* 2.7:
[HttpFoundation] Fix FileBag issue with associative arrays
fix the phpdoc that is not really inherited from response
Minor docblock cleanup
Remove redundant sprintf arguments.
* 2.7:
[Security] Fixed auth provider authenticate() cannot return void
declare argument type
streamed response should return $this
content can be a resource
This PR was merged into the 2.7 branch.
Discussion
----------
declare type AcceptHeaderItem for array_map
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
In `array_filter` , argument type is declared.
https://github.com/symfony/symfony/blob/2.7/src/Symfony/Component/HttpFoundation/AcceptHeader.php#L133
So It's natural to do so in `array_map` too.
Commits
-------
ab8f5be40c declare argument type
This PR was merged into the 2.7 branch.
Discussion
----------
content can be a resource
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes (bug in a comment)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commits
-------
c63742daef content can be a resource
* 2.7:
Username and password in basic auth are allowed to contain '.'
Remove obsolete PHPDoc from UriSigner
[Serializer] ObjectNormalizer: throw if PropertyAccess isn't installed
pdo session fix
Fixed unsetting from loosely equal keys OrderedHashMap
[Debug] Fix same vendor detection in class loader
Updated the source text and translation
reject remember-me token if user check fails
* 2.7:
[Validator] added magic method __isset() to File Constraint class
[DI] Fix possible incorrect php-code when dumped strings contains newlines
[Translation] minor: remove unused variable in test
never match invalid IP addresses
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] never match invalid IP addresses
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #24424
| License | MIT
| Doc PR |
Commits
-------
8ad32f0ef5 never match invalid IP addresses
* 2.7:
Fix 7.2 compat layer
Fix PHP 7.2 support
[HttpFoundation] Add missing session.lazy_write config option
[HttpFoundation] Combine Cache-Control headers
[Form] fix parsing invalid floating point numbers
Escape command usage when displaying it in the text descriptor
Use for=ID on radio/checkbox label.
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Combine Cache-Control headers
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
If multiple `Cache-Control` headers are added to a `ResponseHeaderBag`, only the first is returned by `$bag->get('Cache-Control')`.
Commits
-------
1f76a70b6f [HttpFoundation] Combine Cache-Control headers
This PR was merged into the 2.7 branch.
Discussion
----------
Fix support for PHP 7.2
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets | #23671
| License | MIT
| Doc PR | -
There are still the deprecation problem with phpunit since it use `each()`.
There are 3 tests linked to session that I don't know how to fix / what to do, do you have any idea @nicolas-grekas ?
Commits
-------
fdf285b5c9 Fix 7.2 compat layer
e229dd0302 Fix PHP 7.2 support
* 2.7:
bumped Symfony version to 2.7.36
updated VERSION for 2.7.35
update CONTRIBUTORS for 2.7.35
updated CHANGELOG for 2.7.35
[Session] fix MongoDb session handler to gc all expired sessions
* 2.7: (22 commits)
Tests and fix for issue in array model data in EntityType field with multiple=true
[Form] Fixed PercentToLocalizedStringTransformer to accept both comma and dot as decimal separator, if possible
removed useless PHPDoc
[Form] Fix FormInterface::submit() annotation
PdoSessionHandler: fix advisory lock for pgsql when session.sid_bits_per_character > 4
HttpCache does not consider ESI resources in HEAD requests
Fix translation for "This field was not expected"
[Routing] Enhance Route(Collection) docblocks
Added improvement for accuracy in MoneyToLocalizedStringTransformer.
Removed unused private property
Use correct verb form in the pull request template
Use PHP_MAXPATHLEN in Filesystem.
Added null as explicit return type (?TokenInterface)
[FrameworkBundle] Fix Routing\DelegatingLoader
Render all line breaks according to the exception message
[Form] Fix phpdoc
[DI] remove confusing code
[Form] Fixed GroupSequence with "constraints" option
[Validator] Clarify UUID validator behavior
[Filesystem] Fixed makePathRelative
...
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Fix file upload multiple with no files
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
```php
<form method="post" enctype="multipart/form-data">
<input type="file" multiple name="img[]">
<input type="submit">
</form>
<?php
$loader = require __DIR__ . '/../app/autoload.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
$request = \Symfony\Component\HttpFoundation\Request::createFromGlobals();
var_export($request->files->all()['img']);
}
```
Expected result when I send the form without any files:
```
array ()
```
Actual result:
```
array ( 0 => NULL, )
```
This causes a problem later when using FileType with multiple option - if no files are sent the form data are `[0 => '']` instead of `[]`.
Of course I need to add a test for this.
Commits
-------
d4f6039dcd [HttpFoundation] Fix file upload multiple with no files
* 2.7:
[travis] update to trusty
Fix ArrayInput::toString() for VALUE_IS_ARRAY options/args
[ExpressionLanguage] throws an exception on calling uncallable method
This PR was merged into the 2.7 branch.
Discussion
----------
Ignore memcached missing key error on session destroy
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #18574
| License | MIT
| Doc PR | NA
Since PHP 7 session_regenerate_id triggers a warning when the session is not started.
This PR, changes the behaviours of session_destroy in the `MemcachedSessionHandler` by returning true when the user try to delete a non-existing session.
Other handler:
- LegacyPdoSessionHandler => don't check if key exists
- MongoDbSessionHandler => don't check if key exists
- NullSessionHandler => always true
- PdoSessionHandler => don't check if key exists
Commits
-------
29538b621c Ignore memcached missing key error on dession destroy
* 2.7:
[Security] Fix wrong term in UserProviderInterface
[HttpFoundation] Set meta refresh time to 0 in RedirectResponse content
[Security] validate empty passwords again
[DI] Remove irrelevant comment from container
[TwigBridge] cleaner implementation of the TwigRenderer
* 2.7:
[DI] Handle root namespace in service definitions
Use rawurlencode() to transform the Cookie into a string
[Security] Fix authentication.failure event not dispatched on AccountStatusException
* 2.7:
[Routing] Fix XmlFileLoader exception message
Sessions: configurable "use_strict_mode" option for NativeSessionStorage
[FrameworkBundle] [Command] Clean bundle directory, fixes#23177
Reset redirectCount when throwing exception
[TwigBundle] Remove template.xml services when templating is disabled
add content-type header on exception response
Embedding a response that combines expiration and validation, that should not defeat expiration on the combined response
Fix two edge cases in ResponseCacheStrategy
[Routing] Expose request in route conditions, if needed and possible
[Routing] Expose request in route conditions, if needed and possible
[Translation][FrameworkBundle] Fix resource loading order inconsistency reported in #23034
[Filesystem] added workaround in Filesystem::rename for PHP bug
Add tests for ResponseCacheStrategy to document some more edge cases
[HttpFoundation] added missing docs
fixes#21606
[VarDumper] fixes
[Security] fix switch user _exit without having current token
* 2.7:
bumped Symfony version to 2.7.30
Cache ipCheck
updated VERSION for 2.7.29
update CONTRIBUTORS for 2.7.29
updated CHANGELOG for 2.7.29
show unique inherited roles
* 2.7:
Using FQ name for PHP_VERSION_ID
[Form] Fix \IntlDateFormatter timezone parameter usage to bypass PHP bug #66323
Harden the debugging of Twig filters and functions
bumped Symfony version to 2.7.29
updated VERSION for 2.7.28
update CONTRIBUTORS for 2.7.28
updated CHANGELOG for 2.7.28
* 2.7:
Fix minor phpdoc mismatches with the code(detected by phan)
[Asset] Starting slash should indicate no basePath wanted
[Security] Fix phpdoc logout listener
Fix minor typo in the main README.md
* 2.7:
Make .travis.yml more readable
Fold Travis CI output by component
Add trhows PHPDoc in Application::run
[Debug] Set exit status to 255 on error
[HttpFoundation] Store IANA's RNG files in the repository
[HttpFoundation] Fix getClientIp @return docblock
Add @throws phpdoc
unify PHPUnit config files
* 2.7:
[Yaml] release memory after parsing
[HttpFoundation] Fix and test status codes according to IANA's data
Add `use_strict_mode` in validOptions for session
[Console] Inherit phpdoc from OutputFormatterInterface
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Add `use_strict_mode` in validOptions for session
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #9258
| License | MIT
| Doc PR |
PHP ini `session.use_strict_mode` was added in PHP 5.5.2 so I didn't target 2.8 as this still uses PHP 5.3. https://secure.php.net/manual/en/session.configuration.php#ini.session.use-strict-mode
Commits
-------
130ee327d4 Add `use_strict_mode` in validOptions for session
This PR was merged into the 2.7 branch.
Discussion
----------
fix some more risky tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Continuation of #22066 fixing the tests for the following components:
* Config
* Form
* HttpFoundation
* Security
Commits
-------
fffcd247b2 fix some risky tests
* 2.7:
[Bridge\Doctrine] Fix change breaking doctrine-bundle test suite
[HttpFoundation][bugfix] should always be initialized
MockArraySessionStorage: updated phpdoc for $bags so that IDE autocompletion would work
normalize paths before making them relative
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation][DX] MockArraySessionStorage: phpdocs update
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
967f7a7add MockArraySessionStorage: updated phpdoc for $bags so that IDE autocompletion would work
This PR was squashed before being merged into the 2.8 branch (closes#22036).
Discussion
----------
Set Date header in Response constructor already
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Setting the `Date` header in the `Response` constructor has been removed in #14912 and changed to a more lazy approach in `getDate()`.
That way, methods like `getAge()`, `getTtl()` or `isFresh()` cause side effects as they eventually call `getDate()` and the Request "starts to age" once you call them.
I don't know if this would be a nice test, but current behaviour is
```php
$response = new Response();
$response->setSharedMaxAge(10);
sleep(20);
$this->assertTrue($response->isFresh());
sleep(5);
$this->assertTrue($response->isFresh());
sleep(5);
$this->assertFalse($response->isFresh());
```
A particular weird case is the `isCacheable()` method, because it calls `isFresh()` only under certain conditions, like particular status codes, no `ETag` present etc. This symptom is also described under "Cause of the problem" in #19390, however the problem is worked around there in other ways.
So, this PR suggests to effectively revert #14912.
Additionally, I'd like to suggest to move this special handling of the `Date` header into the `ResponseHeaderBag`. If the `ResponseHeaderBag` guards that we always have the `Date`, we would not need special logic in `sendHeaders()` and could also take care of https://github.com/symfony/symfony/pull/14912#issuecomment-110105215.
Commits
-------
3a7fa7ede2 Set Date header in Response constructor already
This PR was squashed before being merged into the 2.7 branch (closes#21968).
Discussion
----------
Fixed pathinfo calculation for requests starting with a question mark.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21967
| License | MIT
| Doc PR |
With improper `strpos` result check calculated pathinfo for requests starting with '?' equals to request itself.
Correct pathinfo for those requests should be '/'.
Commits
-------
43297b45de Fixed pathinfo calculation for requests starting with a question mark.
* 2.7:
[Validator] Add object handling of invalid constraints in Composite
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The first "host" in the list provided by `X_FORWARDED_HOST` should be the one, not the last.
Already the case for "port" and "scheme".
Commits
-------
9a2b2de64f [HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
* 2.7:
[Security] fix Composer constraint
Provide less state in getRequestFormat
fix test class location
Static code analysis with Php Inspections (EA Extended): dead code dropped, couple bugs fixed
* 2.7:
[TwigBundle] fixed usage when Templating is not installed
[Validator] Check cascasdedGroups for being countable
[Filesystem] Check that the directory is writable after created it in dumpFile()
[HttpFoundation] Improved set cookie header tests
[Console] increased code coverage of Output classes
This PR was squashed before being merged into the 2.7 branch (closes#20972).
Discussion
----------
[HttpFoundation] Improved set cookie header tests
| Q | A
| ------------- | ---
| Branch? | 2.7 (already in master)
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Separated from #20569
Commits
-------
05bce71d7a [HttpFoundation] Improved set cookie header tests
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Validate/cast cookie expire time
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Commits
-------
8215dbdb31 [HttpFoundation] Validate/cast cookie expire time
* 2.7:
fixed @return when returning this or static
override property constraints in child class
[Console] improved code coverage of Command class
Only count on arrays or countables to avoid warnings in PHP 7.2
* 2.7:
[Routing] Fail properly when a route parameter name cannot be used as a PCRE subpattern name
[FrameworkBundle] Improve performance of ControllerNameParser
Update documentation link to the component
[HttpFoundation] Add links to RFC-7231
[DI] Initialize properties before method calls
Tag missing internals
[WebProfilerBundle] Dont use request attributes in RouterController
Fix complete config tests
* 2.7:
[DI] minor FileLoaders tests update
[HttpKernel] Revert BC breaking change of Request::isMethodSafe()
[DOMCrawler] Bug fixed
[Process] Do feat test before enabling TTY mode
bumped Symfony version to 2.7.22
updated VERSION for 2.7.21
update CONTRIBUTORS for 2.7.21
updated CHANGELOG for 2.7.21
[Doctrine][Form] support large integers
This PR was squashed before being merged into the 2.7 branch (closes#20275).
Discussion
----------
[HttpFoundation] Avoid implicit null to array conversion in request matcher
| Q | A |
| --- | --- |
| Branch? | 2.7 |
| Bug fix? | yes |
| New feature? | no |
| BC breaks? | no |
| Deprecations? | no |
| Tests pass? | yes |
| Fixed tickets | comma-separated list of tickets fixed by the PR, if any |
| License | MIT |
| Doc PR | reference to the documentation PR, if any |
`null` is allowed _and_ passed as default value from the constructor. Lets be explicit.
Commits
-------
a2c0a78 [HttpFoundation] Avoid implicit null to array conversion in request matcher
* 2.7:
[Translation][fallback] add missing resources in parent catalogues.
removed a deprecation notice
[Form] Fix show float values as choices values in ChoiceType
[HttpFoundation][Session] memcached connection should not be closed
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation][Session] Fix memcache session handler
| Q | A
| ------------- | ---
| Branch? | 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 3.0, 3.1, master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commit 0216e05605 removed the opening of connection to memcached server on call to `open()`, because it's assumed that connection is already opened. However, `close()` still closes the connection. As a result no more read/write calls can be made if session got closed, as the connection does not get reestablished.
Basically MemcacheSessionHandler should follow same logic as Memcache**d**SessionHandler, which is exactly what this MR acomplishes.
Commits
-------
0423d894 [HttpFoundation][Session] memcached connection should not be closed
* 2.7:
Fix edge case with StreamedResponse where headers are sent twice
removed usage of Twig_Compiler::addIndentation
merge tags instead of completely replacing them
* 2.7:
[TwigBridge] removed deprecations added in Twig 1.27
PHP CS Fixer: use php_unit_dedicate_assert
fixed Filesystem:makePathRelative and added 2 more testcases
no 304 response if method is not cacheable
move tags from decorated to decorating service
* 2.7:
[HttpFoundation] JSONP callback validation
[Console] Improved the explanation of the hasOption() method
add missing use statement
bug #18042 [Security] $attributes can be anything, but RoleVoter assumes strings
* 2.7:
Revert "minor #20011 Use UUID for error codes for Form validator. (Koc)"
Use UUID for error codes for Form validator.
Fixed regression when exception message swallowed when logging it.
[HttpFoundation] Enable memcached tests with the latest memcached extension
