* 2.7:
[travis] Fix deps=low/high builds
fixed CS
Fix for #19183 to add support for new PHP MongoDB extension in sessions.
bumped Symfony version to 2.7.16
updated VERSION for 2.7.15
update CONTRIBUTORS for 2.7.15
updated CHANGELOG for 2.7.15
Fixed typos in the expectedException annotations
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was merged into the 2.8 branch.
Discussion
----------
skip test with current phpunit bridge
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
AS for DnsMock in some other tests, (e.g. see efc1de7786)
Commits
-------
7696c95 skip test with current phpunit bridge
This PR was submitted for the master branch but it was merged into the 2.7 branch instead (closes#19186).
Discussion
----------
Fix for #19183 to add support for new PHP MongoDB extension in sessions.
| Q | A
| ------------- | ---
| Branch? | 3.0
| Bug fix? | yes
| New feature? | yes (ish)
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #19183
| License | MIT
| Doc PR |
Commits
-------
ebbc706 Fix for #19183 to add support for new PHP MongoDB extension in sessions.
This PR was merged into the 2.8 branch.
Discussion
----------
[Console] Fix block() padding formatting after #19189
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | https://github.com/symfony/symfony/pull/19189#issuecomment-229735157
| License | MIT
| Doc PR | reference to the documentation PR, if any
This fixes the unformatted padding of `block()` output after #19189.
Commits
-------
dc130be [Console] Fix for block() padding formatting after #19189
This PR was squashed before being merged into the 2.8 branch (closes#19218).
Discussion
----------
[Security][Guard] check if session exist before using it
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18958
| License | MIT
| Doc PR | -
As stated by @Shekhovtsovy when the Guard component is used without the Symfony full stack (for instance in Laravel), $request->getSession() may be null.
An additionnal PR will be needed for 3.1 but it may be better to check this one before.
Commits
-------
a3f7510 [Security][Guard] check if session exist before using it
This PR was merged into the 2.8 branch.
Discussion
----------
Fix some lowest deps
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
A 2.8-only issue
Commits
-------
aa0e8bd Fix some lowest deps
This PR was squashed before being merged into the 2.7 branch (closes#19243).
Discussion
----------
Fixed typos in the expectedException annotations
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
PHPUnit ignores any imports when resolving these. You must always reference the FQCN.
Commits
-------
b36de36 Fixed typos in the expectedException annotations
* 2.7:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Move handling of conflicting origin IPs to catch block
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19217
| License | MIT
| Doc PR | -
Commits
-------
db84101 [HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
1f00b55 [HttpKernel] Move conflicting origin IPs handling to catch block
This PR was merged into the 2.7 branch.
Discussion
----------
[travis] Fix deps=low/high patching
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Deps=low/high are broken since we added depth=1 to the git checkout on travis...
This fixes the situation and ensures it won't happen again by adding a missing error check.
Commits
-------
5ec92e8 [travis] Fix deps=low/high patching
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Inline ValidateRequestListener logic into HttpKernel
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18688#19216
| License | MIT
| Doc PR | -
I propose to inline the listener introduced in #18688 into HttpKernel.
Commits
-------
9d3ae85 [HttpKernel] Inline ValidateRequestListener logic into HttpKernel
This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
