This PR was merged into the master branch.
Discussion
----------
[FrameworkBundle] made sure that the debug event dispatcher is used everywhere
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6686, #7673
| License | MIT
| Doc PR | n/a
The removal of the Profiler dependency on the TraceableEventDispatcher (#9170) allows to remerge the patch from #9068 that fixes#6686.
This PR also cleans up how profiles are stored. A Profile is now always stored only once.
The fix will only be available on 2.4+ as the changes are too deep to be backported to 2.2 and 2.3.
Commits
-------
1e1835e [FrameworkBundle] made sure that the debug event dispatcher is used everywhere
This PR was merged into the 2.2 branch.
Discussion
----------
[Form] Fixed: The "data" option is taken into account even if it is NULL
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
c1a3eb3 [Form] Fixed: The "data" option is taken into account even if it is NULL
This PR was merged into the master branch.
Discussion
----------
[Form] Fixed form debugger to work even when no view variables are logged
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9331
| License | MIT
| Doc PR | -
Commits
-------
99a4b7e [Form] Fixed form debugger to work even when no view variables are logged (e.g. upon redirects)
This PR was merged into the 2.2 branch.
Discussion
----------
[Serializer] Fixed the error handling when decoding invalid XML to avoid a Warning
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Without the exception being thrown here, the call to ``simplexml_import_dom`` throws a warning saying ``Invalid Nodetype to import``.
This has been reported by @Tobion after we refactored FOSRestBundle to use this XmlEncoder instead of a duplication of a previous version of the class: https://github.com/FriendsOfSymfony/FOSRestBundle/pull/583/files#r7221045
Commits
-------
b2550b9 Fixed the error handling when decoding invalid XML to avoid a Warning
This PR was merged into the master branch.
Discussion
----------
prevent PHP from magically setting a 302 header
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | yes (for people relying on getting a magic 302 when setting a Location header)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
this needs a test case .. but first let me know if you are ok with this change.
see http://www.php.net/manual/en/function.header.php
Commits
-------
c140d4f prevent PHP from magically setting a 302 header, see http://www.php.net/manual/en/function.header.php
This PR was squashed before being merged into the master branch (closes#9252).
Discussion
----------
[FrameworkBundle] Only enable CSRF protection when enabled in config
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | maybe?
| Deprecations? | no
| Tests pass? | I hope, master was already broken here
| License | MIT
bf85e8365a introduced new service configuration for CSRF protection in the frameworkbundle. It is always enabled even if you don't use it. Since it also depends on enabling the session that's not so nice.
Commits
-------
60dce14 [FrameworkBundle] Only enable CSRF protection when enabled in config
This PR was merged into the 2.2 branch.
Discussion
----------
[DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
According to [section 3.7 of RFC 2616][], media-type attribute names in the `Content-Type` header are case-insensitive.
Therefore, identification of the `text` type and the `charset` parameter in the `Content-Type` header should be case-insensitive.
[section 3.7 of RFC 2616]: http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html#sec3.7
Commits
-------
17a2d66 [DomCrawler] [HttpFoundation] Make `Content-Type` attributes identification case-insensitive
* 2.3:
Fixed English usage for existing users.
Clean up of WebProfiler Controller classes:
[Process] Fix#9343 : revert file handle usage on Windows platform
This PR was merged into the 2.2 branch.
Discussion
----------
[2.2][Process] Fix#9343 : revert file handle usage on Windows platform
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9343
| License | MIT
Hello,
I propose to revert the use of file handles only for `STDOUT` on Windows platform (see implementation in 2.2.6 [here](4059720232/src/Symfony/Component/Process/Process.php (L231-L242))).
When I decoupled pipes management from `Process` in #8924, I used file handles for both `STDOUT` and `STDERR`. This was an error as it introduced random failure in reading the handles (reported as [PHP#65650](https://bugs.php.net/bug.php?id=65650)).
Reverting to the previous implementation solves the issue. My apologies for the issues it introduced.
Versions that have been affected by the bug are 2.2.7, 2.2.8, 2.2.9, 2.3.4, 2.3.5 and 2.3.6.
Side note : I thought about testing the file handles implementation on *nix, but it fails most of the time where as Windows is okay. Unit testing on windows is okay (AbstractProcessTest::testProcessPipes tests it), but I don't provide a travis compatible test.
Commits
-------
e9dd408 [Process] Fix#9343 : revert file handle usage on Windows platform
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#9372).
Discussion
----------
Fixed English usage for existing users.
Commits
-------
b674e44 Fixed English usage for existing users.
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes#9359).
Discussion
----------
Clean up of WebProfiler Controller classes
- Added missing "@throws" PHPdoc comments in controllers
- Updated deprecated reference to Symfony\Component\HttpKernel\Debug\ExceptionHandler to use Symfony\Component\Debug\ExceptionHandler instead
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
Commits
-------
592b831 Clean up of WebProfiler Controller classes:
Added missing "@throws" PHPdoc comments in controllers
Updated deprecated reference to Symfony\Component\HttpKernel\Debug\ExceptionHandler to use Symfony\Component\Debug\ExceptionHandler instead
* 2.3:
[DoctrineBridge] Added type check to prevent calling clear() on arrays
[Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
Fix docblock typo
This PR was merged into the master branch.
Discussion
----------
[2.4][Form] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
#9333 merged into master.
Commits
-------
9a8ec64 Merge branch 'fix-csrf-default-2.3' into fix-csrf-default-2.4
baa2356 [Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
408769e bug #9328 [2.3][Form] Changed FormTypeCsrfExtension to use the form's name as default intention (bschussek)
* 2.2:
[DoctrineBridge] Added type check to prevent calling clear() on arrays
[Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
Fix docblock typo
Conflicts:
src/Symfony/Component/Form/Extension/Csrf/Type/FormTypeCsrfExtension.php
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3][Form] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
#9333 merged into 2.3.
Commits
-------
baa2356 [Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
This PR was merged into the 2.2 branch.
Discussion
----------
[2.2][Form] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
ping @stof
follow-up PR to #9327
Commits
-------
219e44d [Intl] Improved FormTypeCsrfExtension to use the type class as default intention if the form name is empty
This PR was merged into the 2.2 branch.
Discussion
----------
[DoctrineBridge] Added type check to prevent calling clear() on arrays
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Commits
-------
4ff59d7 [DoctrineBridge] Added type check to prevent calling clear() on arrays
This PR was merged into the master branch.
Discussion
----------
[2.4][Config] Fixed namespace when dumping reference
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The namespace was given to the wrong function, resulting in wrong namespaes when dumping XML.
Commits
-------
2b0b355 Fixed XML dump
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#9312).
Discussion
----------
[Security] Fix docblock typo
Commits
-------
bff65b2 [Security] Fix docblock typo
This PR was merged into the master branch.
Discussion
----------
[2.4][Form] Changed FormTypeCsrfExtension to use the form's name as default token ID
Equivalent of #9327, merged into master.
Commits
-------
6400bd1 Merge branch 'fix-csrf-default-2.3' into fix-csrf-default-2.4
c4abe83 Merge branch 'fix-csrf-default-2.2' into fix-csrf-default-2.3
b07c618 [Form] Changed FormTypeCsrfExtension to use the form's name as default intention
This PR was merged into the 2.3 branch.
Discussion
----------
[2.3][Form] Changed FormTypeCsrfExtension to use the form's name as default intention
Equivalent of #9327, merged into 2.3.
Commits
-------
c4abe83 Merge branch 'fix-csrf-default-2.2' into fix-csrf-default-2.3
b07c618 [Form] Changed FormTypeCsrfExtension to use the form's name as default intention
This PR was merged into the 2.2 branch.
Discussion
----------
[2.2][Form] Changed FormTypeCsrfExtension to use the form's name as default intention
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Before, every form used the same "intention"/"csrf_token_id" value by default, namely "unknown". This PR fixes the default value to the form's name, which is at least different for forms with (a) explicit names and (b) different types, where the implicit name equals the type's name.
Commits
-------
b07c618 [Form] Changed FormTypeCsrfExtension to use the form's name as default intention