This PR was submitted for the 2.2 branch but it was merged into the master branch instead (closes#6950).
Discussion
----------
[2.3] [FrameworkBundle] added route debug information when path matches url
the result of the command `app/console router:match /demo/hello/foo` would be:
![Schermata 02-2456326 alle 17 04 42](https://f.cloud.github.com/assets/254808/120934/a1499432-6d52-11e2-8b67-46a164c30ea0.png)
instead of just:
Route "_demo_hello" matches
Commits
-------
36098e1 [FrameworkBundle] added route debug information when path matches url
This PR was merged into the master branch.
Discussion
----------
[2.3] [FrameworkBundle] [Templating] added Stopwatch support to the PHP engine
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
I did not include tests nor documentation because there weren't any for TimedTwigEngine (I took it as an example). If I'm mistaken and they are needed, I'll gladly write them.
Commits
-------
3c3d34d [FrameworkBundle] [Templating] added Stopwatch support to the PHP engine
This PR was merged into the master branch.
Discussion
----------
[2.2] [Security] Add an option to disable the hasPreviousSession() check in AbstractAuthenticationListener
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: [![Build Status](https://secure.travis-ci.org/adrienbrault/symfony.png?branch=security-feature)](http://travis-ci.org/adrienbrault/symfony)
Fixes the following tickets: #3703
Todo: Add this option to the symfony doc security configuration reference
License of the code: MIT
Documentation PR: N/A
As stated in #3703, all authentication listeners that inherit from AbstractAuthenticationListener, only work when a previous session has been created.
This PR allows to change the default behavior in the security.yml file.
Example:
```yml
security:
firewalls:
secured_area:
pattern: ^/demo/secured/
form_login:
check_path: /demo/secured/login_check
login_path: /demo/secured/login
require_previous_session: false # The default value is true
logout:
path: /demo/secured/logout
target: /demo/
#anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
```
PS: While removing my old commit, it closed the #4774 PR ...
Commits
-------
0562463 [Security] Add an option to disable the hasPreviousSession() check in AbstractAuthenticationListener
This PR was merged into the master branch.
Discussion
----------
[2.3] [WIP] Synchronized services...
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #5300, #6756
| License | MIT
| Doc PR | symfony/symfony-docs#2343
Todo:
- [x] update documentation
- [x] find a better name than contagious (synchronized)?
refs #6932, refs #5012
This PR is a proof of concept that tries to find a solution for some problems we have with scopes and services depending on scoped services (mostly the request service in Symfony).
Basically, whenever you want to inject the Request into a service, you have two possibilities:
* put your own service into the request scope (a new service will be created whenever a sub-request is run, and the service is not available outside the request scope);
* set the request service reference as non-strict (your service is always available but the request you have depends on when the service is created the first time).
This PR addresses this issue by allowing to use the second option but you service still always has the right Request service (see below for a longer explanation on how it works).
There is another issue that this PR fixes: edge cases and weird behaviors. There are several bug reports about some weird behaviors, and most of the time, this is related to the sub-requests. That's because the Request is injected into several Symfony objects without being updated correctly when leaving the request scope. Let me explain that: when a listener for instance needs the Request object, it can listen to the `kernel.request` event and store the request somewhere. So, whenever you enter a sub-request, the listener will get the new one. But when the sub-request ends, the listener has no way to know that it needs to reset the request to the master one. In practice, that's not really an issue, but let me show you an example of this issue in practice:
* You have a controller that is called with the English locale;
* The controller (probably via a template) renders a sub-request that uses the French locale;
* After the rendering, and from the controller, you try to generate a URL. Which locale the router will use? Yes, the French locale, which is wrong.
To fix these issues, this PR introduces a new notion in the DIC: synchronized services. When a service is marked as synchronized, all method calls involving this service will be called each time this service is set. When in a scope, methods are also called to restore the previous version of the service when the scope leaves.
If you have a look at the router or the locale listener, you will see that there is now a `setRequest` method that will called whenever the request service changes (because the `Container::set()` method is called or because the service is changed by a scope change).
Commits
-------
17269e1 [DependencyInjection] fixed management of scoped services with an invalid behavior set to null
bb83b3e [HttpKernel] added a safeguard for when a fragment is rendered outside the context of a master request
5d7b835 [FrameworkBundle] added some functional tests
ff9d688 fixed Request management for FragmentHandler
1b98ad3 fixed Request management for LocaleListener
a7b2b7e fixed Request management for RequestListener
0892135 [HttpKernel] ensured that the Request is null when outside of the Request scope
2ffcfb9 [FrameworkBundle] made the Request service synchronized
ec1e7ca [DependencyInjection] added a way to automatically update scoped services
This PR was merged into the master branch.
Discussion
----------
moved the request scope creation to the ContainerAwareHttpKernel class
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | symfony/symfony-docs#2343
While updating the scope documentation, I realized that the request scope was created in the FrameworkBundle while the HttpKernel that manages it was in the HttpKernel component. So, this PR makes things more consistent.
Commits
-------
cec98c1 [DependencyInjection] fixed PHP notice when the scope is not defined
550df5a moved the request scope creation to the ContainerAwareHttpKernel class
This PR was merged into the 2.2 branch.
Discussion
----------
Reverts behavior change to UrlGenerator
I do not want to talk much about the behavior change and whether it makes sense or not because I think it does not matter in this situation anyway.
The ``generate`` method is tagged with ``@api``, there is no security issue that was fixed. According to the rules set forth at http://symfony.com/doc/current/book/stable_api.html, the semantics of such a method must not be changed.
There is some more discussion in #6814 and the commit changing the behavior is this one: c66d1f9de3 (diff-0)
Commits
-------
a765375 reverts some behavior changes made in c66d1f9de30fd1b6a86cca10dd79d12c9ba9ff25
This PR was merged into the 2.2 branch.
Discussion
----------
[2.3] [WebProfiler] added the possibility to override the application name/version in the WDT
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
d35cb9f [WebProfiler] added the possibility to override the application name/version in the WDT
This PR was merged into the master branch.
Discussion
----------
[2.3][TwigBundle] Use display instead of visibility for exception page icons
Originally spawned from #6612, this allows us to get rid of the ugly margins for the open and close icons on the exception page.
Commits
-------
e66bd14 [TwigBundle] Use display instead of visibility for exception page icons
This PR was merged into the master branch.
Discussion
----------
[2.3] moved a security check in HttpUploadedFile
closes#6802
- [x] fix the testsuite, I've only run the component suite, but it needs to be updated in other places too (according to travis)
Commits
-------
5bb44f5 [HttpFoundation] UploadedFile - moved a security check
This PR was merged into the master branch.
Discussion
----------
[2.3] [Serializer] Enabled camelCase format to be used on denormalize method
Enabled camelCase formater , that way when hydrating from arrays, attributes as attribute_name could be implemented as attributteName parameter, with getAttributeName and setAttributeName, giving different formating option from setAttribute_name getAttribute_name.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | no
| License | MIT
| Doc PR | no
Commits
-------
fbffdf0 Enabled camelCase format to be used on denormalize method, that way camel_case attribute can be used on object as getCamelCase()
This PR was squashed before being merged into the master branch (closes#7028).
Discussion
----------
[2.3] [Routing] Added access to querystring in RequestContext
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This is related to a Silex change request: https://github.com/fabpot/Silex/pull/623
Commits
-------
4a2b755 [2.3] [Routing] Added access to querystring in RequestContext
* 2.2:
#7106 - fix for ZTS builds
Added '@@' escaping strategy for YamlFileLoader and YamlDumper
[Yaml] fixed bugs with folded scalar parsing
[Form] made DefaultCsrfProvider using session_status() when available
Added unit tests to Dumper
Update .travis.yml (closes#7355)
[HttpFoudantion] fixed Request::getPreferredLanguage()
Revert "merged branch jfsimon/issue-6928 (PR #7378)"
Routing issue with installation in a sub-directory ref: https://github.com/symfony/symfony/issues/7129
This PR was merged into the master branch.
Discussion
----------
[2.3] Add missing WinCacheClassLoader
Commits
-------
af86e5b Add missing WinCacheClassLoader
* 2.1:
#7106 - fix for ZTS builds
Added '@@' escaping strategy for YamlFileLoader and YamlDumper
[Yaml] fixed bugs with folded scalar parsing
[Form] made DefaultCsrfProvider using session_status() when available
Added unit tests to Dumper
Update .travis.yml (closes#7355)
[HttpFoudantion] fixed Request::getPreferredLanguage()
Revert "merged branch jfsimon/issue-6928 (PR #7378)"
Routing issue with installation in a sub-directory ref: https://github.com/symfony/symfony/issues/7129
Conflicts:
.travis.yml
src/Symfony/Bundle/FrameworkBundle/Routing/Router.php
src/Symfony/Component/Routing/RouteCollection.php
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#7248).
Discussion
----------
#7106 - check php version for getcwd()
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7106
| License | MIT
Commits
-------
11d3855 #7106 - fix for ZTS builds