* 3.4:
Revert "bug #30423 [Security] Rework firewall's access denied rule (dimabory)"
[FrameworkBundle] minor: remove a typo from changelog
[VarDumper][Ldap] relax some locally failing tests
[Validator] #30192 Added the missing translations for the Tagalog ("tl") locale.
Make MimeTypeExtensionGuesser case insensitive
This PR was merged into the 3.4 branch.
Discussion
----------
[Validator] Added the missing translations for the Tagalog ("tl") locale
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | No
| New feature? | No
| BC breaks? | No
| Deprecations? | No
| Tests pass? | Yes
| Fixed tickets | #30192
| License | MIT
| Doc PR |
[Validator] This pull request will add the missing translations for the Tagalog ("tl") locale.
Commits
-------
6ab574b7c9 [Validator] #30192 Added the missing translations for the Tagalog ("tl") locale.
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] Make MimeTypeExtensionGuesser case insensitive
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!-- required for new features -->
Some mime types have a camelCase word in them.
The Apache HTTPD project list items are all lower case.
So I suggest making the $mimeType string lowercase while checking the array key.
That way, we can keep the list in sync.
Example: xlsm file mime type is `application/vnd.ms-excel.sheet.macroEnabled.12`
The key that matches the xlsm extension in the `$defaultExtensions` array is `application/vnd.ms-excel.sheet.macroenabled.12`
Example xlsm file:
https://github.com/vermeirentony/xlsm-example
Commits
-------
e294ee6b9a Make MimeTypeExtensionGuesser case insensitive
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] minor: remove a typo from changelog
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | no <!-- don't forget to update src/**/CHANGELOG.md files -->
| BC breaks? | no <!-- see https://symfony.com/bc -->
| Deprecations? | no <!-- don't forget to update UPGRADE-*.md and src/**/CHANGELOG.md files -->
| Tests pass? | yes <!-- please add some, will be required by reviewers -->
| Fixed tickets | none <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | none. <!-- required for new features -->
<!--
Write a short README entry for your feature/bugfix here (replace this comment block.)
This will help people understand your PR and can be used as a start of the Doc PR.
Additionally:
- Bug fixes must be submitted against the lowest branch where they apply
(lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
-->
just a little typo fix: new new -> new
Commits
-------
8f7682c175 [FrameworkBundle] minor: remove a typo from changelog
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle][Form] Fix XSS issues in the form theme of the PHP templating engine
Based on #88
Commits
-------
ab4d05358c Fix XSS issues in the form theme of the PHP templating engine
This PR was merged into the 3.4 branch.
Discussion
----------
[Security] Add a separator in the remember me cookie hash
Based on #89
Commits
-------
a29ce2817c [Security] Add a separator in the remember me cookie hash
This PR was merged into the 3.4 branch.
Discussion
----------
[HttpFoundation] reject invalid method override
Based on #86
Commits
-------
944e60f083 [HttpFoundation] reject invalid method override
* 4.2:
bumped Symfony version to 4.2.7
updated VERSION for 4.2.6
updated CHANGELOG for 4.2.6
bumped Symfony version to 3.4.26
updated VERSION for 3.4.25
update CONTRIBUTORS for 3.4.25
updated CHANGELOG for 3.4.25
Workaround for \DateInterval::createFromDateString()
[DoctrineBridge] [DX] Update exception text in ManagerRegistry::resetService to avoid confusion.
Missing Lithuanian translations added to validator component.
* 3.4:
bumped Symfony version to 3.4.26
updated VERSION for 3.4.25
update CONTRIBUTORS for 3.4.25
updated CHANGELOG for 3.4.25
Workaround for \DateInterval::createFromDateString()
Missing Lithuanian translations added to validator component.
This PR was merged into the 4.3-dev branch.
Discussion
----------
[Messenger] Remove base64_encode & use addslashes
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | none
| License | MIT
| Doc PR | already covered by existing issue
In #30814, we base64_encoded messages because some transports (specifically DoctrineTransport + Postgresql & SQS) do not allow binary data.
The downside is that the messages become unreadable, which makes it much less convenient to debug your messages with 3rd party monitoring tools, for example.
This PR replaces base64_encode with addslashes. Another alternative (that I first tried in this PR) was to use a blob type, which Drupal does in its code (https://www.drupal.org/project/drupal/issues/690746). But, it still meant that binary data could cause problems with other transports, like SQS.
I also put all the serializer config under a nice, neat `serializer` key under messenger.
Best seen with `?w=1`.
Cheers!
Commits
-------
70b448d120 Reorganizing messenger serializer config and replacing base64_encode with addslashes
This PR was squashed before being merged into the 4.3-dev branch (closes#31040).
Discussion
----------
[BrowserKit] Fixed BC-break introduced by rename of Client to Browser
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/issues/31039
| License | MIT
| Doc PR |
Since #30541 the inheritance hierarchy of `\Symfony\Component\BrowserKit\Client` has changed. Notably the test.client no longer is an instance of `\Symfony\Component\BrowserKit\Client`.
This PR uses `class_alias` to fix the class hierarchy similarly as has been done in Twig. In this case I copied the approach of `Twig_TokenParser_AutoEscape` and `\Twig\TokenParser\AutoEscapeTokenParser`
Commits
-------
6a94dea5cd [BrowserKit] Fixed BC-break introduced by rename of Client to Browser