Commits
-------
7503ec9 Issue #5307: HTML regexp when match is false
Discussion
----------
Issue #5307: HTML regexp when match is false
When match is false the html5 validation regexp should be either inverted or not added.
Since we are in RC added a fix where this is not added, but marked a @todo so that this
can be revisited and we try to inverse the regexp instead.
Discussed in #5307.
---------------------------------------------------------------------------
by bschussek at 2012-08-30T08:40:06Z
👍 once the CS issue is fixed.
---------------------------------------------------------------------------
by rdohms at 2012-08-30T09:23:57Z
Could swear that was the CS in PSR-1 or 2, anyway, fixed.
---------------------------------------------------------------------------
by fabpot at 2012-08-30T09:26:07Z
Can you squash your commits before I merge? Thanks.
---------------------------------------------------------------------------
by rdohms at 2012-08-30T09:54:26Z
@fabpot done.
When match is false the html5 validation regexp should be either inverted or not added.
Since we are in RC added a fix where this is not added, but marked a @todo so that this
can be revisited and we try to inverse the regexp instead.
Commits
-------
58ebd1b [Form] Fixed error bubbling from DateTime widget - Issue #52708ea1607 Update src/Symfony/Component/Form/Extension/Core/Type/DateTimeType.php
Discussion
----------
[Form] Fixed error bubbling from DateTime widget - Issue #5270
This is related to https://github.com/symfony/symfony/issues/5270
---------------------------------------------------------------------------
by mpiecko at 2012-08-16T19:37:45Z
Travisbot shows something like this in it's log:
[Composer\Downloader\TransportException] The "http://nodeload.github.com/phingofficial/phing/zipball/2.4.12" file could not be downloaded (HTTP/1.1 500 Internal Server Error)
So is it my PR ot Travis CI who fails ... ? I saw this error in some other PR's ...
---------------------------------------------------------------------------
by stloyd at 2012-08-16T20:40:39Z
It's GitHub =)
---------------------------------------------------------------------------
by mpiecko at 2012-08-17T09:36:31Z
Bad GitHub :)
---------------------------------------------------------------------------
by bschussek at 2012-08-17T11:21:39Z
Could you please add a test to DateTimeTypeTest?
---------------------------------------------------------------------------
by mpiecko at 2012-08-17T12:23:40Z
Sure!
---------------------------------------------------------------------------
by bschussek at 2012-08-30T08:20:08Z
👍
Commits
-------
0706d18 [Routing] fixed 4 bugs in the UrlGenerator
Discussion
----------
[Routing] UrlGenerator: fixed missing query param and some ignored requirements
This was pretty hard to figure out. I could fix 4 bugs and refactor the code to safe 2 variables and several assignments. Sorry for doing this in one commit, but they were highly interdependent.
See the added tests for what was fixed. The most obvious bug was that a query param was ignored if it had by accident the same name as a default param (but wasn't used in the path).
In 3 cases it generated the wrong URL that wouldn't match this route. The generator wrongly ignored either the requirements or the passed parameter. I had to adjust one test that was asserting something wrong (see comments).
---------------------------------------------------------------------------
by Tobion at 2012-08-13T14:22:35Z
ping @fabpot
---------------------------------------------------------------------------
by Tobion at 2012-08-29T17:53:07Z
@fabpot I think it's important to merge this before 2.1 final.
Commits
-------
f2d8a8a Refactor the unit test for the "MongoDbSessionHandler"
Discussion
----------
[HttpFoundation] Refactor the unit test for the "MongoDbSessionHandler"
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
---------------------------------------------------------------------------
by drak at 2012-08-29T19:49:49Z
Big +1 from me. Exactly how these kind of tests should be written.
Commits
-------
cf4189b Move remember me ResponseListener from security bundle into security component
Discussion
----------
Move remember me response listener from security bundle into security component
...ponent
This move allows to implement the remember me feature in Silex without having to reference the security bundle.
This is the pull request for issue #5264
Commits
-------
eb2eba1 [Form] don't allow users to force exceptions by submitting unexpected data
Discussion
----------
[Form] don't allow users to force exceptions by submitting unexpected data
fix#5334
This makes it more fault-tolerant by simply ignoring wrong stuff from hackers.
@bschussek: I didn't find any other UnexpectedTypeExceptions that could be invoked by simply submitting unexpected data. But I'm not 100% sure that there aren't any indirectly invokeable, e.g. in some listeners.
---------------------------------------------------------------------------
by stof at 2012-08-24T22:34:52Z
a test is missing for this.
---------------------------------------------------------------------------
by Tobion at 2012-08-24T23:02:26Z
@stof true, I will add one
---------------------------------------------------------------------------
by Tobion at 2012-08-25T13:51:23Z
Added test.
---------------------------------------------------------------------------
by bschussek at 2012-08-29T11:07:37Z
👍
Could you please squash the commits?
---------------------------------------------------------------------------
by Tobion at 2012-08-29T13:43:52Z
Done.
Commits
-------
7e8ab54 [Form] raise OutOfBoundsException instead of InvalidArgumentException for inexistent form childs to be in line with PropertyPath
Discussion
----------
[Form] raise OutOfBoundsException instead of InvalidArgumentException in Form::get
BC break: yes
Raise OutOfBoundsException instead of InvalidArgumentException in Form::get for inexistent form childs to be in line with PropertyPath, which also uses OutOfBoundsException for invalid indexes. OutOfBoundsException fits much better as it extends RuntimeException instead of LogicException and this error can typically not be detected at compile time.
---------------------------------------------------------------------------
by bschussek at 2012-08-29T11:01:01Z
👍
---------------------------------------------------------------------------
by stloyd at 2012-08-29T11:07:51Z
Shouldn't this change be noted in upgrade file ?
---------------------------------------------------------------------------
by stof at 2012-08-29T11:23:04Z
it should (and in the changelog of the component)
Commits
-------
e7e39e0 [Form] refactor Guess
dcbeeb1 [Form] replaced UnexpectedValueException by InvalidArgumentException in Guess
Discussion
----------
[Form] replaced UnexpectedValueException by InvalidArgumentException in Guess
BC break: yes
this is a better fit because the error is a logic exception (that can be detected at compile time, i.e. when writing the code) instead of a runtime exception
---------------------------------------------------------------------------
by bschussek at 2012-08-29T10:51:54Z
👍
Commits
-------
0186731 [Form] removed hasParent from FormInterface and deprecated its use
Discussion
----------
[Form] removed hasParent from FormInterface and deprecated its use
There are already 2 alternatives with getParent() and isRoot(), so a third one with similar semantics is confusing and unneeded.
---------------------------------------------------------------------------
by bschussek at 2012-08-29T11:11:11Z
👍
Commits
-------
492c990 [Form] optimized PropertyPathMapper to invoke the expensive property path less often
47a8bbd [Form] optimized the binding of child forms and calculation of extra data
8d45539 [Form] refactor Form::bind to save 7 assignments
Discussion
----------
[Form] refactor Form::bind to save 7 assignments and a complete loop
---------------------------------------------------------------------------
by stof at 2012-08-24T23:45:18Z
the new code is not equivalent. See travis for the proof.
---------------------------------------------------------------------------
by Tobion at 2012-08-25T01:50:41Z
@stof fixed, I had to reduce the refactoring a little
---------------------------------------------------------------------------
by bschussek at 2012-08-29T11:05:52Z
👍
Commits
-------
d5eb4f7 [Form] fix phpdoc of Form::hasErrors
5cb8264 [Form] deprecated Form::hasErrors that isn't part of the Interface
Discussion
----------
[Form] deprecated Form::hasErrors that isn't part of the Interface
This method is not part of FormInterface, so I deprecated it as it cannot be used reliably. This is consistent with other hassers that were deprecated like `hasChildren` where one should use `count` instead.
---------------------------------------------------------------------------
by stof at 2012-08-26T19:11:19Z
You should deprecate it, not remove it
---------------------------------------------------------------------------
by Tobion at 2012-08-26T19:17:35Z
oh right. I thought it was added in 2.1 and thus can be removed but it's also in 2.0.
Done.
---------------------------------------------------------------------------
by bschussek at 2012-08-29T11:00:32Z
👍
Commits
-------
0f575a2 added note about 404 error pages
Discussion
----------
added note about 404 error pages and security features
This has been reported a few times now, and it seems we did not have it in the UPGRADE file yet.
Commits
-------
3f8127c fixed '0' problem
7bec460 fixed phpdoc
4c5bfab [FrameworkBundle] non-permanent redirect should be status code 404 according to spec
Discussion
----------
[FrameworkBundle] non-permanent redirect to unknown location with 404
according to spec: http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html see 410 Gone
bc break: tiny when omitting 2 parameter (I can avoid this with `func_num_args` but i think its not necessary and makes the code strange and inconsistent)
Commits
-------
f52e6df minor correction
Discussion
----------
[Form][Validators] Portuguese translation correction
Minor portuguese translation correction and changed the source of id 30 to match the english version.
Commits
-------
8bac442 [Validator] Fix Spanish and Catalan translation messages for the CSRF token validator
Discussion
----------
[Validator] Fix Spanish and Catalan translation messages for the CSRF to...
...ken validator
* 2.0:
updated VERSION for 2.0.17
updated CHANGELOG for 2.0.17
updated vendors for 2.0.17
fixed XML decoding attack vector through external entities
prevents injection of malicious doc types
disabled network access when loading XML documents
refined previous commit
prevents injection of malicious doc types
standardized the way we handle XML errors
Redirects are now absolute
Conflicts:
CHANGELOG-2.0.md
src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php
src/Symfony/Component/DomCrawler/Crawler.php
src/Symfony/Component/HttpKernel/Kernel.php
tests/Symfony/Tests/Component/DependencyInjection/Loader/XmlFileLoaderTest.php
tests/Symfony/Tests/Component/Routing/Loader/XmlFileLoaderTest.php
tests/Symfony/Tests/Component/Serializer/Encoder/XmlEncoderTest.php
tests/Symfony/Tests/Component/Translation/Loader/XliffFileLoaderTest.php
tests/Symfony/Tests/Component/Validator/Mapping/Loader/XmlFileLoaderTest.php
vendors.php