This PR was merged into the 4.3-dev branch.
Discussion
----------
Update MimeType extensions
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
5183049b73 updated MimeType extensions
* 4.2:
properly fix tests on PHP 5
fix tests on PHP 5
remove doubled dot from exception message
bug #29697 [DI] Fixed wrong factory method in exception (Wojciech Gorczyca)
[Intl] make type-hinted arguments nullable
[DI] Fixed wrong factory method in exception
Changed gender choice types to color
Fix unnecessary use
remove no longer needed PHP version checks
remove no longer needed PHP version checks
Fixed groupBy argument value in DefaultChoiceListFactoryTest
[HttpKernel] Correctly Render Signed URIs Containing Fragments
[HttpFoundation] Fix request uri when it starts with double slashes
* 4.1:
properly fix tests on PHP 5
fix tests on PHP 5
remove doubled dot from exception message
bug #29697 [DI] Fixed wrong factory method in exception (Wojciech Gorczyca)
[Intl] make type-hinted arguments nullable
[DI] Fixed wrong factory method in exception
Changed gender choice types to color
remove no longer needed PHP version checks
remove no longer needed PHP version checks
Fixed groupBy argument value in DefaultChoiceListFactoryTest
[HttpKernel] Correctly Render Signed URIs Containing Fragments
[HttpFoundation] Fix request uri when it starts with double slashes
* 3.4:
properly fix tests on PHP 5
fix tests on PHP 5
bug #29697 [DI] Fixed wrong factory method in exception (Wojciech Gorczyca)
Changed gender choice types to color
remove no longer needed PHP version checks
Fixed groupBy argument value in DefaultChoiceListFactoryTest
[HttpKernel] Correctly Render Signed URIs Containing Fragments
[HttpFoundation] Fix request uri when it starts with double slashes
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Fix request uri when it starts with double slashes
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29478
| License | MIT
| Doc PR | ~
When the `REQUEST_URI` starts with a slash no need to `parse_url()`. However to keep the same behaviour regarding the fragment we need to add a logic to remove it. While `parse_url()` handle all cases itself.
Commits
-------
cf850c1a15 [HttpFoundation] Fix request uri when it starts with double slashes
* 4.2:
update years in license files
Fix: Adjust DocBlock
\"ParserTest->getParserTestData()\" -> only some more tests
access the container getting it from the kernel
Replace slave and master by replica and primary
Fix erasing cookies issue
[Lock] Pedantic improvements for lock
[EventDispatcher] Fixed phpdoc on interface
update year in license files
[VarExporter] fix exporting array indexes
[SecurityBundle] Fix traceable voters
[Console] Fix help text for single command applications
Fix random test failure on lock
improve error message when using test client without the BrowserKit component
Fixed minor typos in an error message
[Event Dispatcher] fixed 29703: TraceableEventDispatcher reset now sets callStack to null with test to dispatch after reset.
Fixed minor typos
Fix: Method can also return null
[Stopwatch] Fixed phpdoc for category name
* 4.1:
Fix: Adjust DocBlock
\"ParserTest->getParserTestData()\" -> only some more tests
access the container getting it from the kernel
[Lock] Pedantic improvements for lock
[EventDispatcher] Fixed phpdoc on interface
update year in license files
[Console] Fix help text for single command applications
Fix random test failure on lock
improve error message when using test client without the BrowserKit component
[Event Dispatcher] fixed 29703: TraceableEventDispatcher reset now sets callStack to null with test to dispatch after reset.
Fixed minor typos
Fix: Method can also return null
[Stopwatch] Fixed phpdoc for category name
* 3.4:
Fix: Adjust DocBlock
\"ParserTest->getParserTestData()\" -> only some more tests
[Lock] Pedantic improvements for lock
[EventDispatcher] Fixed phpdoc on interface
update year in license files
[Console] Fix help text for single command applications
Fix random test failure on lock
improve error message when using test client without the BrowserKit component
[Event Dispatcher] fixed 29703: TraceableEventDispatcher reset now sets callStack to null with test to dispatch after reset.
Fixed minor typos
Fix: Method can also return null
[Stopwatch] Fixed phpdoc for category name
* 4.2: (27 commits)
[VarExporter] dont call userland code with uninitialized objects
Fix typos in doc blocks
[Debug] ignore underscore vs backslash namespaces in DebugClassLoader
[TwigBridge][Form] Prevent multiple rendering of form collection prototypes
[FrameworkBundle] fix describing routes with no controllers
[DI] move RegisterServiceSubscribersPass before DecoratorServicePass
Update ValidationListener.php
[Yaml] ensures that the mb_internal_encoding is reset to its initial value
[Messenger] Restore message handlers laziness
[WebLink] Fixed documentation link
[Security] getTargetPath of TargetPathTrait must return string or null
[Hackday][Serializer] Deserialization ignores argument type hint from phpdoc for array in constructor argument
Optimize perf by replacing call_user_func with dynamic vars
[Cache] Fix dsn parsing
[Routing] fix dumping same-path routes with placeholders
[WebProfilerBundle][TwigBundle] CSS fixes
Add a docblock for FormFactoryInterface
[Security] defer log message in guard authenticator
[Validator] Added IBAN format for Vatican City State
merge conflicts
...
* 4.1:
Fix typos in doc blocks
[Debug] ignore underscore vs backslash namespaces in DebugClassLoader
[TwigBridge][Form] Prevent multiple rendering of form collection prototypes
[FrameworkBundle] fix describing routes with no controllers
[DI] move RegisterServiceSubscribersPass before DecoratorServicePass
Update ValidationListener.php
[Yaml] ensures that the mb_internal_encoding is reset to its initial value
[WebLink] Fixed documentation link
[Security] getTargetPath of TargetPathTrait must return string or null
[Hackday][Serializer] Deserialization ignores argument type hint from phpdoc for array in constructor argument
Optimize perf by replacing call_user_func with dynamic vars
[Routing] fix dumping same-path routes with placeholders
[Security] defer log message in guard authenticator
[Validator] Added IBAN format for Vatican City State
merge conflicts
filter out invalid Intl values
filter out invalid language values
[Validator] Fixed grouped composite constraints
[Form] Filter arrays out of scalar form types
Fix HeaderBag::get phpdoc
* 3.4:
[Debug] ignore underscore vs backslash namespaces in DebugClassLoader
[TwigBridge][Form] Prevent multiple rendering of form collection prototypes
[FrameworkBundle] fix describing routes with no controllers
[DI] move RegisterServiceSubscribersPass before DecoratorServicePass
Update ValidationListener.php
[Yaml] ensures that the mb_internal_encoding is reset to its initial value
[WebLink] Fixed documentation link
[Security] getTargetPath of TargetPathTrait must return string or null
[Hackday][Serializer] Deserialization ignores argument type hint from phpdoc for array in constructor argument
[Security] defer log message in guard authenticator
merge conflicts
Fix HeaderBag::get phpdoc
When setting $first to false, the default value is wrapped into an array
meaning you need to pass a string as the default value instead of an
array of strings.
* 4.1: (23 commits)
[Routing] fix trailing slash redirection when using RedirectableUrlMatcher
[PropertyAccessor] fix encoding of cache keys
[WebProfiler] Detect empty file paths in file viewer
fixed CS
Changes for upcoming Travis' infra migration
Doc fix: clarify isMethodCacheable() returns true only for GET & HEAD
[MonologBridge] Return empty list for unknonwn requests
[DomCrawler] exclude fields inside "template" tags
Use XLIFF source rather than resname when there's no target
[DoctrineBridge] catch errors while converting to db values in data collector
[DoctrineBridge] fix case sensitivity issue in RememberMe\DoctrineTokenProvider
[EventDispatcher] Unwrap wrapped listeners internally
[Routing] fix trailing slash redirection when using RedirectableUrlMatcher
Removed the return type phpdoc
fix authorization checker variable name
[Routing] Remove duplicate schemes and methods for invokable controllers
Indentation error
[HttpFoundation] Fix trailing space for mime-type with parameters
[HttpFoundation] Fixed absolute Request URI with default port
[Bridge/PhpUnit] fix the fix
...
* 3.4:
[Routing] fix trailing slash redirection when using RedirectableUrlMatcher
[PropertyAccessor] fix encoding of cache keys
[WebProfiler] Detect empty file paths in file viewer
fixed CS
Changes for upcoming Travis' infra migration
Doc fix: clarify isMethodCacheable() returns true only for GET & HEAD
[DomCrawler] exclude fields inside "template" tags
Use XLIFF source rather than resname when there's no target
[DoctrineBridge] catch errors while converting to db values in data collector
[DoctrineBridge] fix case sensitivity issue in RememberMe\DoctrineTokenProvider
[EventDispatcher] Unwrap wrapped listeners internally
Indentation error
[HttpFoundation] Fix trailing space for mime-type with parameters
[HttpFoundation] Fixed absolute Request URI with default port
properly parse backslashes in unquoted env vars
Use intersection type when referring to ParentNodeDefinitionInterface
[BrowserKit] fixed BC Break for HTTP_HOST header; implemented same behaviour for HTTPS server parameter
* 2.8:
fixed CS
Changes for upcoming Travis' infra migration
Doc fix: clarify isMethodCacheable() returns true only for GET & HEAD
[DomCrawler] exclude fields inside "template" tags
Use XLIFF source rather than resname when there's no target
[DoctrineBridge] catch errors while converting to db values in data collector
[DoctrineBridge] fix case sensitivity issue in RememberMe\DoctrineTokenProvider
Indentation error
[HttpFoundation] Fix trailing space for mime-type with parameters
Use intersection type when referring to ParentNodeDefinitionInterface
[BrowserKit] fixed BC Break for HTTP_HOST header; implemented same behaviour for HTTPS server parameter
The current documentation points to https://tools.ietf.org/html/rfc7231#section-4.2.3.
The spec says: "this specification defines GET, HEAD, and POST as cacheable, although the overwhelming majority of cache implementations only support GET and HEAD.".
This fix to the documentation clarifies that Symfony follows majority (excluding POST) rather than the spec (including POST).
* 4.1:
[Form] Hardened test suite for empty data
Bump phpunit XSD version to 5.2
[Fwb][EventDispatcher][HttpKernel] Fix getClosureScopeClass usage to describe callables
Add required key attribute
* 3.4:
[Form] Hardened test suite for empty data
Bump phpunit XSD version to 5.2
[Fwb][EventDispatcher][HttpKernel] Fix getClosureScopeClass usage to describe callables
Add required key attribute
Some attributes being used in the phpunit configuration files, namely
failOnRisky and failOnWarning were introduced in phpunit 5.2.0. The
Composer configuration shows that tests should run with old versions of
phpunit, but phpunit only validates the configuration against the XSD
since phpunit 7.2.0.
These changes can be tested as follows:
wget http://schema.phpunit.de/5.2/phpunit.xsd
xargs xmllint --schema phpunit.xsd 1>/dev/null
find src -name phpunit.xml.dist| xargs xmllint --schema phpunit.xsd 1>/dev/null
See 7e06a82806
See 46e3745a03/composer.json (L98)
* 4.1:
Change button_widget class to btn-primary
[Serializer] Allow null values when denormalizing with constructor missing data
[Dotenv] dont use getenv() to read SYMFONY_DOTENV_VARS
[HttpFoundation] Fixed PHP doc of ParameterBag::getBoolean
[HttpFoundation] replace any preexisting Content-Type headers
* 3.4:
Change button_widget class to btn-primary
[Dotenv] dont use getenv() to read SYMFONY_DOTENV_VARS
[HttpFoundation] Fixed PHP doc of ParameterBag::getBoolean
[HttpFoundation] replace any preexisting Content-Type headers
* 4.1:
[VarDumper] fix dump of closures created from callables
[DI] fix dumping inlined services
Add framework asset changes to upgrade 3.0 guide
[Travis] Bump ext-mongodb to 1.5.2 on Travis
[DI] dont track classes/interfaces used to compute autowiring error messages
[DI] fix GraphvizDumper ignoring inline definitions
bumped Symfony version to 4.1.8
updated VERSION for 4.1.7
updated CHANGELOG for 4.1.7
bumped Symfony version to 3.4.19
updated VERSION for 3.4.18
updated CHANGELOG for 3.4.18
bumped Symfony version to 2.8.48
updated VERSION for 2.8.47
update CONTRIBUTORS for 2.8.47
updated CHANGELOG for 2.8.47
Fix ini_get() for boolean values
* 3.4:
[VarDumper] fix dump of closures created from callables
[DI] fix dumping inlined services
Add framework asset changes to upgrade 3.0 guide
[Travis] Bump ext-mongodb to 1.5.2 on Travis
[DI] dont track classes/interfaces used to compute autowiring error messages
[DI] fix GraphvizDumper ignoring inline definitions
bumped Symfony version to 3.4.19
updated VERSION for 3.4.18
updated CHANGELOG for 3.4.18
bumped Symfony version to 2.8.48
updated VERSION for 2.8.47
update CONTRIBUTORS for 2.8.47
updated CHANGELOG for 2.8.47
Fix ini_get() for boolean values
* 4.1:
SCA: removed unused variables
Remove duplicate condition
fix useless space in docblock
remove unneeded tearDown method
[Intl] Update the ICU data to 63.1
[FrameworkBundle] Fix broken exception message
[Messenger] send using the routing_key for AMQP transport
also clean away the NO_AUTO_CACHE_CONTROL_HEADER if we have no session
[TwigBundle] Fix usage of TwigBundle without FrameworkBundle
Revert "fixed CS"
[Serializer] Reduce class discriminator overhead
Skip empty proxy code
[Security] Fix "exclude-from-classmap"
[Security] Removed unsed trait import
[Config] Fix @method annotation
add missing double-quotes to extra_fields output message
[DI] Default undefined env to empty string during compile
Convert InsufficientAuthenticationException to HttpException
This PR was merged into the 2.8 branch.
Discussion
----------
Revert "fixed CS"
This reverts commit d48a3776fe.
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | n/a
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
This PR reverts #28814 , that was caused as a bug of PHP CS Fixer fixed in https://github.com/FriendsOfPHP/PHP-CS-Fixer/pull/4027
After fix on PHP CS Fixer side, the rule is passing now at Symfony's codebase.
This PR only reverts wrong chances done by PHP CS Fixer,
it does not apply new rule requested in #28817 ( https://github.com/FriendsOfPHP/PHP-CS-Fixer/issues/4045 )
Commits
-------
6f83d9f9a3 Revert "fixed CS"
This PR was merged into the 2.8 branch.
Discussion
----------
[HTTP Foundtation] Fix useless space in docblock
I Just removed a useless space in PHP Doc, I don't know if target the 2.8 branch is enough to others SF versions
Commits
-------
6ba75734d6 fix useless space in docblock
This PR was merged into the 4.2-dev branch.
Discussion
----------
[HttpFoundation] Make ResponseHeaderBag::makeDisposition static
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes-ish
| BC breaks? | no
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes
| Fixed tickets | #27851
| License | MIT
| Doc PR | n/a
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
d29b410262 [HttpFoundation] made ResponseHeaderBag::makeDisposition static
* 4.1: (27 commits)
Added the Code of Conduct file
do not override custom access decision configs
[Security] Do not deauthenticate user when the first refreshed user has changed
fix a return type hint
invalidate stale commits for PRs too
add missing cache prefix seed attribute to XSD
fix command description
Fix class documentation
[Validator] Add a missing translation
[FrameworkBundle] Fix 3.4 tests
[DI] fix dumping inline services again
Rename consumer to receiver
Register messenger before the profiler
Fix phpdocs
[EventDispatcher] Remove template method in test case
Added LB translation for #27993 (UUID validator message translation)
Replace deprecated validateValue with validate
[FWBundle] Automatically enable PropertyInfo when using Flex
[Process] fix locking of pipe files on Windows
Correct PHPDoc type for float ttl
...
* 3.4: (21 commits)
Added the Code of Conduct file
do not override custom access decision configs
[Security] Do not deauthenticate user when the first refreshed user has changed
invalidate stale commits for PRs too
add missing cache prefix seed attribute to XSD
fix command description
Fix class documentation
[Validator] Add a missing translation
[FrameworkBundle] Fix 3.4 tests
[DI] fix dumping inline services again
Fix phpdocs
[EventDispatcher] Remove template method in test case
Added LB translation for #27993 (UUID validator message translation)
Replace deprecated validateValue with validate
[FWBundle] Automatically enable PropertyInfo when using Flex
[Process] fix locking of pipe files on Windows
Correct PHPDoc type for float ttl
bumped Symfony version to 3.4.18
updated VERSION for 3.4.17
updated CHANGELOG for 3.4.17
...
* 2.8:
Fix class documentation
[Validator] Add a missing translation
Fix phpdocs
[EventDispatcher] Remove template method in test case
Added LB translation for #27993 (UUID validator message translation)
Replace deprecated validateValue with validate
This PR was merged into the 2.8 branch.
Discussion
----------
Remove redundant path check
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | maybe?
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commit 0ec852d79f introduced this new method. As you can see, the code I'm removing always evaluates to `true` thanks to the first `if` statement in this method:
(I'm not sure if redundant code technically counts as a "bug", so I've assumed "yes it does" and targeted 2.8.)
Commits
-------
10795cf096 Remove redundant path check
* 4.1: (21 commits)
[php_cs] disable fopen_flags
[DI] fix error in dumped container
[CS] Remove unused variables passed to closures
[DI] fix dumping setters before their inlined instances
[CS] Remove empty comment
[CS] Enforces null type hint on last position in phpDocs
[CS] Use combined assignment operators when possible
Fix a typo in error messages
Don't return early as this bypasses the auto exit feature
[Console] Add missing null to input values allowed types
[PHPUnitBridge] Fix microtime() format
bumped Symfony version to 4.1.6
updated VERSION for 4.1.5
updated CHANGELOG for 4.1.5
bumped Symfony version to 3.4.17
updated VERSION for 3.4.16
updated CHANGELOG for 3.4.16
bumped Symfony version to 2.8.47
update CONTRIBUTORS for 2.8.46
updated VERSION for 2.8.46
...
* 3.4:
[php_cs] disable fopen_flags
[DI] fix error in dumped container
[CS] Remove unused variables passed to closures
[DI] fix dumping setters before their inlined instances
[CS] Remove empty comment
[CS] Enforces null type hint on last position in phpDocs
[CS] Use combined assignment operators when possible
Fix a typo in error messages
Don't return early as this bypasses the auto exit feature
[Console] Add missing null to input values allowed types
[PHPUnitBridge] Fix microtime() format
bumped Symfony version to 3.4.17
updated VERSION for 3.4.16
updated CHANGELOG for 3.4.16
bumped Symfony version to 2.8.47
update CONTRIBUTORS for 2.8.46
updated VERSION for 2.8.46
updated CHANGELOG for 2.8.46
* 2.8:
[php_cs] disable fopen_flags
[CS] Remove unused variables passed to closures
[CS] Remove empty comment
[CS] Enforces null type hint on last position in phpDocs
[CS] Use combined assignment operators when possible
Fix a typo in error messages
[Console] Add missing null to input values allowed types
[PHPUnitBridge] Fix microtime() format
bumped Symfony version to 2.8.47
update CONTRIBUTORS for 2.8.46
updated VERSION for 2.8.46
updated CHANGELOG for 2.8.46
This PR was merged into the 2.8 branch.
Discussion
----------
[CS] Enforces null type hint on last position in phpDocs
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | - <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | - <!-- required for new features -->
As a majority in our codebase, the `null` typehint usually comes in the last position in phpDocs.
Commits
-------
efbba25577 [CS] Enforces null type hint on last position in phpDocs
This PR was squashed before being merged into the 4.1 branch (closes#28636).
Discussion
----------
[HttpFoundation] X-Accel-Mapping does not use HTTP key=value syntax
| Q | A
| ------------- | ---
| Branch? | 4.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? |no
| Tests pass? | yes
| Fixed tickets | #28627
| License | MIT
| Doc PR |
The `X-Accel-Mapping` header does not use the standard HTTP key=value syntax, so using `HeaderUtils::combine()` breaks paths with upper-case letters.
There is no good reason to use `HeaderUtils::combine()` in this case, so simply skip it.
Commits
-------
09343c27d7 [HttpFoundation] X-Accel-Mapping does not use HTTP key=value syntax
* 4.1:
[Console] simplified code
removed useless phpdoc
improve docblocks around group sequences
[Cache] prevent getting older entries when the version key is evicted
[WebProfilerBundle] added a note in the README
[Yaml] Skip parser test with root user
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
[HttpFoundation] fix hidding warnings from session handlers
Caching missed templates on cache warmup
* 3.4:
[Console] simplified code
removed useless phpdoc
improve docblocks around group sequences
[Cache] prevent getting older entries when the version key is evicted
[WebProfilerBundle] added a note in the README
[Yaml] Skip parser test with root user
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
[HttpFoundation] fix hidding warnings from session handlers
Caching missed templates on cache warmup
* 2.8:
improve docblocks around group sequences
[WebProfilerBundle] added a note in the README
[Filesystem] Skip tests on readable file when run with root user
[FWBundle] Fix an error in WebTestCase::createClient's PHPDoc
[HttpFoundation][Security] forward locale and format to subrequests
[Console] Send the right exit code to console.terminate listeners
Caching missed templates on cache warmup
This PR was merged into the 4.2-dev branch.
Discussion
----------
[HttpFoundation] make cookies auto-secure when passing them $secure=null + plan to make it and samesite=lax the defaults in 5.0
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | yes
| Fixed tickets | #26731
| License | MIT
| Doc PR | -
By creating Cookie instances using `null` for the `$secure` argument, this PR allows making cookies inherit their "secure" attribute from the request.
This PR also adds a forward to make $secure=null and samesite=lax the defaults in Symfony 5.0:
- either define all constructor's arguments explicitly
- or use the new `Cookie::create()` factory
Commits
-------
9493cfd5f2 [HttpFoundation] make cookies auto-secure when passing them $secure=null + plan to make it and samesite=lax the defaults in 5.0
* 4.1:
Fix CS
Allow reuse of Session between requests
[MonologBridge] Re-add option option to ignore empty context and extra data
[Lock] remove useless code
[PhpUnitBridge] fix disabling DeprecationErrorHandler using phpunit.xml file
Provide debug_backtrace with proper args
[DI] fix infinite loop involving self-references in decorated services
forward false label option to nested types
[DI] fix dumping lazy services
forward the invalid_message option in date types
* 3.4:
Fix CS
Allow reuse of Session between requests
[MonologBridge] Re-add option option to ignore empty context and extra data
[Lock] remove useless code
[PhpUnitBridge] fix disabling DeprecationErrorHandler using phpunit.xml file
Provide debug_backtrace with proper args
[DI] fix infinite loop involving self-references in decorated services
forward false label option to nested types
forward the invalid_message option in date types
* 2.8:
Fix CS
Allow reuse of Session between requests
Provide debug_backtrace with proper args
forward false label option to nested types
forward the invalid_message option in date types
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpFoundation] Allow reuse of Session between requests if ID did not change
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #13450
| License | MIT
| Doc PR | -
I stumbled upon the issue from https://github.com/symfony/symfony/issues/13450 in a more simple case than what was exposed in the issue. From my understanding, the problem arises when the session is used between an access to the session and a functional test request: because the session was accessed (usually using the container directly), the session has started and the following request fails.
This PR checks whether the ID was actually regenerated before throwing (if a setId is called with the same ID, it is the same request context, it shouldn't throw IMO).
Not sure I understood everything correctly though, feel free to fix it for me if needed.
Commits
-------
fd30f4a21d Allow reuse of Session between requests
* 4.1:
[TwigBridge] fix lowest version of symfony/form
Think positive
KernelInterface can return null container
[DI] Detect circular references with ChildDefinition parent
[VarDumper] Fix global dump function return value for PHP7
[Ldap] Use shut up operator on connection errors at ldap_start_tls
Implement startTest rather than startTestSuite
[OptionsResolver] remove dead code and useless else
[HttpFoundation] don't override StreamedResponse::setNotModified()
Added relevent links for parsing to the phpdoc
Add stricter checking for valid date time string
Fix symfony/console (optional) dependency for MonologBridge
fix not displaying labels when value is false
[Form] Fix DateTimeType html5 input format
* 3.4:
Think positive
KernelInterface can return null container
[DI] Detect circular references with ChildDefinition parent
[VarDumper] Fix global dump function return value for PHP7
[Ldap] Use shut up operator on connection errors at ldap_start_tls
Implement startTest rather than startTestSuite
[OptionsResolver] remove dead code and useless else
[HttpFoundation] don't override StreamedResponse::setNotModified()
Added relevent links for parsing to the phpdoc
Add stricter checking for valid date time string
Fix symfony/console (optional) dependency for MonologBridge
[Form] Fix DateTimeType html5 input format
* 2.8:
KernelInterface can return null container
[Ldap] Use shut up operator on connection errors at ldap_start_tls
[HttpFoundation] don't override StreamedResponse::setNotModified()
Added relevent links for parsing to the phpdoc
Add stricter checking for valid date time string
[Form] Fix DateTimeType html5 input format
* 4.1:
[DI] configure inlined services before injecting them when dumping the container
Consistently throw exceptions on a single line
fix fopen calls
Update .editorconfig
* 3.4:
[DI] configure inlined services before injecting them when dumping the container
Consistently throw exceptions on a single line
fix fopen calls
Update .editorconfig
Uses `session.cookie_samesite` for PHP >= 7.3. For PHP < 7.3 it first
does a session_start(), find the emitted header, changes it, and emits
it again with the value for SameSite added.
* 4.1:
bumped Symfony version to 2.8.46
updated VERSION for 2.8.45
update CONTRIBUTORS for 2.8.45
updated CHANGELOG for 2.8.45
[PhpUnitBridge] keep compat with composer 1.0
Instantiate $offset and $maxlen at definition
[Cache] minor code update to leverage PHP 7.1
* 3.4:
bumped Symfony version to 2.8.46
updated VERSION for 2.8.45
update CONTRIBUTORS for 2.8.45
updated CHANGELOG for 2.8.45
[PhpUnitBridge] keep compat with composer 1.0
Instantiate $offset and $maxlen at definition
* 2.8:
bumped Symfony version to 2.8.46
updated VERSION for 2.8.45
update CONTRIBUTORS for 2.8.45
updated CHANGELOG for 2.8.45
Instantiate $offset and $maxlen at definition
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpFoundation] Fix unprepared BinaryFileResponse sends empty file
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes, with the exception of preexisting, unrelated failures
| Fixed tickets | #28237
| License | MIT
| Doc PR |
When you call `BinaryFileResponse#sendContent()` without first calling `prepare()` the response is sent but the contents are empty. `prepare()` properly initializes the `$maxlen` and `$offset` properties. However, `sendContent()` doesn't do any sanity checking, and so, uses the uninitialized properties. This causes `stream_copy_to_stream()` to copy empty contents and the file that is sent, to contain nothing.
This change initializes the properties at definition instead of in `prepare()`.
> Additionally:
> - Bug fixes must be submitted against the lowest branch where they apply
~I'm not sure how early this bug exists, or how far back to go. I'll check to see if 2.7 and 2.8 are affected and report back.~
Commits
-------
dba8687a5d Instantiate $offset and $maxlen at definition
* 4.1:
[HttpFoundation] fix false-positive ConflictingHeadersException
[DI] Fix false-positive circular ref leading to wrong exceptions or infinite loops at runtime
* 3.4:
[HttpFoundation] fix false-positive ConflictingHeadersException
[DI] Fix false-positive circular ref leading to wrong exceptions or infinite loops at runtime
* 4.1:
[travis] fix CI for sigchild+Process
fix merge
[travis] merge "same Symfony version" jobs in one
fix merge
🐛 Fix typo
Remove the Expires header when calling Response::expire()
Allow multidimensional collection in property info
Allow multidimensional collection in property info
* 3.4:
[travis] fix CI for sigchild+Process
fix merge
[travis] merge "same Symfony version" jobs in one
fix merge
Remove the Expires header when calling Response::expire()
Allow multidimensional collection in property info
Allow multidimensional collection in property info
This PR was merged into the 2.8 branch.
Discussion
----------
Remove the Expires header when calling Response::expire()
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #13341 <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | -
Commits
-------
ac0cd15402 Remove the Expires header when calling Response::expire()
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpFoundation] Remove support for legacy and risky HTTP headers
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
e447e8b921 [HttpFoundation] Remove support for legacy and risky HTTP headers
* 4.1:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[FrameworkBundle] fixed guard event names for transitions
[DI] Improve class named servics error message
remove unnecessary instanceof in MongoDbSessionHandler
[HttpFoundation] fixed using _method parameter with invalid type
Renaming internal test class to help auto-completion
[Intl] Replace svn with git in the icu data update script
[Messenger] Fix error message on undefined message class for non-subscriber handler
[HttpFoundation] Fix Cookie::isCleared
* 4.0:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[FrameworkBundle] fixed guard event names for transitions
[DI] Improve class named servics error message
[HttpFoundation] fixed using _method parameter with invalid type
[Intl] Replace svn with git in the icu data update script
[HttpFoundation] Fix Cookie::isCleared
* 3.4:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[FrameworkBundle] fixed guard event names for transitions
[DI] Improve class named servics error message
[HttpFoundation] fixed using _method parameter with invalid type
[Intl] Replace svn with git in the icu data update script
[HttpFoundation] Fix Cookie::isCleared
* 2.8:
[HttpKernel] Fixed invalid REMOTE_ADDR in inline subrequest when configuring trusted proxy with subnet
[HttpFoundation] fixed using _method parameter with invalid type
[Intl] Replace svn with git in the icu data update script
[HttpFoundation] Fix Cookie::isCleared
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpFoundation] Fix Cookie::isCleared
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | #27946
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
Commits
-------
d3d7766874 [HttpFoundation] Fix Cookie::isCleared
* 4.1:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 4.0:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 3.4:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
* 2.8:
Fix Clidumper tests
Enable the fixer enforcing fully-qualified calls for compiler-optimized functions
Apply fixers
Disable the native_constant_invocation fixer until it can be scoped
Update the list of excluded files for the CS fixer
This PR was squashed before being merged into the 3.4 branch (closes#26193).
Discussion
----------
Fix false-positive deprecation notices for TranslationLoader and WriteCheckSessionHandler
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #25518
| License | MIT
Symfony 3.4 emits deprecation warnings for `TranslationLoader` and `WriteCheckSessionHandler` as soon as these classes are loaded, yet at the same time these classes are part of the default services defined in Symfony 3.4, so if these classes are loaded during container compilation a deprecation warning is emitted, even if these classes are never actually used.
An example would be the following within a compiler pass:
foreach ($containerBuilder->getDefinitions() as $definition) {
if (is_subclass_of($definition->getClass(), SomeClass::class)) {
$definition->addMethodCall('setSomething', [new Reference('someservice')]);
}
}
This will load both `TranslationLoader` and `WriteCheckSessionHandler` in order to check their definition. No instance of the classes are ever used and the classes are not loaded after compilation ever, yet the deprecation notices are shown on every single page. More details are provided in issue #25518 .
By moving the deprecation notices to the class constructors false-positives are avoided while actual usage of the classes should still generate the deprecation warnings.
Commits
-------
1a427b181d Fix false-positive deprecation notices for TranslationLoader and WriteCheckSessionHandler
* 4.1:
fixed typo
[FrameworkBundle] fixed brackets position in method calls
Add placeholder support in bootstrap 4 file fields
[Form] Improve rendering of `file` field in bootstrap 4
[Form] Fix PHPDoc for FormConfigBuilder $dataClass argument
[Security] Update user phpdoc on tokens
[WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2
suppress side effects in 'get' or 'has' methods of NamespacedAttributeBag
[HttpFoundation] reset callback on StreamedResponse when setNotModified() is called
[HttpFoundation] Fixed phpdoc for get method of HeaderBag
fix typo in ContainerBuilder docblock
[Form/Profiler] Massively reducing memory footprint of form profiling pages by removing redundant 'form' variable from view variables.
[Console] correctly return parameter's default value on "--"
[DependencyInjection] add missing test for #27710
[EventDispatcher] Clear orphaned events on TraceableEventDispatcher::reset
Fix serialization of abstract items with groups across multiple entities
* 4.0:
fixed typo
[FrameworkBundle] fixed brackets position in method calls
[Form] Fix PHPDoc for FormConfigBuilder $dataClass argument
[Security] Update user phpdoc on tokens
[WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2
suppress side effects in 'get' or 'has' methods of NamespacedAttributeBag
[HttpFoundation] reset callback on StreamedResponse when setNotModified() is called
[HttpFoundation] Fixed phpdoc for get method of HeaderBag
fix typo in ContainerBuilder docblock
[Form/Profiler] Massively reducing memory footprint of form profiling pages by removing redundant 'form' variable from view variables.
[Console] correctly return parameter's default value on "--"
* 3.4:
[FrameworkBundle] fixed brackets position in method calls
[Form] Fix PHPDoc for FormConfigBuilder $dataClass argument
[Security] Update user phpdoc on tokens
[WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2
suppress side effects in 'get' or 'has' methods of NamespacedAttributeBag
[HttpFoundation] reset callback on StreamedResponse when setNotModified() is called
[HttpFoundation] Fixed phpdoc for get method of HeaderBag
fix typo in ContainerBuilder docblock
[Form/Profiler] Massively reducing memory footprint of form profiling pages by removing redundant 'form' variable from view variables.
[Console] correctly return parameter's default value on "--"
* 2.8:
[Form] Fix PHPDoc for FormConfigBuilder $dataClass argument
[Security] Update user phpdoc on tokens
[WebProfilerBundle] Fixed icon alignment issue using Bootstrap 4.1.2
suppress side effects in 'get' or 'has' methods of NamespacedAttributeBag
[HttpFoundation] reset callback on StreamedResponse when setNotModified() is called
[HttpFoundation] Fixed phpdoc for get method of HeaderBag
fix typo in ContainerBuilder docblock
This PR was merged into the 2.8 branch.
Discussion
----------
[HttpFoundation] reset callback on StreamedResponse when setNotModified() is called
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #27924
| License | MIT
| Doc PR | No
Commits
-------
51a49c7f78 [HttpFoundation] reset callback on StreamedResponse when setNotModified() is called
* 4.1:
[DomCrawler] Fix ChoiceFormField::select() PHPDoc
[Security] LdapUserProvider uidKey could be null
[HttpFoundation] add tests for FlashBagInterface::setAll()
Check for Hyper terminal on all operating systems.
[DI] Don't show internal service id on binding errors
Fix a bug when having more than one named handler per message subscriber
Prevent toolbar links color override by css
add conflict for non-compatible TwigBridge version
* 4.0:
[DomCrawler] Fix ChoiceFormField::select() PHPDoc
[Security] LdapUserProvider uidKey could be null
[HttpFoundation] add tests for FlashBagInterface::setAll()
Check for Hyper terminal on all operating systems.
[DI] Don't show internal service id on binding errors
Prevent toolbar links color override by css
* 3.4:
[DomCrawler] Fix ChoiceFormField::select() PHPDoc
[HttpFoundation] add tests for FlashBagInterface::setAll()
Check for Hyper terminal on all operating systems.
[DI] Don't show internal service id on binding errors
Prevent toolbar links color override by css
* 2.8:
[DomCrawler] Fix ChoiceFormField::select() PHPDoc
[HttpFoundation] add tests for FlashBagInterface::setAll()
Check for Hyper terminal on all operating systems.
Prevent toolbar links color override by css
* 4.1:
Add color support for Hyper terminal .
[HttpFoundation] Fix tests: new message for status 425
[Doctrine Bridge] Fixed usage of wrong variable when tagged subscriber is invalid
[Workflow] Update phpdoc to fit a used className
[PropertyInfo] added handling of nullable types in PhpDoc
[HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler
[Cache] provider does not respect option maxIdLength with versioning enabled
[Form] Fix fixtures for forward compat
[Lock] Fix SemaphoreStoreTest on OS X
Ensure the class discriminator mechanism works with serialization groups as well
fix handling of empty DI extension configs
* 4.0:
Add color support for Hyper terminal .
[HttpFoundation] Fix tests: new message for status 425
[Doctrine Bridge] Fixed usage of wrong variable when tagged subscriber is invalid
[PropertyInfo] added handling of nullable types in PhpDoc
[HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler
[Cache] provider does not respect option maxIdLength with versioning enabled
* 3.4:
Add color support for Hyper terminal .
[HttpFoundation] Fix tests: new message for status 425
[Doctrine Bridge] Fixed usage of wrong variable when tagged subscriber is invalid
[PropertyInfo] added handling of nullable types in PhpDoc
[HttpKernel] Make AbstractTestSessionListener compatible with CookieClearingLogoutHandler
[Cache] provider does not respect option maxIdLength with versioning enabled
* 2.8:
Add color support for Hyper terminal .
[HttpFoundation] Fix tests: new message for status 425
[Doctrine Bridge] Fixed usage of wrong variable when tagged subscriber is invalid
* 4.1:
[HttpFoundation] update phpdoc of FlashBagInterface::add()
[ProxyManagerBridge] Fix support of private services (bis)
bug #27701 [SecurityBundle] Dont throw if "security.http_utils" is not found (nicolas-grekas)
[Form] relax fixtures for forward compat
[Validator] Fix the namespace of RegexTest
[Lock] fix locale dependent test case
* 4.0:
[HttpFoundation] update phpdoc of FlashBagInterface::add()
[ProxyManagerBridge] Fix support of private services (bis)
bug #27701 [SecurityBundle] Dont throw if "security.http_utils" is not found (nicolas-grekas)
[Form] relax fixtures for forward compat
[Validator] Fix the namespace of RegexTest
[Lock] fix locale dependent test case
* 3.4:
[HttpFoundation] update phpdoc of FlashBagInterface::add()
[ProxyManagerBridge] Fix support of private services (bis)
bug #27701 [SecurityBundle] Dont throw if "security.http_utils" is not found (nicolas-grekas)
[Form] relax fixtures for forward compat
[Validator] Fix the namespace of RegexTest
[Lock] fix locale dependent test case
* 2.8:
[HttpFoundation] update phpdoc of FlashBagInterface::add()
bug #27701 [SecurityBundle] Dont throw if "security.http_utils" is not found (nicolas-grekas)
[Validator] Fix the namespace of RegexTest
This PR was squashed before being merged into the 2.8 branch (closes#27765).
Discussion
----------
[HttpFoundation] update phpdoc of FlashBagInterface::add()
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
**Reason why I propose to change the docblock like this: **
The `FlashBagInterface::add()` function does not work only with the `string` type in second parameter
Commits
-------
9135e18ded [HttpFoundation] update phpdoc of FlashBagInterface::add()
* 4.1:
[Routing] Disallow object usage inside Route
[HttpFoundation] missing namespace for RedisProxy
[Routing] fix too much greediness in host-matching regex
[HttpFoundation] fix registration of session proxies
failing test to reproduce session problem
[HttpFoundation] fix session tracking counter
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] fix session tracking counter
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
As just discussed with @nicolas-grekas I found this issue today while upgrading my app to 3.4.12. Somehow its not possible anymore to set caching headers correctly since this commit: 146e01cb44 (diff-5350dc763df30ada9d00563c115f6652)
Commits
-------
89ed756462 failing test to reproduce session problem
26fc4e683f [HttpFoundation] fix session tracking counter
