uses the current HTTPS port which is wrong.
---------------------------------------------------------------------------
by flojon at 2012-11-11T20:36:47Z
Ah, I see the problem. So I guess the correct behavior would be to use the current port if staying with the same scheme or go to standard port if switching scheme. Unless the user has specified a port which will always override...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T20:42:18Z
That would be the best solution that is currently possible but not the best solution that should be possible.
Because if you switch scheme but the other scheme does not use the standard port, it still doesn't work.
Ideally the Request class had an option that allows to define the ports symfony should use for HTTP and HTTPS.
This logic is in RequestContext, but it's not used here.
---------------------------------------------------------------------------
by flojon at 2012-11-11T21:32:55Z
Bummer, I forgot to check if the current port is a standard port...
---------------------------------------------------------------------------
by Tobion at 2012-11-11T21:35:13Z
add some tests
---------------------------------------------------------------------------
by flojon at 2012-11-11T23:28:18Z
Added tests and fixed my previous error
---------------------------------------------------------------------------
by flojon at 2012-11-15T18:25:12Z
@Tobion is there anything else I needed for this?
---------------------------------------------------------------------------
by fabpot at 2012-11-19T12:56:04Z
To be consistent with how we manage HTTP ports elsewhere, I'd rather use the values of the `request_listener.http_port` and `request_listener.https_port`:
```php
if (null === $httpPort) {
$httpPort = $this->container->getParameter('request_listener.http_port');
}
if (null === $httpsPort) {
$httpsPort = $this->container->getParameter('request_listener.https_port');
}
```
This is done in the `security.authentication.retry_entry_point` service and for the `router_listener` listener.
The parameter name is probably not the best one, but that could be changed then in master.
---------------------------------------------------------------------------
by flojon at 2012-11-19T13:49:18Z
@fabpot But then you would need to set that parameter manually right? It wouldn't automatically redirect you to the same port, which was what I wanted to achieve...
Could this be the right order of preference:
If a value was specified in the route use that.
Otherwise use the current port
unless switching scheme then use the parameter value
---------------------------------------------------------------------------
by fabpot at 2012-11-19T13:52:17Z
Your order of preference looks good to me.
---------------------------------------------------------------------------
by flojon at 2012-11-19T19:13:19Z
Man this was more involved than I thought... :)
Changed the logic to use the parameters when not using the current port. Also tried clean up the tests a little bit... Enjoy!
This PR was merged into the 2.0 branch.
Commits
-------
f2cbea3 [Security] remove escape charters from username provided by Digest DigestAuthenticationListener
80f6992 [Security] added test extra for digest authentication
d66b03c fixed CS
694697d [Security] Fixed digest authentication
c067586 [Security] Fixed digest authentication
Discussion
----------
Fix digest authentication
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets:
Todo: -
License of the code: MIT
Documentation PR: -
Replaces: #5485
This adds the missing fixes.
My only concerns is the ```\"``` removing.
```\"``` is only needed for the HTTP transport, but keeping them would require to also store the username with the escapes as well.
---------------------------------------------------------------------------
by fabpot at 2012-10-30T11:25:28Z
The digest authentication mechanism is not that widespread due to its limitation. And the transport is not HTTP, I think we are talking about very few cases.
---------------------------------------------------------------------------
by sstok at 2012-10-30T12:49:14Z
Apache seems to remove (ignore) escape characters.
```c
if (auth_line[0] == '=') {
auth_line++;
while (apr_isspace(auth_line[0])) {
auth_line++;
}
vv = 0;
if (auth_line[0] == '\"') { /* quoted string */
auth_line++;
while (auth_line[0] != '\"' && auth_line[0] != '\0') {
if (auth_line[0] == '\\' && auth_line[1] != '\0') {
auth_line++; /* escaped char */
}
value[vv++] = *auth_line++;
}
if (auth_line[0] != '\0') {
auth_line++;
}
}
else { /* token */
while (auth_line[0] != ',' && auth_line[0] != '\0'
&& !apr_isspace(auth_line[0])) {
value[vv++] = *auth_line++;
}
}
value[vv] = '\0';
}
```
But would this change be a BC break for people already using quotes but without a comma and thus they never hit this bug?
The change it self is minimum, just calling ```str_replace('\\\\', '\\', str_replace('\\"', '"', $value))``` when getting the username.
---------------------------------------------------------------------------
by fabpot at 2012-11-13T13:00:12Z
@sstok Doing the same as Apache seems the best option here (just document the BC break).
---------------------------------------------------------------------------
by sstok at 2012-11-15T16:05:00Z
Hopefully I did this correct, but the needed escapes seem correctly removed.
`\"` is changed to `"` `\\` is changed to `\`
`\'` it kept as it is, as this needs no correcting.
@Vincent-Simonin Can you verify please.
---------------------------------------------------------------------------
by Vincent-Simonin at 2012-11-19T09:28:18Z
Authentication didn't work with this configuration :
```
providers:
in_memory:
name: in_memory
users:
te"st: { password: test, roles: [ 'ROLE_USER' ] }
```
`te"st` was set in authentication form's user field.
(Must we also escape `"` in configuration file ?)
Tests were performed with nginx.
---------------------------------------------------------------------------
by sstok at 2012-11-19T09:33:34Z
Yes. YAML escapes using an duplicate quote, like SQL.
```yaml
providers:
in_memory:
name: in_memory
users:
"te""st": { password: test, roles: [ 'ROLE_USER' ] }
```
This PR was merged into the 2.0 branch.
Commits
-------
32dc31e [SecurityBundle] Convert Http method to uppercase in the config
Discussion
----------
[SecurityBundle] Convert Http method to uppercase in the config
This is not striclty required as method names would be converted to uppercase by the matcher after #5988.
However I think it is better to always use uppercase for http method names.
The config UT has also been improved as part of this PR.
This is good to propagate to 2.1 & 2.2 also.
This PR was submitted for the master branch but it was merged into the 2.0 branch instead (closes#6015).
Commits
-------
f61c019 Update src/Symfony/Component/DomCrawler/Tests/FormTest.php
9b3aaf2 Update src/Symfony/Component/DomCrawler/Form.php
Discussion
----------
FIX: Malformed field path ""
In case we have the name attribute empty.
---------------------------------------------------------------------------
by fabpot at 2012-11-15T06:12:35Z
Can you add a unit test for that case?
---------------------------------------------------------------------------
by bierdok at 2012-11-15T09:21:01Z
Voila.
This PR was merged into the 2.1 branch.
Commits
-------
1daefa5 [Routing] made it compatible with older PCRE version (pre 8)
Discussion
----------
[Routing] compatibility with older PCRE version (pre 8)
fixes#4093
Ok I changed my mind about this issue.
1. I figured more people are affected than I thought and CentOS is stubborn.
2. Symfony still uses the old regex style `?P<param>` in several other components. So also doing so in the routing makes it more consistent.
3. Even if it's definitely not good to use an over 6 year old PCRE version with a recent PHP version, we can still try to provide the best experience. It doesn't mean we support outdated software stacks of custom PHP compilations as we won't and cannot specifically test against it.
@fabpot: I will do a seperate PR on master when you merged this because the code changed alot in master so it cannot easily be merged I guess. I will also convert the symfony requirement for PCRE in the requirements check to a recommendation.
