* 2.8:
[HttpKernel] fixed internal subrequests having an if-modified-since-header
[Security] Fix deprecated usage of DigestAuthenticationEntryPoint::getKey() in DigestAuthenticationListener
[Validator] Added additional MasterCard range to the CardSchemeValidator
Make the exception message more clear.
[Form] fixed bug - name in ButtonBuilder
[DoctrineBridge] added missing error code for constraint.
[ClassLoader] Fix declared classes being computed when not needed
[varDumper] Fix missing usage of ExceptionCaster::$traceArgs
Conflicts:
src/Symfony/Bridge/Doctrine/Validator/Constraints/UniqueEntityValidator.php
src/Symfony/Component/ClassLoader/ClassCollectionLoader.php
* 2.7:
[HttpKernel] fixed internal subrequests having an if-modified-since-header
[Validator] Added additional MasterCard range to the CardSchemeValidator
Make the exception message more clear.
[Form] fixed bug - name in ButtonBuilder
[ClassLoader] Fix declared classes being computed when not needed
* 3.0:
[travis] Fix deps=low/high builds
fixed CS
skip test with current phpunit bridge
Fix for #19183 to add support for new PHP MongoDB extension in sessions.
[Console] Fix for block() padding formatting after #19189
[Security][Guard] check if session exist before using it
bumped Symfony version to 3.0.9
updated VERSION for 3.0.8
updated CHANGELOG for 3.0.8
bumped Symfony version to 2.8.9
updated VERSION for 2.8.8
updated CHANGELOG for 2.8.8
bumped Symfony version to 2.7.16
updated VERSION for 2.7.15
update CONTRIBUTORS for 2.7.15
updated CHANGELOG for 2.7.15
Fix some lowest deps
Fixed typos in the expectedException annotations
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Guard/Authenticator/AbstractFormLoginAuthenticator.php
* 3.0:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
* 2.8:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
* 2.7:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
* 3.0:
[BrowserKit] Bump dom-crawler minimum version requirement
Make one call to "OutputInterface::write" method per table row
[HttpKernel] Fix context dependent test
[Debug] Fix context dependent test
* 2.8:
[BrowserKit] Bump dom-crawler minimum version requirement
Make one call to "OutputInterface::write" method per table row
[HttpKernel] Fix context dependent test
[Debug] Fix context dependent test
* 2.7:
[BrowserKit] Bump dom-crawler minimum version requirement
Make one call to "OutputInterface::write" method per table row
[HttpKernel] Fix context dependent test
[Debug] Fix context dependent test
* 3.0:
[travis] Don't use parallel on HHVM
[appveyor] Ignore STATUS_HEAP_CORRUPTION errors on Windows
Skip some tests on HHVM due to a PHPunit bug
Use the Trusty Travis infrastructure for HHVM builds
Add 3.1 to PR template branch row, remove 2.3
Improve memory efficiency
document method name changes in Voter class
Conflicts:
.travis.yml
* 2.8:
[travis] Don't use parallel on HHVM
[appveyor] Ignore STATUS_HEAP_CORRUPTION errors on Windows
Skip some tests on HHVM due to a PHPunit bug
Use the Trusty Travis infrastructure for HHVM builds
Add 3.1 to PR template branch row, remove 2.3
Improve memory efficiency
document method name changes in Voter class
Conflicts:
.travis.yml
UPGRADE-3.0.md
src/Symfony/Component/HttpKernel/Tests/DataCollector/DumpDataCollectorTest.php
* 2.7:
[travis] Don't use parallel on HHVM
[appveyor] Ignore STATUS_HEAP_CORRUPTION errors on Windows
Skip some tests on HHVM due to a PHPunit bug
Use the Trusty Travis infrastructure for HHVM builds
Add 3.1 to PR template branch row, remove 2.3
Improve memory efficiency
While debugging some functional tests I was looking at the test.log. It would have been quite useful to know if the request was a POST or GET. This adds to the log details.
closes#17501.
The profiler stores the current request attributes in a
current session when a `RedirectionResponse` is returned.
So the next request profile will inherit the previous request
attributes.
The main profiler layout displays a shortcut to a previous
redirection profile, along with some useful informations.
The web debug toolbar shows a notifying icon, meaning a shortcut
to a redirection profile is available in the request toolbar panel.
* 3.0:
[Validator] Test DNS Url constraints using checkdnsrr() mock
Improved the PHPdoc of FileSystem::copy()
[Validator] Test DNS Email constraints using checkdnsrr() mock
[travis] Run real php subprocesses on hhvm for Process component tests
bug #18161 [Translation] Add support for fuzzy tags in PoFileLoader
[Form] Fix NumberToLocalizedStringTransformer::reverseTransform with big integers
[Form] Fix INT64 cast to float in IntegerType.
[SecurityBundle][PHPDoc] Added method doumentation for SecurityFactoryInterface
FrameworkBundle: Client: getContainer(): fixed phpdoc
[Validator] Updating inaccurate docblock comment
Conflicts:
phpunit.xml.dist
* 2.8:
[Validator] Test DNS Url constraints using checkdnsrr() mock
Improved the PHPdoc of FileSystem::copy()
[Validator] Test DNS Email constraints using checkdnsrr() mock
[travis] Run real php subprocesses on hhvm for Process component tests
bug #18161 [Translation] Add support for fuzzy tags in PoFileLoader
[Form] Fix NumberToLocalizedStringTransformer::reverseTransform with big integers
[Form] Fix INT64 cast to float in IntegerType.
[SecurityBundle][PHPDoc] Added method doumentation for SecurityFactoryInterface
FrameworkBundle: Client: getContainer(): fixed phpdoc
[Validator] Updating inaccurate docblock comment
Conflicts:
.travis.yml
* 2.7:
[Validator] Test DNS Url constraints using checkdnsrr() mock
Improved the PHPdoc of FileSystem::copy()
[Validator] Test DNS Email constraints using checkdnsrr() mock
[travis] Run real php subprocesses on hhvm for Process component tests
bug #18161 [Translation] Add support for fuzzy tags in PoFileLoader
[Form] Fix NumberToLocalizedStringTransformer::reverseTransform with big integers
[Form] Fix INT64 cast to float in IntegerType.
[SecurityBundle][PHPDoc] Added method doumentation for SecurityFactoryInterface
FrameworkBundle: Client: getContainer(): fixed phpdoc
[Validator] Updating inaccurate docblock comment
* 2.3:
Improved the PHPdoc of FileSystem::copy()
[Validator] Test DNS Email constraints using checkdnsrr() mock
[travis] Run real php subprocesses on hhvm for Process component tests
bug #18161 [Translation] Add support for fuzzy tags in PoFileLoader
[Form] Fix NumberToLocalizedStringTransformer::reverseTransform with big integers
[Form] Fix INT64 cast to float in IntegerType.
[SecurityBundle][PHPDoc] Added method doumentation for SecurityFactoryInterface
FrameworkBundle: Client: getContainer(): fixed phpdoc
[Validator] Updating inaccurate docblock comment
Conflicts:
.travis.yml
src/Symfony/Component/Validator/Tests/Constraints/EmailValidatorTest.php
* 3.0:
[PhpUnitBridge] Revert 7f62133939
bumped Symfony version to 2.3.40
Fix leftover conflict marker in UPGRADE-3.0.md
set s-maxage only if all responses are cacheable
updated VERSION for 2.3.39
update CONTRIBUTORS for 2.3.39
updated CHANGELOG for 2.3.39
Improved the "branch" row of the PR table
[Debug] Replaced logic for detecting filesystem case sensitivity
[Process] Wait a bit less on Windows
Use debug member variable
Autowiring the concrete class too - consistent with behavior of other services
Fix typos #18090 1. PHPs session design to PHP's session design 2. Symfony HttpKernel offers to Symfony's HttpKernel offers 3. in which case it it should to in which case it should
Fix for Isssue #18091
replace perfom by perform
minor #18088 Fix typo for profiler
[Validator] Fixing inaccurate typehint in docblock
[ci] remove token for composer now that rate limiting is off
* 2.8:
[PhpUnitBridge] Revert 7f62133939
bumped Symfony version to 2.3.40
set s-maxage only if all responses are cacheable
updated VERSION for 2.3.39
update CONTRIBUTORS for 2.3.39
updated CHANGELOG for 2.3.39
Improved the "branch" row of the PR table
[Debug] Replaced logic for detecting filesystem case sensitivity
[Process] Wait a bit less on Windows
Use debug member variable
Autowiring the concrete class too - consistent with behavior of other services
Fix typos #18090 1. PHPs session design to PHP's session design 2. Symfony HttpKernel offers to Symfony's HttpKernel offers 3. in which case it it should to in which case it should
Fix for Isssue #18091
replace perfom by perform
minor #18088 Fix typo for profiler
[Validator] Fixing inaccurate typehint in docblock
[ci] remove token for composer now that rate limiting is off
Conflicts:
CHANGELOG-2.3.md
src/Symfony/Bridge/PhpUnit/composer.json
* 2.7:
[PhpUnitBridge] Revert 7f62133939
bumped Symfony version to 2.3.40
set s-maxage only if all responses are cacheable
updated VERSION for 2.3.39
update CONTRIBUTORS for 2.3.39
updated CHANGELOG for 2.3.39
Improved the "branch" row of the PR table
[Debug] Replaced logic for detecting filesystem case sensitivity
[Process] Wait a bit less on Windows
Use debug member variable
Fix typos #18090 1. PHPs session design to PHP's session design 2. Symfony HttpKernel offers to Symfony's HttpKernel offers 3. in which case it it should to in which case it should
Fix for Isssue #18091
replace perfom by perform
minor #18088 Fix typo for profiler
[ci] remove token for composer now that rate limiting is off
Conflicts:
src/Symfony/Bridge/PhpUnit/composer.json
* 2.3:
bumped Symfony version to 2.3.40
set s-maxage only if all responses are cacheable
updated VERSION for 2.3.39
update CONTRIBUTORS for 2.3.39
updated CHANGELOG for 2.3.39
Improved the "branch" row of the PR table
Fix typos #18090 1. PHPs session design to PHP's session design 2. Symfony HttpKernel offers to Symfony's HttpKernel offers 3. in which case it it should to in which case it should
Fix for Isssue #18091
replace perfom by perform
minor #18088 Fix typo for profiler
* 3.0:
Updated all the README files
[TwigBundle] Fix failing test on appveyor
Improved the error message when using "@" in a decorated service
Improve error reporting in router panel of web profiler
[DoctrineBridge][Form] Fix performance regression in EntityType
[FrameworkBundle] Fix a regression in handling absolute and namespaced template paths
Allow to normalize \Traversable
minor [Form] fix tests added by #16886
Remove _path from query parameters when fragment is a subrequest and request attributes are already set Added tests for _path removal in FragmentListener
Simplified everything
Added a test
Fixed the problem in an easier way
Fixed a syntax issue
Improved the error message when a template is not found
[CodingStandards] Conformed to coding standards
[TwigBundle] fixed Include file locations in "Template could not be found" exception
* 2.8:
Updated all the README files
[TwigBundle] Fix failing test on appveyor
Improved the error message when using "@" in a decorated service
Improve error reporting in router panel of web profiler
[DoctrineBridge][Form] Fix performance regression in EntityType
[FrameworkBundle] Fix a regression in handling absolute and namespaced template paths
Allow to normalize \Traversable
minor [Form] fix tests added by #16886
Remove _path from query parameters when fragment is a subrequest and request attributes are already set Added tests for _path removal in FragmentListener
Simplified everything
Added a test
Fixed the problem in an easier way
Fixed a syntax issue
Improved the error message when a template is not found
[CodingStandards] Conformed to coding standards
[TwigBundle] fixed Include file locations in "Template could not be found" exception
* 2.7:
Updated all the README files
[TwigBundle] Fix failing test on appveyor
Improved the error message when using "@" in a decorated service
Improve error reporting in router panel of web profiler
[DoctrineBridge][Form] Fix performance regression in EntityType
[FrameworkBundle] Fix a regression in handling absolute and namespaced template paths
Allow to normalize \Traversable
minor [Form] fix tests added by #16886
Remove _path from query parameters when fragment is a subrequest and request attributes are already set Added tests for _path removal in FragmentListener
Simplified everything
Added a test
Fixed the problem in an easier way
Fixed a syntax issue
Improved the error message when a template is not found
[CodingStandards] Conformed to coding standards
[TwigBundle] fixed Include file locations in "Template could not be found" exception
* 2.3:
Updated all the README files
[TwigBundle] Fix failing test on appveyor
[FrameworkBundle] Fix a regression in handling absolute and namespaced template paths
Allow to normalize \Traversable
Remove _path from query parameters when fragment is a subrequest and request attributes are already set Added tests for _path removal in FragmentListener
Simplified everything
Added a test
Fixed the problem in an easier way
Fixed a syntax issue
Improved the error message when a template is not found
[CodingStandards] Conformed to coding standards
[TwigBundle] fixed Include file locations in "Template could not be found" exception
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpKernel] Remove _path from query parameters when fragment is a subrequest
| Q | A
| ------------- | ---
| Bug fix? | Yes
| New feature? | No
| BC breaks? | No
| Deprecations? | No
| Tests pass? | Yes
| Fixed tickets |
| License | MIT
| Doc PR |
Prior to 2.3.29, all requests to the ESI fragment path ("/_fragment" by default) would have the "_path" query parameter removed. This held true whether an external proxy (such as Varnish) handled the request as true ESI, or whether the Symfony kernel was mocking ESI behavior and inlining the subrequest.
Once the "_controller" check was added in 2.3.29, the "_path" query parameter was only removed on master requests (such as those coming from an external proxy) and not subrequests, leading to differing behavior in production and development settings.
Commits
-------
c374420 Remove _path from query parameters when fragment is a subrequest and request attributes are already set Added tests for _path removal in FragmentListener
* 3.0:
fix debug toolbar rendering by removing inadvertently added links
[Form] minor fix tests of Bootstrap layout
[From] minor fix tests added by #17798 for bootstrap theme
simplified code
Allow variadic controller parameters to be resolved.
* 2.8:
fix debug toolbar rendering by removing inadvertently added links
[Form] minor fix tests of Bootstrap layout
[From] minor fix tests added by #17798 for bootstrap theme
simplified code
Allow variadic controller parameters to be resolved.
* 3.0: (21 commits)
fixed typo
fixed typo
Fixed a minor XML issue in a translation file
Fix merge
Fix merge
Fix merge
Fix merge
Update twig.html.twig
PhpUnitNoDedicateAssertFixer results
disable the assets helper when assets are disabled
Improve Norwegian translations
[2.7] [FrameworkBundle] minor fix tests added by #17569
Fixed the antialiasing of the toolbar text
Simplify markdown for PR template
fixed CS
fixed CS
documented the $url parameter better
[Form] add test for ArrayChoiceList handling null
[Form] fix edge cases with choice placeholder
register commands from kernel when accessing list
...
* 2.8:
fixed typo
fixed typo
Fixed a minor XML issue in a translation file
Fix merge
Fix merge
Fix merge
Fix merge
Update twig.html.twig
PhpUnitNoDedicateAssertFixer results
Improve Norwegian translations
[2.7] [FrameworkBundle] minor fix tests added by #17569
Fixed the antialiasing of the toolbar text
Simplify markdown for PR template
fixed CS
fixed CS
documented the $url parameter better
[Form] add test for ArrayChoiceList handling null
[Form] fix edge cases with choice placeholder
register commands from kernel when accessing list
Update FileSystem
* 3.0:
The exception should be thrown if an object doesn't implement Traversable AND doesn't implement Countable, not when it doesn't implement Traversable but DOES implement Countable
[Form] fix violation mapper tests
[HttpKernel] Prevent a fatal error when DebugHandlersListener is used with a kernel with no terminateWithException() method
don't rely on deprecated YAML parser feature
* 2.8:
The exception should be thrown if an object doesn't implement Traversable AND doesn't implement Countable, not when it doesn't implement Traversable but DOES implement Countable
[Form] fix violation mapper tests
[HttpKernel] Prevent a fatal error when DebugHandlersListener is used with a kernel with no terminateWithException() method
don't rely on deprecated YAML parser feature
* 2.7:
The exception should be thrown if an object doesn't implement Traversable AND doesn't implement Countable, not when it doesn't implement Traversable but DOES implement Countable
[Form] fix violation mapper tests
[HttpKernel] Prevent a fatal error when DebugHandlersListener is used with a kernel with no terminateWithException() method
don't rely on deprecated YAML parser feature
* 3.0:
[VarDumper] Fix tests on PHP 7
[DomCrawler] Clarify the value returned by getPhpFiles()
[DependencyInjection] Fix#16461 Let Container::set() replace existing aliases
avoid (string) catchable fatal error for instances of __PHP_Incomplete_Class
remove unnecessary retrieval and setting of data
Update validators.fr.xlf
avoid (string) catchable fatal error for __PHP_Incomplete_Class instances
sendContent return as parent.
[DomCrawler] Remove the overridden getHash() method to prevent problems when cloning the crawler
[FrameworkBundle] Fix a typo
Added more exceptions to singularify method
Add width attribute on SVG
[FrameworkBundle] Support autowiring for TranslationInterface
[Validator] remove obsolete context and PropertyAccess code
[WebProfiler] Fixed styles for search block and menu profiler for IE Edge
* 2.8:
[VarDumper] Fix tests on PHP 7
[DomCrawler] Clarify the value returned by getPhpFiles()
[DependencyInjection] Fix#16461 Let Container::set() replace existing aliases
avoid (string) catchable fatal error for instances of __PHP_Incomplete_Class
remove unnecessary retrieval and setting of data
Update validators.fr.xlf
avoid (string) catchable fatal error for __PHP_Incomplete_Class instances
sendContent return as parent.
[DomCrawler] Remove the overridden getHash() method to prevent problems when cloning the crawler
[FrameworkBundle] Fix a typo
Added more exceptions to singularify method
Add width attribute on SVG
[FrameworkBundle] Support autowiring for TranslationInterface
[WebProfiler] Fixed styles for search block and menu profiler for IE Edge
Conflicts:
src/Symfony/Component/DependencyInjection/Tests/ContainerTest.php
src/Symfony/Component/DomCrawler/Crawler.php
* 2.7:
[VarDumper] Fix tests on PHP 7
[DomCrawler] Clarify the value returned by getPhpFiles()
[DependencyInjection] Fix#16461 Let Container::set() replace existing aliases
avoid (string) catchable fatal error for instances of __PHP_Incomplete_Class
remove unnecessary retrieval and setting of data
avoid (string) catchable fatal error for __PHP_Incomplete_Class instances
sendContent return as parent.
[FrameworkBundle] Fix a typo
Added more exceptions to singularify method
* 3.0: (36 commits)
Fixed form types in profiler
[Process] Use stream based storage to avoid memory issues
Fix upgrade guides concerning erroneous removal of assets helper
[Process] Remove a misleading comment
Fix markdown typo
ChooseBaseUrl should return an index
[Form] ChoiceType: Fix a notice when 'choices' normalizer is replaced
Improve the phpdoc of SplFileInfo methods
[Process] Use stream based storage to avoid memory issues
[FrameworkBundle] Don't log twice with the error handler
synchronize 2.8 and 3.0 upgrade files
Remove useless is_object condition
[Process] Fix typo, no arguments needed anymore
[Serializer] Introduce constants for context keys
Fixed the documentation of VoterInterface::supportsAttribute
Fixed Bootstrap form theme form "reset" buttons
Fixed the form profiler when using long form types
[PropertyInfo] PhpDocExtractor: Fix a notice when the property doesn't exist
Remove useless duplicated tests
[FrameworkBundle] Optimize framework extension tests
...
* 2.8: (48 commits)
[Process] Use stream based storage to avoid memory issues
Fix upgrade guides concerning erroneous removal of assets helper
[Process] Remove a misleading comment
Fix markdown typo
ChooseBaseUrl should return an index
[Form] ChoiceType: Fix a notice when 'choices' normalizer is replaced
Improve the phpdoc of SplFileInfo methods
[Process] Use stream based storage to avoid memory issues
[FrameworkBundle] Don't log twice with the error handler
synchronize 2.8 and 3.0 upgrade files
Remove useless is_object condition
[Process] Fix typo, no arguments needed anymore
[Serializer] Introduce constants for context keys
Fixed the documentation of VoterInterface::supportsAttribute
Fixed Bootstrap form theme form "reset" buttons
Fixed the form profiler when using long form types
[PropertyInfo] PhpDocExtractor: Fix a notice when the property doesn't exist
Remove useless duplicated tests
[FrameworkBundle] Optimize framework extension tests
synchronize 2.7 and 3.0 upgrade files
...
* 2.7: (28 commits)
[Process] Use stream based storage to avoid memory issues
Fix upgrade guides concerning erroneous removal of assets helper
[Process] Remove a misleading comment
Fix markdown typo
ChooseBaseUrl should return an index
[Form] ChoiceType: Fix a notice when 'choices' normalizer is replaced
Improve the phpdoc of SplFileInfo methods
[Process] Use stream based storage to avoid memory issues
[FrameworkBundle] Don't log twice with the error handler
Remove useless is_object condition
[Process] Fix typo, no arguments needed anymore
[Serializer] Introduce constants for context keys
Fixed the documentation of VoterInterface::supportsAttribute
Fixed Bootstrap form theme form "reset" buttons
Remove useless duplicated tests
[FrameworkBundle] Optimize framework extension tests
synchronize 2.7 and 3.0 upgrade files
fix merge 2.3 into 2.7 for SecureRandom dependency
Use is_subclass_of instead of reflection
Use is_subclass_of instead of Reflection when possible
...
* 2.3:
Fixed correct class name in thrown exception
Add gc_mem_caches() call for PHP7 after itoken_get_all() as new memory manager will not release small buckets to OS automatically
Removed a duplicated test in CardSchemeValidatorTest
Fix perf and mem issue when using token_get_all
[SecurityBundle] fix SecureRandom service constructor args
Normalize params only when used.
This PR was merged into the 3.1-dev branch.
Discussion
----------
Add placeholders into log messages
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #15753
| License | MIT
| Doc PR |
Commits
-------
c92fcdb Added placeholders to all log messages instead of hardcoded values
* 2.8:
Typo fix
[WebProfiler] Fixed sf-minitoolbar height
[2.3] Static Code Analysis for Components
[Serializer] Use $context['cache_key'] to enhance caching
Fixed erroneous deprecation notice for extended Interfaces
[Routing] cs fix
Added support \IteratorAggregate for UniqueEntityValidator
Update AbstractChoiceListTest.php
Fix#17306 Paths with % in it are note allowed (like urlencoded)
Use proper class to fetch $versionStrategy property
Added sort order SORT_STRING for params in UriSigner
Remove normalizer cache in Serializer class
[Serializer] ObjectNormalizer: context can contain not serializable data
* 2.7:
Typo fix
[2.3] Static Code Analysis for Components
Added support \IteratorAggregate for UniqueEntityValidator
Update AbstractChoiceListTest.php
Fix#17306 Paths with % in it are note allowed (like urlencoded)
Use proper class to fetch $versionStrategy property
Added sort order SORT_STRING for params in UriSigner
Remove normalizer cache in Serializer class