This PR was merged into the 4.2 branch.
Discussion
----------
[Routing] fix trailing slash redirection with non-greedy trailing vars
| Q | A
| ------------- | ---
| Branch? | 4.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #30863, #31066
| License | MIT
| Doc PR | -
Fixes redirecting `/123/` to `/123` when the route is defined as `/{foo<\d+>}`
Commits
-------
d88833d27a [Routing] fix trailing slash redirection with non-greedy trailing vars
This PR was merged into the 4.2 branch.
Discussion
----------
[FrameworkBundle] decorate the ValidatorBuilder's translator with LegacyTranslatorProxy
| Q | A
| ------------- | ---
| Branch? | 4.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #31092, #31025
| License | MIT
| Doc PR | -
This allows defining a translator that implements only the new interface and use it with ValidatorBuilder.
ping @dvdknaap, @snebes since you were affected.
Commits
-------
a12656eaad [FrameworkBundle] decorate the ValidatorBuilder's translator with LegacyTranslatorProxy
This PR was merged into the 4.2 branch.
Discussion
----------
[HttpKernel] Fix get session when the request stack is empty
| Q | A
| ------------- | ---
| Branch? | 4.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
This bug happen behind an exception on a kernel response event, when one collector (e.g. `RequestDataCollector`) is trying to get the request session and the request stack is currently empty.
**Reproducer**
https://github.com/yceruto/get-session-bug (`GET /`)
See logs on terminal:
```bash
Apr 15 20:29:03 |ERROR| PHP 2019-04-15T20:29:03-04:00 Call to a member function isSecure() on null
Apr 15 20:29:03 |ERROR| PHP PHP Fatal error: Uncaught Symfony\Component\Debug\Exception\FatalThrowableError: Call to a member function isSecure() on null in /home/yceruto/demos/getsession/vendor/symfony/http-kernel/EventListener/SessionListener.php:43
Apr 15 20:29:03 |DEBUG| PHP Stack trace:
Apr 15 20:29:03 |DEBUG| PHP #0 /home/yceruto/demos/getsession/vendor/symfony/http-kernel/EventListener/AbstractSessionListener.php(59): Symfony\Component\HttpKernel\EventListener\SessionListener->getSession()
Apr 15 20:29:03 |DEBUG| PHP #1 /home/yceruto/demos/getsession/vendor/symfony/http-foundation/Request.php(707): Symfony\Component\HttpKernel\EventListener\AbstractSessionListener->Symfony\Component\HttpKernel\EventListener\{closure}()
Apr 15 20:29:03 |DEBUG| PHP #2 /home/yceruto/demos/getsession/vendor/symfony/http-kernel/DataCollector/RequestDataCollector.php(65): Symfony\Component\HttpFoundation\Request->getSession()
Apr 15 20:29:03 |DEBUG| PHP #3 /home/yceruto/demos/getsession/vendor/symfony/http-kernel/Profiler/Profiler.php(167): Symfony\Component\HttpKernel\DataCollector\RequestDataCollector->collect(Object(Symfony\Component\HttpFoundation\Request), Object(Symfony\Component\HttpFoundation\Respo in /home/yceruto/demos/getsession/vendor/symfony/http-kernel/EventListener/SessionListener.php on line 43
```
Friendly ping @nicolas-grekas as author of the previous PR https://github.com/symfony/symfony/pull/28244
Commits
-------
d62ca37ab6 Fix get session when the request stack is empty
* 3.4:
Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)"
[FrameworkBundle] minor: remove a typo from changelog
[VarDumper][Ldap] relax some locally failing tests
[Validator] #30192 Added the missing translations for the Tagalog ("tl") locale.
Make MimeTypeExtensionGuesser case insensitive
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Added the missing translations for the Tagalog ("tl") locale
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | No
| New feature? | No
| BC breaks? | No
| Deprecations? | No
| Tests pass? | Yes
| Fixed tickets | #30192
| License | MIT
| Doc PR |
[Validator] This pull request will add the missing translations for the Tagalog ("tl") locale.
Commits
-------
6ab574b7c9 [Validator] #30192 Added the missing translations for the Tagalog ("tl") locale.
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Make MimeTypeExtensionGuesser case insensitive
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Some mime types have a camelCase word in them.
The Apache HTTPD project list items are all lower case.
So I suggest making the $mimeType string lowercase while checking the array key.
That way, we can keep the list in sync.
Example: xlsm file mime type is `application/vnd.ms-excel.sheet.macroEnabled.12`
The key that matches the xlsm extension in the `$defaultExtensions` array is `application/vnd.ms-excel.sheet.macroenabled.12`
Example xlsm file:
https://github.com/vermeirentony/xlsm-example
Commits
-------
e294ee6b9a Make MimeTypeExtensionGuesser case insensitive
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine
Based on #88
Commits
-------
ab4d05358c Fix XSS issues in the form theme of the PHP templating engine
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Add a separator in the remember me cookie hash
Based on #89
Commits
-------
a29ce2817c [Security] Add a separator in the remember me cookie hash
* 3.4:
bumped Symfony version to 3.4.26
updated VERSION for 3.4.25
update CONTRIBUTORS for 3.4.25
updated CHANGELOG for 3.4.25
Workaround for \DateInterval::createFromDateString()
Missing Lithuanian translations added to validator component.
* 3.4:
Skip testing the phpunit-bridge on not-master branches when $deps is empty
more tests
[DI] Fixes: #28326 - Overriding services autowired by name under _defaults bind not working
This PR was merged into the 4.2 branch.
Discussion
----------
[DI] fix removing non-shared definition while inlining them
| Q | A
| ------------- | ---
| Branch? | 4.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #29628
| License | MIT
| Doc PR | -
I didn't manage to create a specific test case but this still has 100% coverage for the added lines and fixed the reproducer (and makes sense also :) )
Commits
-------
317e820694 [DI] fix removing non-shared definition while inlining them
This PR was merged into the 3.4 branch.
Discussion
----------
[DI] Overriding services autowired by name under _defaults bind not working
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #28326
| License | MIT
This is an implementation of ideas and suggestions of @nicolas-grekas and @GuilhemN.
Commits
-------
7e805eae2b more tests
35a40ace6f [DI] Fixes: #28326 - Overriding services autowired by name under _defaults bind not working
This PR was merged into the 4.2 branch.
Discussion
----------
[FrameworkBundle] Fix for Controller DEPRECATED when using composer --optimized
| Q | A |
| --- | --- |
| Branch? | 4.2 |
| Bug fix? | Yes |
| New feature? | No |
| BC breaks? | No |
| Deprecations? | No |
| Tests pass? | Yes |
| Fixed tickets | --- |
| License | MIT |
Using `composer --optimize-autoload` causes `console cache:clear` (without warmup) to give DEPRECATED error, that stays in profiler.
I moved `@trigger_error` from beggining of the file to Controller __consctruct method.
Commits
-------
2ae2fd800d [FrameworkBundle] Fix Controller deprecated when using composer --optimized