This PR was merged into the 2.7 branch.
Discussion
----------
Update misleading comment about RFC4627
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
RFC 4627 does not dictate escaping of HTML special characters
Commits
-------
72b6c9e Update misleading comment about RFC4627
This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Dont close the reponse stream in debug
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19078
| License | MIT
| Doc PR | -
Because it's `terminate`'s job to clean the state, not the `Response`'s,
and because the current behavior prevents getting any output on trailing errors on FPM especially.
Commits
-------
2fbc200 [HttpKernel] Dont close the output stream in debug
This PR was merged into the 2.7 branch.
Discussion
----------
[Session] fix PDO transaction aborted under PostgreSQL
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #14641
| License | MIT
| Doc PR |
Fixes the transactional concurrency error handling for PostgreSQL which does not allow to execute further queries in a transaction with an error.
Because of the loop, look at the diff with whitespace ignored to see the difference: https://github.com/symfony/symfony/pull/19101/files?w=1
Commits
-------
f8eefa0 [Session] fix PDO transaction aborted under PostgreSQL
* 2.3:
Update HTTP statuses list
[Console][#18619] Prevent fatal error when calling Command#getHelper() without helperSet
Add SplFileInfo array doc on Finder iterator methods so that IDE will know what it returns
[2.3] [Form] Modified iterator_to_array's 2nd parameter to false in ViolationMapper
Updated the link to the list of currency codes
* 2.3:
[HttpFoundation] Improve phpdoc
[Logging] Add support for firefox in ChromePhpHandler
[Security] Fixed SwitchUserListener when exiting an impersonication with AnonymousToken
[Form] fix "prototype" not required when parent form is not required
Improve the phpdoc for the `$default` parameter of the `get()` method. It wasn't clear when the default value would be used (whether the key would not exist or the value was `null` or nullish).
The comment is now in sync with `Symfony\Component\HttpFoundation\ParameterBag::get()`.
* 2.3:
[travis] Disable hirak/prestissimo for deps=low/high tests
[HttpFoundation] fix phpdoc of UploadedFile
[ci] Skip dns-sensitive tests when DnsMock is not found
Optimize ReplaceAliasByActualDefinitionPass
[Process] use __METHOD__ where applicable
Conflicts:
.travis.yml
src/Symfony/Component/DependencyInjection/Compiler/ReplaceAliasByActualDefinitionPass.php
src/Symfony/Component/Process/Process.php
src/Symfony/Component/Process/ProcessBuilder.php
* 2.3:
bumped Symfony version to 2.3.40
set s-maxage only if all responses are cacheable
updated VERSION for 2.3.39
update CONTRIBUTORS for 2.3.39
updated CHANGELOG for 2.3.39
Improved the "branch" row of the PR table
Fix typos #18090 1. PHPs session design to PHP's session design 2. Symfony HttpKernel offers to Symfony's HttpKernel offers 3. in which case it it should to in which case it should
Fix for Isssue #18091
replace perfom by perform
minor #18088 Fix typo for profiler
1. PHPs session design to PHP's session design
2. Symfony HttpKernel offers to Symfony's HttpKernel offers
3. in which case it it should to in which case it should
* 2.3:
[ci] use hirak/prestissimo
[Filesystem] Fix transient tests
[HttpFoundation] Avoid warnings when checking malicious IPs
[HttpFoundation] Set the Content-Range header if the requested Range is unsatisfied
Conflicts:
appveyor.yml
src/Symfony/Component/Filesystem/Tests/FilesystemTest.php
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] Set the Content-Range header if the requested Range is unsatisfied
| Q | A
| ------------- | ---
| Branch | 2.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
This is a followup to https://github.com/symfony/symfony/pull/17150#issuecomment-174509954
[RFC2616](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html) specifies the Content-Range header SHOULD be included with a *416 Requested Range Not Satisfiable* response:
> When this status code is returned for a byte-range request, the response SHOULD include a Content-Range entity-header field specifying the current length of the selected resource (see section 14.16). This response MUST NOT use the multipart/byteranges content- type.
[RFC 7233](https://tools.ietf.org/html/rfc7233#section-4.2) specifies what should be the header's value. It's in the "Request for comments" state, but it's the best definition I could find. This value is valid according to rfc2616 as well.
Commits
-------
54329d8 [HttpFoundation] Set the Content-Range header if the requested Range is unsatisfied
* 2.3:
[Finder] Partially revert #17134 to fix a regression
[HttpKernel] Fix mem usage when stripping the prod container
exception when registering bags for started sessions
Conflicts:
src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the 2.3 branch.
Discussion
----------
[HttpFoundation] exception when registering bags for started sessions
| Q | A
| ------------- | ---
| Branch | 2.3
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #10707, #16136
| License | MIT
| Doc PR |
Commits
-------
c4a5b67 exception when registering bags for started sessions
* 2.3:
[HttpFoundation] Fix transient test
[HttpFoundation] Add a dependency on the mbstring polyfill
add readme files where missing
Don't use reflections when possible
[Form] Update form tests after the ICU data update
[Intl] Update tests and the number formatter to match behaviour of the intl extension
[Intl] Update the ICU data to version 55
[Intl] Fix the update-data.php script in preparation for ICU 5.5
Use constant instead of function call.
fixed test name
automatically generate safe fallback filename
Conflicts:
src/Symfony/Component/Debug/Debug.php
src/Symfony/Component/HttpFoundation/composer.json
src/Symfony/Component/Serializer/Tests/Normalizer/GetSetMethodNormalizerTest.php
* 2.3:
Updated all the README files
[TwigBundle] Fix failing test on appveyor
[FrameworkBundle] Fix a regression in handling absolute and namespaced template paths
Allow to normalize \Traversable
Remove _path from query parameters when fragment is a subrequest and request attributes are already set Added tests for _path removal in FragmentListener
Simplified everything
Added a test
Fixed the problem in an easier way
Fixed a syntax issue
Improved the error message when a template is not found
[CodingStandards] Conformed to coding standards
[TwigBundle] fixed Include file locations in "Template could not be found" exception
This PR was squashed before being merged into the 2.3 branch (closes#17997).
Discussion
----------
Updated all the README files
| Q | A
| ------------- | ---
| Branch | 2.3
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Related to #17995.
Commits
-------
2e81248 Updated all the README files
* 2.3:
[DomCrawler] Dont use LIBXML_PARSEHUGE by default
[Filesystem] Reduce complexity of ->remove()
added tests for non-trusted proxies
add 'guid' to list of exception to filter out
Ensure backend slashes for symlinks on Windows systems
[Filesystem] Try to delete broken symlinks
* 2.3:
#17676 - making the proxy instantiation compatible with ProxyManager 2.x by detecting proxy features
Fix bug when using an private aliased factory service
ChoiceFormField of type "select" could be "disabled"
Update contributing docs
[Console] Fix escaping of trailing backslashes
Fix constraint validator alias being required
[ci] clone with depth=1 to kill push-forced PRs
Add check on If-Range header
* 2.3:
remove unnecessary retrieval and setting of data
avoid (string) catchable fatal error for __PHP_Incomplete_Class instances
sendContent return as parent.
[FrameworkBundle] Fix a typo
This PR was merged into the 2.3 branch.
Discussion
----------
Static code analysis
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Things that done:
* fix case in method calls
* removed unused imports
* use shorter concat where it possible
* optimize some css
* removed duplicated array keys
* removed redurant return statements
* removed one-time variables
* do not pass arguments that not used in functions
Commits
-------
8db691a Static code analysis
* 2.3:
[Request] Ignore invalid IP addresses sent by proxies
Able to load big xml files with DomCrawler
fixed typo
[Form] Fix constraints could be null if not set
[Finder] Check PHP version before applying a workaround for a PHP bug
fixed CS
sort bundles in config:dump-reference command
Fixer findings.
* 2.3:
[SecurityBundle] Optimize dependency injection tests
[HttpFoundation] Do not overwrite the Authorization header if it is already set
tag for dumped PHP objects must be a local one
* 2.3:
[Process] Remove a misleading comment
Improve the phpdoc of SplFileInfo methods
[Process] Use stream based storage to avoid memory issues
Fixed the documentation of VoterInterface::supportsAttribute
Remove useless duplicated tests
[FrameworkBundle] Optimize framework extension tests
Use is_subclass_of instead of Reflection when possible
* 2.3:
[ClassLoader] Use symfony/polyfill-apcu
[HttpFoundation][Cookie] Cookie DateTimeInterface fix
bumped Symfony version to 2.3.38
updated VERSION for 2.3.37
update CONTRIBUTORS for 2.3.37
updated CHANGELOG for 2.3.37
Conflicts:
.travis.yml
src/Symfony/Component/ClassLoader/composer.json
src/Symfony/Component/HttpKernel/Kernel.php
* 2.3:
Typo fix
[2.3] Static Code Analysis for Components
Added support \IteratorAggregate for UniqueEntityValidator
Fix#17306 Paths with % in it are note allowed (like urlencoded)
Added sort order SORT_STRING for params in UriSigner
Remove normalizer cache in Serializer class