This PR was merged into the 3.1 branch.
Discussion
----------
[FrameworkBundle] Advise to not use the serializer services related to the cache
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Advise to not use the serializer services related to the cache.
Commits
-------
16358d4 [FrameworkBundle] Update the UPGRADING files Advise to not use the service `serializer.mapping.cache.apc` anymore
* 3.0:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
* 2.8:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
* 2.7:
[HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
[HttpKernel] Move conflicting origin IPs handling to catch block
[travis] Fix deps=low/high patching
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Move handling of conflicting origin IPs to catch block
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19217
| License | MIT
| Doc PR | -
Commits
-------
db84101 [HttpKernel] Add listener that checks when request has both Forwarded and X-Forwarded-For
1f00b55 [HttpKernel] Move conflicting origin IPs handling to catch block
This PR was merged into the 2.7 branch.
Discussion
----------
[travis] Fix deps=low/high patching
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
Deps=low/high are broken since we added depth=1 to the git checkout on travis...
This fixes the situation and ensures it won't happen again by adding a missing error check.
Commits
-------
5ec92e8 [travis] Fix deps=low/high patching
This PR was squashed before being merged into the 3.1 branch (closes#18934).
Discussion
----------
Fixed some issues of the AccessDecisionManager profiler
| Q | A
| ------------- | ---
| Branch? | 3.1
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19022https://github.com/symfony/symfony-standard/issues/968https://github.com/schmittjoh/JMSSecurityExtraBundle/issues/207
| License | MIT
| Doc PR | -
Commits
-------
082f1b5 Fixed some issues of the AccessDecisionManager profiler
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpKernel] Inline ValidateRequestListener logic into HttpKernel
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18688#19216
| License | MIT
| Doc PR | -
I propose to inline the listener introduced in #18688 into HttpKernel.
Commits
-------
9d3ae85 [HttpKernel] Inline ValidateRequestListener logic into HttpKernel
This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
This PR was merged into the 2.8 branch.
Discussion
----------
fixed test
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
bac531c fixed test