This PR was submitted for the 2.2 branch but it was merged into the 2.1 branch instead (closes#7092).
Commits
-------
187645f Fix REMOTE_ADDR for cached subrequests
Discussion
----------
[HttpKernel/HttpCache] Fix "REMOTE_ADDR" for cached subrequests
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | none that I know of
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | 7091
| License | MIT
I moved the code that modifies the REMOTE_ADDR variable further up the chain so that cached subrequests also receive the local IP address. Before, only new subrequests received the local IP address and cached ones received the original IP, which made "validateRequest" in FragmentListener fail.
Please review. I'm not sure about side-effects of this patch, including possible security issues.
Fixes #7091
---------------------------------------------------------------------------
by bamarni at 2013-02-16T11:49:27Z
@fabpot rejected setting this on the master request, so you should do it on the ```forward()``` method instead.
---------------------------------------------------------------------------
by mweimerskirch at 2013-02-16T12:13:46Z
@bamarni @fabpot done
This PR was squashed before being merged into the 2.2 branch (closes#7060).
Commits
-------
f842ae6 [FrameworkBundle] CSRF should be on by default
Discussion
----------
[FrameworkBundle] CSRF should be on by default
---------------------------------------------------------------------------
by stof at 2013-02-13T11:27:32Z
👍
---------------------------------------------------------------------------
by vicb at 2013-02-15T08:54:39Z
Oops seems like a file is missing... will update
---------------------------------------------------------------------------
by vicb at 2013-02-15T09:04:13Z
@fabpot the fix is fixed, ready to be merged !
---------------------------------------------------------------------------
by stloyd at 2013-02-15T09:05:24Z
Shouldn't this be noted in upgrade/changelog file? It's kinda of BC break...
---------------------------------------------------------------------------
by vicb at 2013-02-15T09:13:18Z
don't fix so, this is something I did break a few weeks ago, just reverting to how it is supposed to work.
---------------------------------------------------------------------------
by fabpot at 2013-02-15T09:49:21Z
If you broke CSRF configuration, I suppose that you also broke form, ESI, framgents, translator, validator, and profiler configuration, no (see fde7585)?
---------------------------------------------------------------------------
by vicb at 2013-02-15T09:51:51Z
Hey @fabpot I am not that BAD :)
"form, ESI, framgents, translator, validator, and profiler" are off by default. Only CSRF should be on by default.
This PR was squashed before being merged into the 2.2 branch (closes#6999).
Commits
-------
de0f7b7 [HttpFoundation] Added getter for httpMethodParameterOverride state
Discussion
----------
[HttpFoundation] Added getter for httpMethodParameterOverride state
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6984
| License | MIT
| Doc PR | ~
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#7073).
Commits
-------
3bc0567 Create validators.lv.xlf
Discussion
----------
Create validators.lv.xlf, latvian translation
Latvian translation of validators
Please use the concrete Class Methods to check validations. Its realy unexpected that Validator don't use the normal Object way and can call anything...
This PR was merged into the 2.1 branch.
Commits
-------
5e8d844 [Process] Warn user with a useful message when tmpfile() failed
Discussion
----------
[Process] Warn user with a useful message when tmpfile() failed
Simple warning so users know what's going on instead of getting a proc_open error, see composer/composer#1581.
Can't get the PR template since ~~symfony.com~~ my dns resolver is dead :)
This PR was merged into the 2.2 branch.
Commits
-------
06c26dc Remove array type hint from GetResponseForControllerResultEvent::setControllerResult()
Discussion
----------
Remove array type hint from GetResponseForControllerResultEvent::setControllerResult()
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
I don't see a good reason to limit responses to arrays. The method was introduced in 2.2, so there is no real BC break.
---------------------------------------------------------------------------
by stof at 2013-02-13T03:18:35Z
Indeed. SensioFrameworkExtraBundle handles the case where the result is an array, but in the case of FOSRestBundle, it is an object
* 2.2:
Fixed XmlFileLoaderTest::testLoadThrowsExceptionWithInvalidFileEvenWithoutSchemaValidation
moved file hash calculation to own method
[Validator] Add check for existing metadata on property
added support for the X-Forwarded-For header (closes#6982, closes#7000)
fixed the IP address in HttpCache when calling the backend
[EventDispatcher] Added assertion.
[EventDispathcer] Fix removeListener
[DependencyInjection] Add clone for resources which were introduced in 2.1
[DependencyInjection] Allow frozen containers to be dumped to graphviz
Fix 'undefined index' error, when entering scope recursively
[Security] fixed session creation on login (closes#7011)
replaced usage of the deprecated pattern routing key (replaced with path)
Add dot character `.` to legal mime subtype regular expression
[HttpFoundation] fixed the creation of sub-requests under some circumstancies (closes#6923, closes#6936)
* 2.1:
added support for the X-Forwarded-For header (closes#6982, closes#7000)
fixed the IP address in HttpCache when calling the backend
[EventDispatcher] Added assertion.
[EventDispathcer] Fix removeListener
[DependencyInjection] Add clone for resources which were introduced in 2.1
[DependencyInjection] Allow frozen containers to be dumped to graphviz
Fix 'undefined index' error, when entering scope recursively
[Security] fixed session creation on login (closes#7011)
Add dot character `.` to legal mime subtype regular expression
[HttpFoundation] fixed the creation of sub-requests under some circumstancies (closes#6923, closes#6936)
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#6393).
Commits
-------
697d53d [Router] Fixed XmlFileLoaderTest::testLoadThrowsExceptionWithInvalidFileEvenWithoutSchemaValidation
Discussion
----------
[Router] Fixed test
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#6708).
Commits
-------
90a3e7a [HttpFoundation] moved file hash calculation to own method
Discussion
----------
[HttpFoundation] moved file hash calculation to own method
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Todo: -
Fixes the following tickets: #6101
License of the code: MIT
Documentation PR: -
This commit adds ability to change default hashing implementation by extending BinaryFileResponse.
---------------------------------------------------------------------------
by stloyd at 2013-01-11T16:23:30Z
IMO it's looks a like overkill...
---------------------------------------------------------------------------
by lsmith77 at 2013-01-11T16:39:33Z
hmm yeah .. seems like something that could be done via inheritance ..
---------------------------------------------------------------------------
by Tobion at 2013-01-11T17:44:29Z
I agree, overriting the method is much simpler solution.
---------------------------------------------------------------------------
by jalliot at 2013-01-11T18:16:04Z
Besides the `$autoetag` variable is false by default so you have to explicitly enable this behavior...
---------------------------------------------------------------------------
by povilas at 2013-01-11T18:39:31Z
@lsmith77, @Tobion, you mean, just move hash calculation to separate protected method, and when you want to change hashing you must extend BinaryFileResponse?
This PR was squashed before being merged into the 2.2 branch (closes#6972).
Commits
-------
4cbdbcb [Validator] Add check for existing metadata on property
Discussion
----------
[Validator] Add check for existing metadata on property
| Q | A
| ------------- | ---
| Bug fix? | no (sort of)
| New feature? | no
| BC breaks? | no (I don't think so)
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
Todo:
- [x] Check if the new method should be added to the interface as well.
This adds a check for metadata existence before usage else the code will emit a warning.
This should not be a BC break or a bug fix as the patched code is 2.2 specific.
@bschussek let me know if I should add the method in the interface as well. Thank you.
---------------------------------------------------------------------------
by vicb at 2013-02-05T10:40:56Z
Strictly speaking this is a BC break (you are adding a public method). But I guess we should better defined what should be describe as BC break - I have asked myself the same question more than one time /cc @fabpot
Please also add a UT and a note in the changelog.
---------------------------------------------------------------------------
by dlsniper at 2013-02-05T11:26:30Z
@vicb thanks for input. In this case I guess I should add the method to the interface as well.
As for unit tests I'll add them soon as well.
---------------------------------------------------------------------------
by fabpot at 2013-02-05T14:19:14Z
Can you add a test?
---------------------------------------------------------------------------
by dlsniper at 2013-02-05T15:57:12Z
I'll do it tonight as I've bumped into some work related issues.
---------------------------------------------------------------------------
by fabpot at 2013-02-11T11:11:12Z
Just for the record, this is not a BC break as the interface was added in 2.2.
This PR was squashed before being merged into the master branch (closes#6992).
Commits
-------
8adb0e3 [Form]fixed FormRenderer::humanize() to humanize camel cased label
Discussion
----------
[Form]fixed FormRenderer::humanize() to humanize camel cased label
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | N/A
| License | MIT
| Doc PR | N/A
FormRenderer::humanize() only converts underscored_field_name to humanized field name(just the same as sfInflector::humanize()).
Sensio\Bundle\GeneratorBundle\Generator\DoctrineFormGenerator does not convert camelCased field names to underscored one, however.
I have to edit manually field names in the generated FormType class everytime I use doctrine:generate:form Command, too messy.
so I suggest humanize() is to take care of it.
---------------------------------------------------------------------------
by 77web at 2013-02-08T01:40:59Z
@vicb thank you for your kind review. I've added commits as you told.
---------------------------------------------------------------------------
by vicb at 2013-02-08T07:33:47Z
@77web you probably could merge the the setup into the test method.
---------------------------------------------------------------------------
by 77web at 2013-02-08T08:17:10Z
@vicb I've merged setUp() and tearDown() into test method(before and after assertion). anything else to fix?
---------------------------------------------------------------------------
by 77web at 2013-02-08T10:11:51Z
@vicb I've fixed test as you told.thanks again for your kind help!
---------------------------------------------------------------------------
by vicb at 2013-02-08T12:00:29Z
One last thing: a note in the changelog ?
---------------------------------------------------------------------------
by 77web at 2013-02-08T12:23:57Z
I added a note in 2.2.0 section. or shold I write it in 2.1.0?
---------------------------------------------------------------------------
by vicb at 2013-02-08T12:25:36Z
As you send it to master, you should create a 2.3.0 (2.1 & 2.2 have their own branches)
---------------------------------------------------------------------------
by vicb at 2013-02-08T12:26:40Z
and should write your comment as "fixed xyz to abc". Thanks.
---------------------------------------------------------------------------
by 77web at 2013-02-08T12:32:39Z
fixed my note. thanks a lot! @vicb
This PR was merged into the 2.0 branch.
Commits
-------
4ce9ac3 [EventDispatcher] Added assertion.
Discussion
----------
[EventDispatcher] Added assertion
re #7023, I think it actually makes sense to add an assertion here. It reveals the intent of the test (listener is not removed).
---------------------------------------------------------------------------
by vicb at 2013-02-10T11:32:06Z
I don't think the assertion would fail with the former code, would it ?
---------------------------------------------------------------------------
by vicb at 2013-02-10T11:34:30Z
I mean an error would be generated even before the assertion.
---------------------------------------------------------------------------
by jakzal at 2013-02-10T11:37:05Z
Yes, it would fail before getting to the assertion with: *Object of class Closure could not be converted to int*.
However, this is something good to test for (and document - test is a documentation). We're not checking if type is taken into account in other tests. This test might still fail if code inside removeListener() changed.
---------------------------------------------------------------------------
by vicb at 2013-02-10T11:42:29Z
I don't really understand your point and think it is a bit useless here but I am not against your change - I don't argue that test is doc though.
---------------------------------------------------------------------------
by jakzal at 2013-02-10T15:38:09Z
Assertion is indeed useless for the bug you discovered and fixed. I think it's still worth to have it there for other reason:
* test readability and completeness - with an assertion it's more clear that we don't expect the listener to be removed with the `removeListener()` call if passed argument doesn't match the one added before
If you still don't see my point just close this PR :)
---------------------------------------------------------------------------
by vicb at 2013-02-10T17:34:35Z
What I mean is that you are unit testing php and it is not a job for sf. So it is not strictly required but as it doesn't hurt, let's merge your change.
Jakub Zalas <notifications@github.com> wrote:
>Assertion is indeed useless for the bug you discovered and fixed. I
>think it's still worth to have it there for other reason:
>* test readability and completeness - with an assertion it's more clear
>that we don't expect the listener to be removed with the
>`removeListener()` call if passed argument doesn't match the one added
>before
>
>If you still don't see my point just close this PR :)
>
>
>---
>Reply to this email directly or view it on GitHub:
>https://github.com/symfony/symfony/pull/7038#issuecomment-13351469
This PR was merged into the 2.2 branch.
Commits
-------
73aa7d1 replaced usage of the deprecated pattern routing key (replaced with path)
Discussion
----------
replaced usage of the deprecated pattern routing key (replaced with path)
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
---------------------------------------------------------------------------
by lsmith77 at 2013-02-07T13:35:54Z
do we have tests to cover the BC behavior?
---------------------------------------------------------------------------
by fabpot at 2013-02-07T16:30:31Z
I've just added some tests for the legacy way.
This PR was submitted for the 2.2 branch but it was merged into the 2.1 branch instead (closes#7034).
Commits
-------
1fdded5 [HttpKernel] added support for the X-Forwarded-For header (closes#6982, closes#7000)
be65d7c [HttpKernel] fixed the IP address in HttpCache when calling the backend
Discussion
----------
Make HttpCache behaves more like a real reverse proxy
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6982, #7000
| License | MIT
| Doc PR | n/a
---------------------------------------------------------------------------
by bendavies at 2013-02-10T00:55:29Z
Awesome, thanks Fabien. should this not target 2.0/2.1?