This PR was squashed before being merged into the master branch (closes#7559).
Discussion
----------
[HttpFoundation] [HttpKernel] Internal sub-requests should have X-Forwarded-For header providing real client IP
This is a better alternative to fix issue highlighted in #7554 and #7557.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7554, #7557
| License | MIT
When dealing with inline fragment renderer, it emulates an internal request by overriding the REMOTE_ADDR on Request. This is true, since conceptually request came from local server.
The problem that this introduces is that overriding the server value, it turns into an impossible state to retrieve the real client ip, only returning the local server IP (which is hardcoded to 127.0.0.1).
This patch takes the same approach as a Varnish call (it behaves the exact same way, reusing all code built for handling client ip handling on sub-requests), populating the X-Forwarded-For header and also making getClientIp smarter by removing possible local IP addresses from being considered as the client IP address.
Commits
-------
773e109 [HttpFoundation] [HttpKernel] Internal sub-requests should have X-Forwarded-For header providing real client IP
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#7752).
Discussion
----------
Filesystem::touch() not working with different owners (utime/atime issue)
This PR was submitted on the symfony/Filesystem read-only repository and moved automatically to the main Symfony repository (closessymfony/Filesystem#3).
Case: I have 2 users, www-data and myself. I have a command script that makes a lock file in /var/lock/.../ something. This command is called from a post request by FOS and ran in the background. Whever one of the 2 methods (web/cli manually) is used, the other user won't have permissions to use the Filesystem::touch(). The reason this won't work is the second parameter.
What touch() does:
$touch param: The touch time. If time is not supplied, the current system time is used.
$atime param: If present, the access time of the given filename is set to the value of atime. Otherwise, it is set to the value passed to the time parameter. If neither are present, the current system time is used.
So the current code is basically copying this. However, if the second parameter is null it is still present and will cause the same problem. Note that all files and folders related are set to 0777 and have the owner of www-data. I'm accessing them under my own account here:
Interactive shell
php > var_dump(touch('/var/lock/tripolis/ontw/dev/2140191804.lock', null));
PHP Warning: touch(): Utime failed: Operation not permitted in php shell code on line 1
Warning: touch(): Utime failed: Operation not permitted in php shell code on line 1
bool(false)
php > var_dump(touch('/var/lock/tripolis/ontw/dev/2140191804.lock'));
bool(true)
If I were to pass it without second parameter, let it be time() or null (Filesystem uses time() by default if not present), it DOES work. However, Filesystem::touch() ALWAYS gives a parameter to touch. This parameter is exactly the same value as what the function itself would do in php. Let it be that in my case there is an issue with the atime. I'm not exactly sure how it works but it's not tracked or usable in my case. Because parameter 2 exists, parameter 3 is set. Parameter 3 is not allowed and therefore causes Filesystem::touch() to throw an exception.
Commits
-------
e3a0fe6 Filesystem::touch() not working with different owners (utime/atime issue)
This PR was merged into the master branch.
Discussion
----------
[Validator] added Japanese translation for IBAN & ISBN messages
| Q | A
| ------------- | ---
| Fixed tickets | N/A
| License | MIT
Commits
-------
3719cd5 [Validator] added Japanese translation for IBAN & ISBN messages
This PR was merged into the master branch.
Discussion
----------
[Validator] Added Polish translations for IBAN and ISBN messages.
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | ~
Commits
-------
811fc30 [Validator] Added Polish translations for IBAN and ISBN messages.
This PR was merged into the master branch.
Discussion
----------
[Validator] Added Slovak translations for IBAN and ISBN messages.
Commits
-------
2890a3f [Validator] Added Slovak translations of IBAN and ISBN
This PR was merged into the master branch.
Discussion
----------
[Validator] Russian translation of the IBAN & ISBN validator messages
Added the Russian translation for new validators.
Commits
-------
ca00f21 [Validator] Russian translation of the IBAN & ISBN validator messages
This PR was merged into the master branch.
Discussion
----------
Classes should be removed only when adaptive is specified
This fixes a regression introduced in refactoring done on July 3rd.
Commits
-------
92fbb0b Classes should be removed only when adaptive is specified
This PR was merged into the master branch.
Discussion
----------
[Validator] Added Spanish translations for IBAN and ISBN validators
Added Spanish translations for IBAN and ISBN validators
Commits
-------
6dfbb59 [Validator] Added Spanish translations of IBAN and ISBN
This PR was merged into the master branch.
Discussion
----------
[Validator] Dutch translation of IBAN and ISBN messages
Added Dutch translations for the IBAN and ISBN validators
Commits
-------
298d5fd [Validator] Dutch translation of IBAN and ISBN messages
This PR was merged into the master branch.
Discussion
----------
make it possible to ignore route attributes in the RedirectContoller
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
```
_welcome:
pattern: /{path}
defaults:
_controller: FrameworkBundle:Redirect:redirect
route: licenses_projects
ignoreAttributes: true
requirements:
path: .*
```
or
```
_welcome:
pattern: /{path}
defaults:
_controller: FrameworkBundle:Redirect:redirect
route: licenses_projects
ignoreAttributes: [path]
requirements:
path: .*
```
Ensures that ``path`` isnt added as a GET parameter in case the ``licenses_projects`` doesnt have a path in the pattern.
Commits
-------
190abc1 add unit tests for $ignoreAttributes
0c7b65f inject the Request via the action signature, rather than fetching it from the DIC
49062aa make it possible to ignore route attributes in the RedirectContoller
This PR was squashed before being merged into the master branch (closes#7634).
Discussion
----------
[2.3][HttpFoundation] PDO Session handling enhancements
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
`PdoSessionHandler` class assumes that the PDO object is set to throw exceptions, not errors. I added a line in the constructor to set that attribute, so configuration/query errors are able to be seen and caught a lot easier.
Commits
-------
ce8a441 [2.3][HttpFoundation] PDO Session handling enhancements
This PR was merged into the master branch.
Discussion
----------
[HttpKernel] allowed any callable to be returned by ControllerResolver::createController
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
8c44768 [HttpKernel] allowed any callable to be returned by ControllerResolver::createController
This PR was merged into the master branch.
Discussion
----------
[Validator] Hungarian translation of the IBAN and ISBN validator message...
I've added the Hungarian translations for the two newly merged validators.
Commits
-------
7d9fcd1 [Validator] Hungarian translation of the IBAN and ISBN validator messages
* 2.2:
[Config] #7644 add tests for passing number looking attributes as strings
[HttpFoundation][BrowserKit] fixed path when converting a cookie to a string
[BrowserKit] removed dead code
[HttpFoundation] fixed empty domain= in Cookie::__toString()
fixed detection of secure cookies received over https
[2.2] Pass ESI header to subrequests
[Translation] removed an uneeded class property
[Translation] removed unneeded getter/setter
[Translator] added additional conversion for encodings other than utf-8
fixed source messages to accept pluralized messages [Validator][translation][japanese] add messages for new validator
fix a DI circular reference recognition bug
[HttpFoundation] fixed the creation of sub-requests under some circumstances for IIS
Conflicts:
src/Symfony/Component/HttpFoundation/Tests/CookieTest.php
* 2.1:
[HttpFoundation][BrowserKit] fixed path when converting a cookie to a string
[BrowserKit] removed dead code
[HttpFoundation] fixed empty domain= in Cookie::__toString()
fixed detection of secure cookies received over https
[Translation] removed an uneeded class property
[Translation] removed unneeded getter/setter
[Translator] added additional conversion for encodings other than utf-8
fix a DI circular reference recognition bug
[HttpFoundation] fixed the creation of sub-requests under some circumstances for IIS
This PR was squashed before being merged into the 2.2 branch (closes#7655).
Discussion
----------
[Config] #7644 add tests for passing number looking attributes as strings
| Q | A |
| ----------------- |:-------------:|
| Bug fix? | yes |
| New feature | no |
| BC breaks? | no |
| Deprecations?| no |
| Tests pass? | yes |
| Fixed tickets | #7644 |
| License | MIT |
Commits
-------
d98118a [Config] #7644 add tests for passing number looking attributes as strings
This PR was merged into the 2.1 branch.
Discussion
----------
[BrowserKit] fixed detection of secure cookies received over https
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7666, #7738
| License | MIT
| Doc PR | N/A
As reported in symfony/symfony#7666, BrowserKit's cookie handling only recognises a secure cookie if the cookie option is set and the cookie was set over an https request. The client was not passing the url into the cookiejar update code, causing Cookie::isSecure() to always return false for every cookie.
I have corrected this behaviour and added an additional unit test to prove the bug and fix.
Commits
-------
36d057b [HttpFoundation][BrowserKit] fixed path when converting a cookie to a string
c884151 [BrowserKit] removed dead code
495d0e3 [HttpFoundation] fixed empty domain= in Cookie::__toString()
c2bc707 fixed detection of secure cookies received over https
BrowserKit's cookie handling only recognises a secure cookie if the
cookie option is set and the cookie was set over an https request.
The client was not passing the url into the cookiejar update code,
causing Cookie::isSecure() to always return false for every cookie.
Fixessymfony/symfony#7666
This PR was merged into the master branch.
Discussion
----------
[Process] Add ProcessBuilder::setPrefix method
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
This introduce a new feature for the `ProcessBuilder` that allows to prefix all generated `Process` commands with a custom value.
This is mostly useful when dealing with binary drivers.
Use case :
```php
use Symfony\Component\Process\ExecutableFinder;
use Symfony\Component\Process\ProcessBuilder;
class PhpDriver
{
private $pb;
public function __construct(ProcessBuilder $pb)
{
$this->pb = $pb;
}
public function getInfos()
{
return $this->execute('-i');
}
public function getVersion()
{
return $this->execute('-v');
}
private function execute(array $arguments)
{
return $this
->pb
->setArguments($arguments)
->createProcess()
->run()
->getOutput();
}
}
$finder = new ExecutableFinder();
$pb = new ProcessBuilder();
$pb->setPrefix($finder->find('php'));
$driver = new PhpDriver($pb);
$driver->getVersion();
$driver->getInfos();
```
Commits
-------
cab53ee Add ProcessBuilder::setPrefix method
This PR was merged into the master branch.
Discussion
----------
[HttpFoundation][FrameworkBundle] Add CIDR notation support in trusted proxy list
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7312, #7262
| License | MIT
| Doc PR | symfony/symfony-docs#2287
Should be rebased once #7734 is merged.
Commits
-------
7b32794 [HttpFoundation] updated CHANGELOG
e7c1696 [HttpFoundation] refactored code to avoid code duplication
1695067 [HttpFoundation] added some unit tests for ranges of trusted IP addresses
811434f Allow setting trusted_proxies using CIDR notation
ddc9e38 Modify Request::getClientIp() to use IpUtils::checkIp()