* 3.2:
[Console] Do not duplicate Helper::strlen() code
[FrameworkBundle] Adding the extension XML
[Form] Minor: Fix comment in ChoiceType
[FrameworkBundle] AbstractConfigCommand: do not try registering bundles twice
fixed CS
fixed CS
[DI] Fix PhpDumper blank lines around namespace
fixed CS
[Workflow] fix use directives
[Workflow] Move twig extension registration to twig bundle
Filesystem: annotate the one network test with a "network" group.
[DependencyInjection] Don't store default deprecation template in every service definition instance
* 2.8:
fixed CS
[DI] Fix PhpDumper blank lines around namespace
fixed CS
Filesystem: annotate the one network test with a "network" group.
[DependencyInjection] Don't store default deprecation template in every service definition instance
* 3.2:
Make .travis.yml more readable
Fold Travis CI output by component
[VarDumper] Minor tweaks to html/css dumps
Add trhows PHPDoc in Application::run
[Debug] Set exit status to 255 on error
[HttpFoundation] Store IANA's RNG files in the repository
[PropertyInfo] Remove a useless call to count() in SerializerExtractor
[PropertyInfo] Prevent returning int values in some cases.
[HttpFoundation] Fix getClientIp @return docblock
Add @throws phpdoc
unify PHPUnit config files
* 2.8:
Make .travis.yml more readable
Fold Travis CI output by component
Add trhows PHPDoc in Application::run
[Debug] Set exit status to 255 on error
[HttpFoundation] Store IANA's RNG files in the repository
[PropertyInfo] Remove a useless call to count() in SerializerExtractor
[PropertyInfo] Prevent returning int values in some cases.
[HttpFoundation] Fix getClientIp @return docblock
Add @throws phpdoc
unify PHPUnit config files
* 2.7:
Make .travis.yml more readable
Fold Travis CI output by component
Add trhows PHPDoc in Application::run
[Debug] Set exit status to 255 on error
[HttpFoundation] Store IANA's RNG files in the repository
[HttpFoundation] Fix getClientIp @return docblock
Add @throws phpdoc
unify PHPUnit config files
* 3.2:
Allow terminal dimensions to be set to 0 (unbounded)
[Cache] Remove exception false-positive from FilesystemAdapterTrait
fix risky tests
fix risky tests
[Yaml] release memory after parsing
[HttpFoundation] Fix and test status codes according to IANA's data
Add `use_strict_mode` in validOptions for session
[Console] Inherit phpdoc from OutputFormatterInterface
* 2.8:
fix risky tests
[Yaml] release memory after parsing
[HttpFoundation] Fix and test status codes according to IANA's data
Add `use_strict_mode` in validOptions for session
[Console] Inherit phpdoc from OutputFormatterInterface
* 2.7:
[Yaml] release memory after parsing
[HttpFoundation] Fix and test status codes according to IANA's data
Add `use_strict_mode` in validOptions for session
[Console] Inherit phpdoc from OutputFormatterInterface
* 3.2:
[FrameworkBundle] Update console fixtures after #22217
Allow Upper Case property names
fix some risky tests
bumped Symfony version to 2.7.27
updated VERSION for 2.7.26
update CONTRIBUTORS for 2.7.26
updated CHANGELOG for 2.7.26
* 2.8:
Allow Upper Case property names
fix some risky tests
bumped Symfony version to 2.7.27
updated VERSION for 2.7.26
update CONTRIBUTORS for 2.7.26
updated CHANGELOG for 2.7.26
This PR was merged into the 2.7 branch.
Discussion
----------
fix some more risky tests
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Continuation of #22066 fixing the tests for the following components:
* Config
* Form
* HttpFoundation
* Security
Commits
-------
fffcd247b2 fix some risky tests
* 3.2:
[Bridge\Doctrine] Fix change breaking doctrine-bundle test suite
[WebProfilerBundle] Include badge status in translation tabs
[FrameworkBundle] Cache pool clear command requires at least 1 pool
[HttpFoundation][bugfix] should always be initialized
MockArraySessionStorage: updated phpdoc for $bags so that IDE autocompletion would work
normalize paths before making them relative
removed test that does not test anything
fixed tests
#21809 [SecurityBundle] bugfix: if security provider's name contains upper cases then container didn't compile
[WebProfilerBundle] Fix for CSS attribute at Profiler Translation Page
Set Date header in Response constructor already
[Validator] fix URL validator to detect non supported chars according to RFC 3986
[Security] Fixed roles serialization on token from user object
* 2.8:
[Bridge\Doctrine] Fix change breaking doctrine-bundle test suite
[HttpFoundation][bugfix] should always be initialized
MockArraySessionStorage: updated phpdoc for $bags so that IDE autocompletion would work
normalize paths before making them relative
* 2.7:
[Bridge\Doctrine] Fix change breaking doctrine-bundle test suite
[HttpFoundation][bugfix] should always be initialized
MockArraySessionStorage: updated phpdoc for $bags so that IDE autocompletion would work
normalize paths before making them relative
* 2.8:
removed test that does not test anything
fixed tests
#21809 [SecurityBundle] bugfix: if security provider's name contains upper cases then container didn't compile
[WebProfilerBundle] Fix for CSS attribute at Profiler Translation Page
Set Date header in Response constructor already
[Validator] fix URL validator to detect non supported chars according to RFC 3986
[Security] Fixed roles serialization on token from user object
* 3.2:
Fixed pathinfo calculation for requests starting with a question mark.
[HttpFoundation] Fix missing handling of for/host/proto info from "Forwarded" header
[Validator] Add object handling of invalid constraints in Composite
[WebProfilerBundle] Remove uneeded directive in the form collector styles
removed usage of $that
HttpCache: New test for revalidating responses with an expired TTL
[Serializer] [XML] Ignore Process Instruction
[Security] simplify the SwitchUserListenerTest
Revert "bug #21841 [Console] Do not squash input changes made from console.command event (chalasr)"
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was squashed before being merged into the 2.8 branch (closes#22036).
Discussion
----------
Set Date header in Response constructor already
| Q | A
| ------------- | ---
| Branch? | 2.8
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Setting the `Date` header in the `Response` constructor has been removed in #14912 and changed to a more lazy approach in `getDate()`.
That way, methods like `getAge()`, `getTtl()` or `isFresh()` cause side effects as they eventually call `getDate()` and the Request "starts to age" once you call them.
I don't know if this would be a nice test, but current behaviour is
```php
$response = new Response();
$response->setSharedMaxAge(10);
sleep(20);
$this->assertTrue($response->isFresh());
sleep(5);
$this->assertTrue($response->isFresh());
sleep(5);
$this->assertFalse($response->isFresh());
```
A particular weird case is the `isCacheable()` method, because it calls `isFresh()` only under certain conditions, like particular status codes, no `ETag` present etc. This symptom is also described under "Cause of the problem" in #19390, however the problem is worked around there in other ways.
So, this PR suggests to effectively revert #14912.
Additionally, I'd like to suggest to move this special handling of the `Date` header into the `ResponseHeaderBag`. If the `ResponseHeaderBag` guards that we always have the `Date`, we would not need special logic in `sendHeaders()` and could also take care of https://github.com/symfony/symfony/pull/14912#issuecomment-110105215.
Commits
-------
3a7fa7ede2 Set Date header in Response constructor already
* 2.8:
[HttpFoundation] Fix missing handling of for/host/proto info from "Forwarded" header
[Validator] Add object handling of invalid constraints in Composite
[WebProfilerBundle] Remove uneeded directive in the form collector styles
Revert "bug #21841 [Console] Do not squash input changes made from console.command event (chalasr)"
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was squashed before being merged into the 2.7 branch (closes#21968).
Discussion
----------
Fixed pathinfo calculation for requests starting with a question mark.
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #21967
| License | MIT
| Doc PR |
With improper `strpos` result check calculated pathinfo for requests starting with '?' equals to request itself.
Correct pathinfo for those requests should be '/'.
Commits
-------
43297b45de Fixed pathinfo calculation for requests starting with a question mark.
* 2.7:
[Validator] Add object handling of invalid constraints in Composite
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
The first "host" in the list provided by `X_FORWARDED_HOST` should be the one, not the last.
Already the case for "port" and "scheme".
Commits
-------
9a2b2de64f [HttpFoundation] Fix Request::getHost() when having several hosts in X_FORWARDED_HOST
* 3.2:
[Security] fix Composer constraint
Provide less state in getRequestFormat
fix test class location
Static code analysis with Php Inspections (EA Extended): dead code dropped, couple bugs fixed
Adding use statement for InvalidArgumentException
* 2.8:
[Security] fix Composer constraint
Provide less state in getRequestFormat
fix test class location
Static code analysis with Php Inspections (EA Extended): dead code dropped, couple bugs fixed
* 2.7:
[Security] fix Composer constraint
Provide less state in getRequestFormat
fix test class location
Static code analysis with Php Inspections (EA Extended): dead code dropped, couple bugs fixed
* 3.2:
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
Further refactorings to PHPUnit namespaces
resolve parameters in definition classes
* 2.8:
Refactored other PHPUnit method calls to work with namespaced PHPUnit 6
Further refactorings to PHPUnit namespaces
resolve parameters in definition classes
* 3.2:
Fix typo in process error message
Update to PHPUnit namespaces
Minor typo fix messsagesData -> messagesData
remove translation data collector when not usable
This PR was merged into the 3.3-dev branch.
Discussion
----------
[HttpFoundation] Add File\Stream for size-unknown BinaryFileResponse
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #19738
| License | MIT
| Doc PR | https://github.com/symfony/symfony-docs/pull/7343
Replaces #19740. Native "getSize" is reported to return false on error, so using false as return type doesn't break the signature.
Commits
-------
8011209a18 [HttpFoundation] Add File\Stream for size-unknown BinaryFileResponse
* 3.2:
[TwigBundle] fixed usage when Templating is not installed
[Validator] Check cascasdedGroups for being countable
[Cache] Add changelog for 3.2
[Cache] Add changelog
[Filesystem] Check that the directory is writable after created it in dumpFile()
[HttpFoundation] Improved set cookie header tests
[Serializer] int is valid when float is expected when deserializing JSON
[Console] increased code coverage of Output classes
Added missing headers in fixture files
[Profiler][VarDumper] Fix minor color issue & duplicated selector
* 3.1:
[TwigBundle] fixed usage when Templating is not installed
[Validator] Check cascasdedGroups for being countable
[Cache] Add changelog
[Filesystem] Check that the directory is writable after created it in dumpFile()
[HttpFoundation] Improved set cookie header tests
[Serializer] int is valid when float is expected when deserializing JSON
[Console] increased code coverage of Output classes
Added missing headers in fixture files
[Profiler][VarDumper] Fix minor color issue & duplicated selector
* 2.8:
[TwigBundle] fixed usage when Templating is not installed
[Validator] Check cascasdedGroups for being countable
[Filesystem] Check that the directory is writable after created it in dumpFile()
[HttpFoundation] Improved set cookie header tests
[Console] increased code coverage of Output classes
[Profiler][VarDumper] Fix minor color issue & duplicated selector
* 2.7:
[TwigBundle] fixed usage when Templating is not installed
[Validator] Check cascasdedGroups for being countable
[Filesystem] Check that the directory is writable after created it in dumpFile()
[HttpFoundation] Improved set cookie header tests
[Console] increased code coverage of Output classes
This PR was squashed before being merged into the 2.7 branch (closes#20972).
Discussion
----------
[HttpFoundation] Improved set cookie header tests
| Q | A
| ------------- | ---
| Branch? | 2.7 (already in master)
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License | MIT
| Doc PR | symfony/symfony-docs#... <!--highly recommended for new features-->
Separated from #20569
Commits
-------
05bce71d7a [HttpFoundation] Improved set cookie header tests
* 3.1:
fixed obsolete getMock() usage
fixed obsolete getMock() usage
fixed obsolete getMock() usage
[WebProfilerBundle] Display multiple HTTP headers in WDT
do not remove the Twig ExceptionController service
removed obsolete condition
do not try to register incomplete definitions
* 2.8:
fixed obsolete getMock() usage
fixed obsolete getMock() usage
[WebProfilerBundle] Display multiple HTTP headers in WDT
do not remove the Twig ExceptionController service
removed obsolete condition
do not try to register incomplete definitions
* 3.2:
[Security] Fix test
[Validator] phpize default option values
test for the Validator component to be present
[Serializer] Fix MaxDepth annotation exceptions
[DependencyInjection] Fix on-invalid attribute type in xsd
[FrameworkBundle] Fix PHP form templates on translatable attributes
[VarDumper] Fix dumping by-ref variadics
[Validator] add Indonesian translation
fixed CS
[config] Fix issue when key removed and left value only
[HttpFoundation] Fix cookie to string conversion for raw cookies
Fix misresolved parameters in debug:config on 3.2
[Console] fixed BC issue with static closures
[TwigBundle] Config is now a hard dependency
[FrameworkBundle] framework.annotations default should be true only if doctrine/annotations is installed
[Security] AbstractVoter method supportsAttribute gives false positive if attribute is zero (0)
* 3.1:
[Security] Fix test
[Validator] phpize default option values
test for the Validator component to be present
[Serializer] Fix MaxDepth annotation exceptions
[DependencyInjection] Fix on-invalid attribute type in xsd
[FrameworkBundle] Fix PHP form templates on translatable attributes
[VarDumper] Fix dumping by-ref variadics
[Validator] add Indonesian translation
fixed CS
[config] Fix issue when key removed and left value only
[HttpFoundation] Fix cookie to string conversion for raw cookies
[Console] fixed BC issue with static closures
[Security] AbstractVoter method supportsAttribute gives false positive if attribute is zero (0)
This PR was merged into the 3.3-dev branch.
Discussion
----------
Request exceptions
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | yes
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #20389, #20615, #20662
| License | MIT
| Doc PR | n/a
Replaces #20389 and #20662. The idea is to generically manage 400 responses when an exception implements `RequestExceptionInterface`.
The "weird" caches on the request for the host and the clients IPs allows to correctly manage exceptions in an exception listener/controller (as we are duplicating the request there, but we don't want to throw an exception there).
Commits
-------
32ec288 [HttpFoundation] refactored Request exceptions
d876809 Return a 400 response for suspicious operations
This PR was merged into the 3.2 branch.
Discussion
----------
[HttpKernel] Deprecate checking for cacheable HTTP methods in Request::isMethodSafe()
| Q | A
| ------------- | ---
| Branch? | 3.2
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | yes
| Tests pass? | no
| Fixed tickets | -
| License | MIT
| Doc PR | -
Late deprecation for 3.2, see #20602.
Commits
-------
34e7b95 [HttpKernel] Deprecate checking for cacheable HTTP methods in Request::isMethodSafe()
* 3.1:
[Filesystem] Remove extra argv in dumpFile() tests
[DI] minor FileLoaders tests update
[HttpKernel] Revert BC breaking change of Request::isMethodSafe()
[DOMCrawler] Bug fixed
[FrameworkBundle] Mark cache.default_*_provider services private
[Process] Do feat test before enabling TTY mode
bumped Symfony version to 3.1.8
updated VERSION for 3.1.7
updated CHANGELOG for 3.1.7
bumped Symfony version to 2.8.15
updated VERSION for 2.8.14
updated CHANGELOG for 2.8.14
bumped Symfony version to 2.7.22
updated VERSION for 2.7.21
update CONTRIBUTORS for 2.7.21
updated CHANGELOG for 2.7.21
Fix annotation type for $context
[Doctrine][Form] support large integers
* 2.8:
[DI] minor FileLoaders tests update
[HttpKernel] Revert BC breaking change of Request::isMethodSafe()
[DOMCrawler] Bug fixed
[Process] Do feat test before enabling TTY mode
bumped Symfony version to 2.8.15
updated VERSION for 2.8.14
updated CHANGELOG for 2.8.14
bumped Symfony version to 2.7.22
updated VERSION for 2.7.21
update CONTRIBUTORS for 2.7.21
updated CHANGELOG for 2.7.21
Fix annotation type for $context
[Doctrine][Form] support large integers
* 2.7:
[DI] minor FileLoaders tests update
[HttpKernel] Revert BC breaking change of Request::isMethodSafe()
[DOMCrawler] Bug fixed
[Process] Do feat test before enabling TTY mode
bumped Symfony version to 2.7.22
updated VERSION for 2.7.21
update CONTRIBUTORS for 2.7.21
updated CHANGELOG for 2.7.21
[Doctrine][Form] support large integers
* 3.1:
fixed CS
Properly format value in UniqueEntityValidator
[Translation][fallback] add missing resources in parent catalogues.
removed a deprecation notice
[Form] Fix show float values as choices values in ChoiceType
Remove double use Statement
Improved the design of the metrics in the profiler
[Yaml] set arguments depending on the PHP version
[Console] Fix infinite loop on missing input
[HttpFoundation][Session] memcached connection should not be closed
* 2.8:
[Translation][fallback] add missing resources in parent catalogues.
removed a deprecation notice
[Form] Fix show float values as choices values in ChoiceType
Remove double use Statement
Improved the design of the metrics in the profiler
[Console] Fix infinite loop on missing input
[HttpFoundation][Session] memcached connection should not be closed
* 2.7:
[Translation][fallback] add missing resources in parent catalogues.
removed a deprecation notice
[Form] Fix show float values as choices values in ChoiceType
[HttpFoundation][Session] memcached connection should not be closed
This PR was merged into the 2.7 branch.
Discussion
----------
[HttpFoundation][Session] Fix memcache session handler
| Q | A
| ------------- | ---
| Branch? | 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 3.0, 3.1, master
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Commit 0216e05605 removed the opening of connection to memcached server on call to `open()`, because it's assumed that connection is already opened. However, `close()` still closes the connection. As a result no more read/write calls can be made if session got closed, as the connection does not get reestablished.
Basically MemcacheSessionHandler should follow same logic as Memcache**d**SessionHandler, which is exactly what this MR acomplishes.
Commits
-------
0423d894 [HttpFoundation][Session] memcached connection should not be closed
* 3.1:
Minor fixes & cleanups
[DependencyInjection] Add missing PHPDoc type
Correct a typo in the ReflectionExtractor's description
[HttpFoundation] JSONP callback validation
[Console] Improved the explanation of the hasOption() method
Uniformize exception vars according to our CS
add missing use statement
bug #18042 [Security] $attributes can be anything, but RoleVoter assumes strings
* 2.8:
[DependencyInjection] Add missing PHPDoc type
Correct a typo in the ReflectionExtractor's description
[HttpFoundation] JSONP callback validation
[Console] Improved the explanation of the hasOption() method
Uniformize exception vars according to our CS
add missing use statement
bug #18042 [Security] $attributes can be anything, but RoleVoter assumes strings
* 2.7:
[HttpFoundation] JSONP callback validation
[Console] Improved the explanation of the hasOption() method
add missing use statement
bug #18042 [Security] $attributes can be anything, but RoleVoter assumes strings
* 3.1:
[VarDumper] Fix test
Revert "minor #20011 Use UUID for error codes for Form validator. (Koc)"
Use UUID for error codes for Form validator.
Use UUID for error codes for Form validator.
Fixed regression when exception message swallowed when logging it.
[HttpFoundation] Enable memcached tests with the latest memcached extension
* 2.8:
[VarDumper] Fix test
Revert "minor #20011 Use UUID for error codes for Form validator. (Koc)"
Use UUID for error codes for Form validator.
Use UUID for error codes for Form validator.
Fixed regression when exception message swallowed when logging it.
[HttpFoundation] Enable memcached tests with the latest memcached extension
* 2.7:
Revert "minor #20011 Use UUID for error codes for Form validator. (Koc)"
Use UUID for error codes for Form validator.
Fixed regression when exception message swallowed when logging it.
[HttpFoundation] Enable memcached tests with the latest memcached extension
* 3.1:
[travis] Use 7.0 until 7.1 is fixed
[DIC] Fix service autowiring inheritance
[Serializer] Fix denormalization of arrays
[SecurityBundle] Add missing deprecation notice for form_login.intention
Verify explicitly that the request IP is a valid IPv4 address
[WebProfilerBundle] replaces tabs characters by spaces.
* 2.8:
[travis] Use 7.0 until 7.1 is fixed
[DIC] Fix service autowiring inheritance
[SecurityBundle] Add missing deprecation notice for form_login.intention
Verify explicitly that the request IP is a valid IPv4 address
* 3.1:
[Routing] Add missing options in docblock
[VarDumper] Fix dumping continuations
[PropertyInfo] Fix an error in PropertyInfoCacheExtractor
[HttpFoundation] fixed Request::getContent() reusage bug
[Form] Skip CSRF validation on form when POST max size is exceeded
Use try-finally where it possible
[DependencyInjection] ContainerBuilder: Remove obsolete definitions
Enhance the phpDoc return types so IDEs can handle the configuration tree.
fixes
Remove 3.0 from branch suggestions for fixes in PR template
[Process] Strengthen Windows pipe files opening (again...)
[Cache] Handle unserialize() failures gracefully
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
* 2.8:
[Routing] Add missing options in docblock
[VarDumper] Fix dumping continuations
[HttpFoundation] fixed Request::getContent() reusage bug
[Form] Skip CSRF validation on form when POST max size is exceeded
Enhance the phpDoc return types so IDEs can handle the configuration tree.
fixes
Remove 3.0 from branch suggestions for fixes in PR template
[Process] Strengthen Windows pipe files opening (again...)
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
* 2.7:
[Routing] Add missing options in docblock
[VarDumper] Fix dumping continuations
[HttpFoundation] fixed Request::getContent() reusage bug
[Form] Skip CSRF validation on form when POST max size is exceeded
Enhance the phpDoc return types so IDEs can handle the configuration tree.
fixes
Remove 3.0 from branch suggestions for fixes in PR template
[Process] Strengthen Windows pipe files opening (again...)
Fix#19531 [Form] DateType fails parsing when midnight is not a valid time
* 3.1:
[VarDumper] Fix dumping jsons casted as arrays
PassConfig::getMergePass is not an array
Revert "bug #19114 [HttpKernel] Dont close the reponse stream in debug (nicolas-grekas)"
[Serializer] Include the format in the cache key
Fix the retrieval of the last username when using forwarding
[Yaml] Fix PHPDoc of the Yaml class
[HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
Update getAbsoluteUri() for query string uris
Conflicts:
src/Symfony/Component/DependencyInjection/Compiler/PassConfig.php
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
* 3.0:
[VarDumper] Fix dumping jsons casted as arrays
PassConfig::getMergePass is not an array
Revert "bug #19114 [HttpKernel] Dont close the reponse stream in debug (nicolas-grekas)"
Fix the retrieval of the last username when using forwarding
[Yaml] Fix PHPDoc of the Yaml class
[HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
Update getAbsoluteUri() for query string uris
Conflicts:
src/Symfony/Component/Yaml/Yaml.php
* 2.8:
[VarDumper] Fix dumping jsons casted as arrays
PassConfig::getMergePass is not an array
Revert "bug #19114 [HttpKernel] Dont close the reponse stream in debug (nicolas-grekas)"
Fix the retrieval of the last username when using forwarding
[Yaml] Fix PHPDoc of the Yaml class
[HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
Update getAbsoluteUri() for query string uris
* 2.7:
[VarDumper] Fix dumping jsons casted as arrays
PassConfig::getMergePass is not an array
Revert "bug #19114 [HttpKernel] Dont close the reponse stream in debug (nicolas-grekas)"
Fix the retrieval of the last username when using forwarding
[Yaml] Fix PHPDoc of the Yaml class
[HttpFoundation] Add OPTIONS and TRACE to the list of safe methods
Update getAbsoluteUri() for query string uris
This PR was squashed before being merged into the 3.2-dev branch (closes#19322).
Discussion
----------
[HttpFoundation] Add Request::isMethodIdempotent method
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Addd a new method in the spirit of `isMethodSafe` to know if the current method is idempotent according to RFCs.
Commits
-------
44df6a4 [HttpFoundation] Add Request::isMethodIdempotent method
* 3.1: (22 commits)
[travis] Fix deps=low/high builds
[Form] Fix depreciation triggers
fixed CS
skip test with current phpunit bridge
Fix for #19183 to add support for new PHP MongoDB extension in sessions.
[Console] Fix for block() padding formatting after #19189
[Security][Guard] check if session exist before using it
bumped Symfony version to 3.1.3
updated VERSION for 3.1.2
updated CHANGELOG for 3.1.2
bumped Symfony version to 3.0.9
updated VERSION for 3.0.8
updated CHANGELOG for 3.0.8
bumped Symfony version to 2.8.9
updated VERSION for 2.8.8
updated CHANGELOG for 2.8.8
bumped Symfony version to 2.7.16
updated VERSION for 2.7.15
update CONTRIBUTORS for 2.7.15
updated CHANGELOG for 2.7.15
...
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
* 3.0:
[travis] Fix deps=low/high builds
fixed CS
skip test with current phpunit bridge
Fix for #19183 to add support for new PHP MongoDB extension in sessions.
[Console] Fix for block() padding formatting after #19189
[Security][Guard] check if session exist before using it
bumped Symfony version to 3.0.9
updated VERSION for 3.0.8
updated CHANGELOG for 3.0.8
bumped Symfony version to 2.8.9
updated VERSION for 2.8.8
updated CHANGELOG for 2.8.8
bumped Symfony version to 2.7.16
updated VERSION for 2.7.15
update CONTRIBUTORS for 2.7.15
updated CHANGELOG for 2.7.15
Fix some lowest deps
Fixed typos in the expectedException annotations
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/Security/Guard/Authenticator/AbstractFormLoginAuthenticator.php
* 2.8:
[travis] Fix deps=low/high builds
fixed CS
skip test with current phpunit bridge
Fix for #19183 to add support for new PHP MongoDB extension in sessions.
[Console] Fix for block() padding formatting after #19189
[Security][Guard] check if session exist before using it
bumped Symfony version to 2.8.9
updated VERSION for 2.8.8
updated CHANGELOG for 2.8.8
bumped Symfony version to 2.7.16
updated VERSION for 2.7.15
update CONTRIBUTORS for 2.7.15
updated CHANGELOG for 2.7.15
Fix some lowest deps
Fixed typos in the expectedException annotations
Conflicts:
CHANGELOG-2.7.md
CHANGELOG-3.0.md
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php
src/Symfony/Component/HttpKernel/Kernel.php
src/Symfony/Component/HttpKernel/composer.json
src/Symfony/Component/Yaml/Tests/ParserTest.php
* 2.7:
[travis] Fix deps=low/high builds
fixed CS
Fix for #19183 to add support for new PHP MongoDB extension in sessions.
bumped Symfony version to 2.7.16
updated VERSION for 2.7.15
update CONTRIBUTORS for 2.7.15
updated CHANGELOG for 2.7.15
Fixed typos in the expectedException annotations
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was squashed before being merged into the 2.7 branch (closes#18688).
Discussion
----------
[HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR | symfony/symfony-docs#6526
Emit a warning when a request has both a trusted Forwarded header and a trusted X-Forwarded-For header, as this is most likely a misconfiguration which causes security issues.
Commits
-------
ee8842f [HttpFoundation] Warning when request has both Forwarded and X-Forwarded-For
