This PR was squashed before being merged into the 2.7 branch (closes#19689).
Discussion
----------
[DI] Cleanup array_key_exists
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any
| License | MIT
| Doc PR | reference to the documentation PR, if any
Investigated this a bit, and to me it looks like left-over code. `null` doesnt end up in `$this->services` by design (this was done in https://github.com/symfony/symfony/pull/8582) so it seems. The test added then for regression still passes :)
I cant believe we guarantee BC for users doing `$this->services['id'] = null` (due protected), allowing them to break the design of `has`, `get` and `initialized` right now.
This also happens for `$this->definitions` in `ContainerBuilder`, maybe because `Container` did it alteady.. but im not sure.
Then again, there's this comment: https://github.com/symfony/symfony/pull/14470#issuecomment-96268162
Commits
-------
3306c70 [DI] Cleanup array_key_exists
* 2.8:
[travis] Use 7.0 until 7.1 is fixed
[DIC] Fix service autowiring inheritance
[SecurityBundle] Add missing deprecation notice for form_login.intention
Verify explicitly that the request IP is a valid IPv4 address
This PR was merged into the 2.7 branch.
Discussion
----------
[travis] Use PHP 7.0 until 7.1 is fixed
| Q | A
| ------------- | ---
| Branch? | 2.7
| Tests pass? | let's see
| License | MIT
Commits
-------
107a9e5 [travis] Use 7.0 until 7.1 is fixed
This PR was merged into the 2.8 branch.
Discussion
----------
[DependencyInjection] Fix service autowiring inheritance
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19615
| License | MIT
| Doc PR | n/a
This makes services inherit the `autowire` attribute from their parent and fix the ability to override it from the child.
Fixed cases:
- Simple inheritance
```yaml
parent:
class: Foo
abstract: true
autowire: true
child:
class: Foo
```
- Set in the child (only)
```yaml
parent:
class: Foo
abstract: true
child:
class: Foo
autowire: true
```
- Set in the parent, changed in the child
```yaml
parent:
class: Foo
abstract: true
autowire: true
child:
class: Foo
autowire: false
```
Commits
-------
fb95bdc [DIC] Fix service autowiring inheritance
This PR was squashed before being merged into the 2.7 branch (closes#19666).
Discussion
----------
Verify explicitly that the request IP is a valid IPv4 address
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Take the following base code (the array is based on [CloudFlare IP Ranges](https://www.cloudflare.com/ips/)):
```php
use Symfony\Component\HttpFoundation\IpUtils;
$ips = [
"103.21.244.0/22",
"103.22.200.0/22",
"103.31.4.0/22",
"104.16.0.0/12",
"108.162.192.0/18",
"131.0.72.0/22",
"141.101.64.0/18",
"162.158.0.0/15",
"172.64.0.0/13",
"173.245.48.0/20",
"188.114.96.0/20",
"190.93.240.0/20",
"197.234.240.0/22",
"198.41.128.0/17",
"199.27.128.0/21",
"2400:cb00::/32",
"2405:8100::/32",
"2405:b500::/32",
"2606:4700::/32",
"2803:f800::/32",
"2c0f:f248::/32",
"2a06:98c0::/29",
];
```
Before this PR, the following code would have returned `true` instead of the expected `false` value:
```php
IpUtils::checkIp('blablabla', $ips);
```
This due to the `ip2long` function returning `false` for an invalid IP address, thus returning `"00000000000000000000000000000000"` with the following code:
```php
sprintf('%032b', ip2long('blablabla'));
```
To fix this I simply check if the `$requestIp` variable contains a valid IP address.
Commits
-------
17e418c Verify explicitly that the request IP is a valid IPv4 address
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Fix too strict test
| Q | A
| ------------- | ---
| Branch? | 2.7
| Tests pass? | yes
| License | MIT
This test is too strict and prevents adding properties to Data objects for no reason.
Commits
-------
2e7301d [HttpKernel] Fix too strict test
* 2.8:
Disable CLI color for Windows 10 greater than 10.0.10586
Exception details break the layout
[HttpKernel] Remove wrong docblock
[HttpKernel] Fix HttpCache validation HTTP method
Move space from the before 'if' to the after 'if'
[TwigBundle] Add a check for choice's attributes emptiness before calling block('attributes')
* 2.7:
Disable CLI color for Windows 10 greater than 10.0.10586
Exception details break the layout
[HttpKernel] Remove wrong docblock
[HttpKernel] Fix HttpCache validation HTTP method
Move space from the before 'if' to the after 'if'
[TwigBundle] Add a check for choice's attributes emptiness before calling block('attributes')
This PR was submitted for the master branch but it was merged into the 2.7 branch instead (closes#19660).
Discussion
----------
Disable CLI color for Windows 10 greater than 10.0.10586
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19520
| License | MIT
| Doc PR |
The command prompt in Windows 10.0.10586 had enabled color support by default.
But in the next Windows versions they disabled it ([reference](https://wpdev.uservoice.com/forums/266908-command-prompt-console-bash-on-ubuntu-on-windo/suggestions/15617610--re-enable-enable-virtual-terminal-processing-by)): every exe now needs to explicitly turn on the color support.
I [already asked](https://bugs.php.net/bug.php?id=72768) the PHP dev team to enable it for php.exe, but they said they are busy for now.
So, let's turn off colors for Windows, until we'll have new PHP versions with color support enabled.
Commits
-------
255c59f Disable CLI color for Windows 10 greater than 10.0.10586
This PR was merged into the 2.7 branch.
Discussion
----------
Exception details break the layout
Exception details break the layout
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| License | MIT
By adding `word-wrap: break-word;` the exception details will wrap inside the block.
Commits
-------
00b4ecb Exception details break the layout
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Remove wrong docblock
| Q | A
| ------------- | ---
| Branch? | 2.7
| Tests pass? | yes
| License | MIT
The doc block must come from a bad merge...
Meanwhile, let's group "count*" methods together.
Commits
-------
1972a8f [HttpKernel] Remove wrong docblock
This PR was merged into the 2.7 branch.
Discussion
----------
[TwigBundle] Add a check for choice's attributes emptiness before calling block('attributes')
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Remove unnecessary block calling for choices without "choice_attr" option. This check gain the performance on a large datasets.
Previous Pull to master #19527
Commits
-------
bf6748d Move space from the before 'if' to the after 'if'
d1cf4d1 [TwigBundle] Add a check for choice's attributes emptiness before calling block('attributes')
This commit fix a bug when using debug function too soon.
For example, if you call dump function during kernel::boot() the
dump output will be sent to stderr, even in a web context.
With this patch, the data collector is used by default, so the
dump output is send to the WDT. In a CLI context, if dump is used
too soon, the datacollector will buffer it, and release it at the
end of the script. So in this case everything will be visible by the
end used.
* 2.8:
[Routing] Add missing options in docblock
[VarDumper] Fix dumping continuations
[HttpFoundation] fixed Request::getContent() reusage bug
[Form] Skip CSRF validation on form when POST max size is exceeded
Enhance the phpDoc return types so IDEs can handle the configuration tree.
fixes
Remove 3.0 from branch suggestions for fixes in PR template
[Process] Strengthen Windows pipe files opening (again...)
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
* 2.7:
[Routing] Add missing options in docblock
[VarDumper] Fix dumping continuations
[HttpFoundation] fixed Request::getContent() reusage bug
[Form] Skip CSRF validation on form when POST max size is exceeded
Enhance the phpDoc return types so IDEs can handle the configuration tree.
fixes
Remove 3.0 from branch suggestions for fixes in PR template
[Process] Strengthen Windows pipe files opening (again...)
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
This PR was merged into the 3.1 branch.
Discussion
----------
Use try-finally where it possible
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Just a minior refactoring for using PHP 5.5 feature.
Commits
-------
747ddf6 Use try-finally where it possible
This PR was merged into the 2.7 branch.
Discussion
----------
[Routing] Add missing options in docblock
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Courtesy of @c960657 in #19562
Commits
-------
f45da32 [Routing] Add missing options in docblock
This PR was squashed before being merged into the 3.1 branch (closes#19437).
Discussion
----------
[PropertyInfo] Fix an error in PropertyInfoCacheExtractor
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
An argument was forgotten in the ``PropertyInfoCacheExtractor`` class leading to exceptions such as
```
PHP Warning: ucfirst() expects parameter 1 to be string, array given in /home/guilhem/github/ast-test/vendor/symfony/symfony/src/Symfony/Component/PropertyInfo/Extractor/ReflectionExtractor.php on line 318
```
and making it unusable.
ping @dunglas
Commits
-------
d19b151 [PropertyInfo] Fix an error in PropertyInfoCacheExtractor
This PR was squashed before being merged into the 2.7 branch (closes#19549).
Discussion
----------
[HttpFoundation] fixed Request::getContent() reusage bug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
After calling ```Request::getContent(true)```, subsequent calls to the
same instance method (withouth the ```$asResource``` flag) always returned
```false``` instead of the request body as a plain string.
A unit test already existed to guard against this behaviour (the 'Resource then fetch' case) but it
yielded a false positive because it was comparing ```''``` to ```false``` using
PHPUnit's ```assertEquals``` method instead of ```assertSame```.
For completeness sake I also added the missing usage permutations in
the data provider, which already worked OK.
Commits
-------
c42ac66 [HttpFoundation] fixed Request::getContent() reusage bug
This PR was merged into the 3.1 branch.
Discussion
----------
[DependencyInjection] ContainerBuilder: Remove obsolete definitions
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | yes
| New feature? |no
| BC breaks? | may be considered
| Deprecations? | may be considered
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
IIUC, [the obsolete definitions thing was tied to scoped & sync services](https://github.com/symfony/symfony/pull/7007).
Thus, this code [is not meant to be used since 3.0 and can be removed](https://github.com/symfony/symfony/pull/13289).
However, it may be considered as a BC break and would require introducing a new deprecation instead, because the current code allows to set a service on a frozen container if it has an obsolete synthetic definition...which is weird, isn't it ? (I doubt this feature was explicitly intended to allow setting a synthetic service more than once, and it wasn't before sync services introduction)
I suggest this as a patch for 3.1, under the pretext of forgotten code tied to a previous deprecation & feature removal, but let me know if it should be considered differently.
Commits
-------
daa7d00 [DependencyInjection] ContainerBuilder: Remove obsolete definitions
This PR was squashed before being merged into the 2.7 branch (closes#19373).
Discussion
----------
[Form] Skip CSRF validation on form when POST max size is exceeded
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19140
| License | MIT
| Doc PR | N/A
In #19140 the CSRF validation listener was not aware that the POST max size had exceeded, and was adding a form error message that wasn't relevant to the actual error.
This introduces the `ServerParams` utility class into the `CsrfValidationListener` and checks that the POST max size has not been exceeded. If it has then it won't bother trying to validate the CSRF token.
My main concern with this change is that it opens up an attack vector around tokens, but I've encapsulated the request size validation in a single method in `ServerParams` now so that the request handlers are using the same logic.
Commits
-------
289531f [Form] Skip CSRF validation on form when POST max size is exceeded
