This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
* 3.1:
fixed CS
fixed CS
fixed CS
fixed form tests
[Console] Fix formatting of SymfonyStyle::comment()
[Form] fix post max size translation type extension for >= 2.8
[Security] Allow LDAP loadUser override
removed dots at the end of @param and @return
fixed typo
* 3.0:
fixed CS
fixed CS
fixed form tests
[Console] Fix formatting of SymfonyStyle::comment()
[Form] fix post max size translation type extension for >= 2.8
removed dots at the end of @param and @return
fixed typo
* 2.8:
fixed CS
fixed form tests
[Console] Fix formatting of SymfonyStyle::comment()
[Form] fix post max size translation type extension for >= 2.8
removed dots at the end of @param and @return
fixed typo
* 3.1:
fixed CS
fixed CS
fixed CS
fixed CS
tweaked default CS fixer config
[HttpKernel] Dont close the output stream in debug
move HttpKernel component to require section
Fixed oci and sqlsrv merge queries when emulation is disabled - fixes#17284
[Session] fix PDO transaction aborted under PostgreSQL
[Console] Use InputInterface inherited doc as possible
Mention generating absolute urls in UPGRADE files and CHANGELOG
parse embedded mappings only if value is a string
add docblock type elements to support newly added IteratorAggregate::getIterator PhpStorm support
FormBuilderInterface: fix getForm() return type.
[YAML] Fixed parsing problem with nested DateTime lists
Fixed typo in PHPDoc
* 3.0:
fixed CS
fixed CS
fixed CS
tweaked default CS fixer config
[HttpKernel] Dont close the output stream in debug
move HttpKernel component to require section
Fixed oci and sqlsrv merge queries when emulation is disabled - fixes#17284
[Session] fix PDO transaction aborted under PostgreSQL
[Console] Use InputInterface inherited doc as possible
Mention generating absolute urls in UPGRADE files and CHANGELOG
add docblock type elements to support newly added IteratorAggregate::getIterator PhpStorm support
FormBuilderInterface: fix getForm() return type.
Fixed typo in PHPDoc
* 2.8:
fixed CS
fixed CS
tweaked default CS fixer config
[HttpKernel] Dont close the output stream in debug
move HttpKernel component to require section
Fixed oci and sqlsrv merge queries when emulation is disabled - fixes#17284
[Session] fix PDO transaction aborted under PostgreSQL
[Console] Use InputInterface inherited doc as possible
Mention generating absolute urls in UPGRADE files and CHANGELOG
add docblock type elements to support newly added IteratorAggregate::getIterator PhpStorm support
FormBuilderInterface: fix getForm() return type.
Fixed typo in PHPDoc
* 2.7:
fixed CS
tweaked default CS fixer config
[HttpKernel] Dont close the output stream in debug
move HttpKernel component to require section
Fixed oci and sqlsrv merge queries when emulation is disabled - fixes#17284
[Session] fix PDO transaction aborted under PostgreSQL
[Console] Use InputInterface inherited doc as possible
add docblock type elements to support newly added IteratorAggregate::getIterator PhpStorm support
FormBuilderInterface: fix getForm() return type.
Fixed typo in PHPDoc
* 3.1:
Tweak merge
update tests to use the new error assertion helper
[ci] Upgrade to symfony/phpunit-bridge >=3.2@dev
update tests to use the new error assertion helper
Conflicts:
src/Symfony/Component/DependencyInjection/Tests/ContainerBuilderTest.php
This PR was merged into the 3.2-dev branch.
Discussion
----------
[HttpKernel] Move duplicated logic from Esi/Ssi to an AbstractSurrogate
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations?| no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
c5dc50d Move duplicated logic from Esi/Ssi to an AbstractSurrogate
This PR was merged into the 3.2-dev branch.
Discussion
----------
[HttpKernel] Add convenient method ArgumentResolver:: getDefaultArgumentValueResolvers
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
I realized while implementing my own `ArgumentValueResolver` that registering a new one is not easy, you have to give the whole list of resolver instead of pushing your one in the stack.
Commits
-------
6fdfc92 [HttpKernel] Add convenient method ArgumentResolver::addArgumentValueResolver
* 3.1:
[BrowserKit] Bump dom-crawler minimum version requirement
Make one call to "OutputInterface::write" method per table row
[HttpKernel] Fix context dependent test
[Debug] Fix context dependent test
* 3.0:
[BrowserKit] Bump dom-crawler minimum version requirement
Make one call to "OutputInterface::write" method per table row
[HttpKernel] Fix context dependent test
[Debug] Fix context dependent test
* 2.8:
[BrowserKit] Bump dom-crawler minimum version requirement
Make one call to "OutputInterface::write" method per table row
[HttpKernel] Fix context dependent test
[Debug] Fix context dependent test
* 2.7:
[BrowserKit] Bump dom-crawler minimum version requirement
Make one call to "OutputInterface::write" method per table row
[HttpKernel] Fix context dependent test
[Debug] Fix context dependent test
* 3.1:
`@throws` annotations should go after `@return`
Fix merge
updated VERSION for 2.3.42
update CONTRIBUTORS for 2.3.42
updated CHANGELOG for 2.3.42
Revert "bug #18908 [DependencyInjection] force enabling the external XML entity loaders (xabbuh)"
Partial revert of previous PR
[DependencyInjection] Skip deep reference check for 'service_container'
Catch \Throwable
[Serializer] Add missing @throws annotations
Fix for #18843
force enabling the external XML entity loaders
Removed UTC specification with timestamp
* 3.0:
`@throws` annotations should go after `@return`
Fix merge
updated VERSION for 2.3.42
update CONTRIBUTORS for 2.3.42
updated CHANGELOG for 2.3.42
Revert "bug #18908 [DependencyInjection] force enabling the external XML entity loaders (xabbuh)"
Partial revert of previous PR
[DependencyInjection] Skip deep reference check for 'service_container'
Catch \Throwable
[Serializer] Add missing @throws annotations
Fix for #18843
force enabling the external XML entity loaders
Removed UTC specification with timestamp
Conflicts:
src/Symfony/Component/Yaml/Tests/InlineTest.php
* 2.8:
`@throws` annotations should go after `@return`
Fix merge
updated VERSION for 2.3.42
update CONTRIBUTORS for 2.3.42
updated CHANGELOG for 2.3.42
Revert "bug #18908 [DependencyInjection] force enabling the external XML entity loaders (xabbuh)"
Partial revert of previous PR
[DependencyInjection] Skip deep reference check for 'service_container'
Catch \Throwable
[Serializer] Add missing @throws annotations
Fix for #18843
force enabling the external XML entity loaders
Removed UTC specification with timestamp
Conflicts:
CHANGELOG-2.3.md
src/Symfony/Bundle/FrameworkBundle/Routing/DelegatingLoader.php
src/Symfony/Bundle/TwigBundle/Extension/AssetsExtension.php
src/Symfony/Component/Config/Loader/FileLoader.php
src/Symfony/Component/DependencyInjection/Container.php
src/Symfony/Component/DependencyInjection/ContainerBuilder.php
src/Symfony/Component/Finder/Expression/Expression.php
src/Symfony/Component/Finder/Finder.php
src/Symfony/Component/HttpKernel/DependencyInjection/ContainerAwareHttpKernel.php
src/Symfony/Component/HttpKernel/HttpCache/HttpCache.php
* 2.7:
`@throws` annotations should go after `@return`
Fix merge
updated VERSION for 2.3.42
update CONTRIBUTORS for 2.3.42
updated CHANGELOG for 2.3.42
Revert "bug #18908 [DependencyInjection] force enabling the external XML entity loaders (xabbuh)"
Partial revert of previous PR
[DependencyInjection] Skip deep reference check for 'service_container'
Catch \Throwable
[Serializer] Add missing @throws annotations
Fix for #18843
force enabling the external XML entity loaders
Removed UTC specification with timestamp
Conflicts:
src/Symfony/Component/DependencyInjection/Tests/Dumper/PhpDumperTest.php
src/Symfony/Component/Finder/Finder.php
src/Symfony/Component/Security/Acl/Dbal/MutableAclProvider.php
src/Symfony/Component/Security/Acl/Domain/ObjectIdentity.php
src/Symfony/Component/Security/Acl/Model/AclInterface.php
src/Symfony/Component/Security/Acl/Model/MutableAclProviderInterface.php
src/Symfony/Component/Security/Acl/Permission/MaskBuilder.php
src/Symfony/Component/Translation/Loader/XliffFileLoader.php
src/Symfony/Component/Yaml/Tests/InlineTest.php
* 2.3:
updated VERSION for 2.3.42
update CONTRIBUTORS for 2.3.42
updated CHANGELOG for 2.3.42
Revert "bug #18908 [DependencyInjection] force enabling the external XML entity loaders (xabbuh)"
Partial revert of previous PR
[DependencyInjection] Skip deep reference check for 'service_container'
Catch \Throwable
[Serializer] Add missing @throws annotations
Fix for #18843
force enabling the external XML entity loaders
Removed UTC specification with timestamp
* 3.1:
[travis] Don't use parallel on HHVM
[HttpKernel] Fix RequestDataCollector starting the session
[appveyor] Ignore STATUS_HEAP_CORRUPTION errors on Windows
[FrameworkBundle] Skip redis cache pools test on failed connection
Fixed forwarded request data in templates
[Security] Fix DebugAccessDecisionManager when object is not a scalar
Skip some tests on HHVM due to a PHPunit bug
Use the Trusty Travis infrastructure for HHVM builds
LdapUserProvider: add missing argument type doc
Fixed issue with missing argument in the abstract service definition for the ldap user provider
Add 3.1 to PR template branch row, remove 2.3
Improve memory efficiency
[Console] Fix BC break introduced by #18101
document method name changes in Voter class
add missing hint for vote() argument type
[#18838] add a test to avoid regressions
bumped Symfony version to 3.1.1
updated VERSION for 3.1.0
updated CHANGELOG for 3.1.0
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 3.0:
[travis] Don't use parallel on HHVM
[appveyor] Ignore STATUS_HEAP_CORRUPTION errors on Windows
Skip some tests on HHVM due to a PHPunit bug
Use the Trusty Travis infrastructure for HHVM builds
Add 3.1 to PR template branch row, remove 2.3
Improve memory efficiency
document method name changes in Voter class
Conflicts:
.travis.yml
* 2.8:
[travis] Don't use parallel on HHVM
[appveyor] Ignore STATUS_HEAP_CORRUPTION errors on Windows
Skip some tests on HHVM due to a PHPunit bug
Use the Trusty Travis infrastructure for HHVM builds
Add 3.1 to PR template branch row, remove 2.3
Improve memory efficiency
document method name changes in Voter class
Conflicts:
.travis.yml
UPGRADE-3.0.md
src/Symfony/Component/HttpKernel/Tests/DataCollector/DumpDataCollectorTest.php
* 2.7:
[travis] Don't use parallel on HHVM
[appveyor] Ignore STATUS_HEAP_CORRUPTION errors on Windows
Skip some tests on HHVM due to a PHPunit bug
Use the Trusty Travis infrastructure for HHVM builds
Add 3.1 to PR template branch row, remove 2.3
Improve memory efficiency
* 3.0:
Fix computation of PR diffs for component matrix lines
[console][table] adjust width of colspanned cell.
[BUG] Delete class 'control-group' in bootstrap 3
[2.8] [Form] Modified iterator_to_array's 2nd parameter to false in ViolationMapper
added missing constant in Response
Update HTTP statuses list
[Console][#18619] Prevent fatal error when calling Command#getHelper() without helperSet
added StaticVerionStrategyTest
Add SplFileInfo array doc on Finder iterator methods so that IDE will know what it returns
[2.3] [Form] Modified iterator_to_array's 2nd parameter to false in ViolationMapper
Updated the link to the list of currency codes
Fixed DateTimeInterface comparaison
[console][table] adjust width of colspanned cell.
This PR was merged into the 3.1-dev branch.
Discussion
----------
[HttpKernel] Add request method to logger messages
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
While debugging some functional tests I was looking at the test.log. It would have been quite useful to know if the request was a POST or GET. This adds the request method to the log details.
Commits
-------
d751d59 Add request method to logger messages
* 3.0: (24 commits)
add @Event annotation for AuthenticationEvents
bumped Symfony version to 3.0.6
updated VERSION for 3.0.5
updated CHANGELOG for 3.0.5
bumped Symfony version to 2.8.6
[PropertyInfo] PHPDoc correction
add @Event annotation for KernelEvents
Fixed typo
updated VERSION for 2.8.5
updated CHANGELOG for 2.8.5
bumped Symfony version to 2.7.13
updated VERSION for 2.7.12
update CONTRIBUTORS for 2.7.12
updated CHANGELOG for 2.7.12
bumped Symfony version to 2.3.41
updated VERSION for 2.3.40
update CONTRIBUTORS for 2.3.40
updated CHANGELOG for 2.3.40
Revert "minor #18257 [Routing] Don't needlessly execute strtr's as they are fairly expensive (arjenm)"
Revert "fixed CS"
...
* 2.8:
add @Event annotation for AuthenticationEvents
bumped Symfony version to 2.8.6
[PropertyInfo] PHPDoc correction
add @Event annotation for KernelEvents
updated VERSION for 2.8.5
updated CHANGELOG for 2.8.5
bumped Symfony version to 2.7.13
updated VERSION for 2.7.12
update CONTRIBUTORS for 2.7.12
updated CHANGELOG for 2.7.12
bumped Symfony version to 2.3.41
updated VERSION for 2.3.40
update CONTRIBUTORS for 2.3.40
updated CHANGELOG for 2.3.40
Revert "minor #18257 [Routing] Don't needlessly execute strtr's as they are fairly expensive (arjenm)"
Revert "fixed CS"
fixed deprecation notices in tests
[Security] Normalize "symfony/security-acl" dependency versions across all composer.json files
[FrameworkBundle] Remove misleading comment
bug #17460 [DI] fix ambiguous services schema
* 2.7:
add @Event annotation for AuthenticationEvents
add @Event annotation for KernelEvents
bumped Symfony version to 2.7.13
updated VERSION for 2.7.12
update CONTRIBUTORS for 2.7.12
updated CHANGELOG for 2.7.12
bumped Symfony version to 2.3.41
updated VERSION for 2.3.40
update CONTRIBUTORS for 2.3.40
updated CHANGELOG for 2.3.40
Revert "minor #18257 [Routing] Don't needlessly execute strtr's as they are fairly expensive (arjenm)"
Revert "fixed CS"
[FrameworkBundle] Remove misleading comment
bug #17460 [DI] fix ambiguous services schema
While debugging some functional tests I was looking at the test.log. It would have been quite useful to know if the request was a POST or GET. This adds to the log details.
This PR was merged into the 3.1-dev branch.
Discussion
----------
Fixed a redundant check in DefaultValueResolver
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
In #18308 I have introduced a `DefaultValueResolver`. When writing documentation, I was planning on adding the code as an example and I noticed it did a check in the request attributes. A default value value should always be injected, whether the request has it or not. In case the request _does_ have the value, it would've already been added and thus never reach the default resolver.
Thus as this is never called in the default and configured flows and should not change the default value behavior, I'm removing this.
Commits
-------
e54c1a6 Fixed a redundant check in DefaultValueResolver
* 3.0:
[DI] Fix internal caching in AutowirePass
[PropertyInfo] Remove useless return statement
[Console] use ANSI escape sequences in ProgressBar overwrite method
[HttpKernel] Fix wrong number of arguments in call of ExceptionListener::logException()
Replace iconv_*() uses by mb_*(), add mbstring polyfill when required
[DependencyInjection] Remove YAML check in CrossCheckTest
[Process] Consistently use getProcess() in tests
[LDAP] Free the search result after a search to free memory
[DependencyInjection] fix phpDoc
Conflicts:
src/Symfony/Component/Ldap/LdapClient.php
* 2.8:
[Console] use ANSI escape sequences in ProgressBar overwrite method
[HttpKernel] Fix wrong number of arguments in call of ExceptionListener::logException()
[DependencyInjection] Remove YAML check in CrossCheckTest
[Process] Consistently use getProcess() in tests
[LDAP] Free the search result after a search to free memory
[DependencyInjection] fix phpDoc
