Commit Graph

16111 Commits

Author SHA1 Message Date
Tomáš Polívka
c65b4c7d2d [WebProfilerBundle] turbolinks compatibility 2014-07-29 11:52:49 +02:00
Fabien Potencier
20bf24ea3d minor #11491 Update validators.eu.xlf (g123456789l)
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes #11491).

Discussion
----------

Update validators.eu.xlf

Spelling of 'CSRF' was incorrect

Commits
-------

d432395 Update validators.eu.xlf
2014-07-28 11:30:47 +02:00
g123456789l
d4323951f2 Update validators.eu.xlf
Spelling of 'CSRF' was incorrect
2014-07-28 11:30:47 +02:00
Fabien Potencier
24cd42555c bug #11475 [EventDispatcher] don't count empty listeners (xabbuh)
This PR was merged into the 2.3 branch.

Discussion
----------

[EventDispatcher] don't count empty listeners

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #11444
| License       | MIT
| Doc PR        |

When event listeners for certain events are removed from the event
dispatcher, empty arrays are not being removed. Therefore, counting
on empty arrays leads to wrong results of the hasListeners() method.

Thanks to @mlindenb for discovering this an proposing a solution.

Commits
-------

fdbb04a [EventDispatcher] don't count empty listeners
2014-07-27 10:29:33 +02:00
Fabien Potencier
ff4a37ff24 minor #11484 remove unused imports (xabbuh)
This PR was merged into the 2.3 branch.

Discussion
----------

remove unused imports

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets |
| License       | MIT
| Doc PR        |

Commits
-------

9cd059e remove unused imports
2014-07-27 10:26:10 +02:00
Fabien Potencier
0bce1483c1 fixed CS 2014-07-27 10:25:12 +02:00
Fabien Potencier
8b051f9daa minor #11481 Unify null comparisons (WouterJ)
This PR was merged into the 2.3 branch.

Discussion
----------

Unify null comparisons

| Q             | A
| ------------- | ---
| Fixed tickets | -
| License       | MIT

Commits
-------

be04c50 Unify null comparisons
2014-07-27 09:59:35 +02:00
Christian Flothmann
9cd059ee1f remove unused imports 2014-07-26 20:24:56 +02:00
WouterJ
be04c5000c Unify null comparisons 2014-07-26 11:54:23 +02:00
Christian Flothmann
fdbb04a6ac [EventDispatcher] don't count empty listeners
When event listeners for certain events are removed from the event
dispatcher, empty arrays are not being removed. Therefore, counting
on empty arrays leads to wrong results of the hasListeners() method.
2014-07-25 17:00:14 +02:00
Romain Neutron
c548bd861a bug #11436 fix signal handling in wait() on calls to stop() (xabbuh, romainneutron)
This PR was merged into the 2.3 branch.

Discussion
----------

fix signal handling in wait() on calls to stop()

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #11286
| License       | MIT
| Doc PR        |

``wait()`` throws an exception when the process was terminated by a signal. This should not happen when the termination was requested by calling the ``stop()`` method (for example, inside a callback which is passed to ``wait()``).

Commits
-------

5939d34 [Process] Fix unit tests in sigchild environment
eb68662 [Process] fix signal handling in wait()
94ffc4f bug #11469  [BrowserKit] Fixed server HTTP_HOST port uri conversion (bcremer, fabpot)
103fd88 [BrowserKit] refactor code and fix unquoted regex
f401ab9 Fixed server HTTP_HOST port uri conversion
045cbc5 bug #11425 Fix issue described in #11421 (Ben, ben-rosio)
f5bfa9b bug #11423 Pass a Scope instance instead of a scope name when cloning a container in the GrahpvizDumper (jakzal)
3177be5 minor #11464 [Translator] Use quote to surround invalid locale (lyrixx)
c9742ef [Translator] Use quote to surround invalid locale
4dbe0e1 bug #11120 [2.3][Process] Reduce I/O load on Windows platform (romainneutron)
797d814 bug #11342 [2.3][Form] Check if IntlDateFormatter constructor returned a valid object before using it (romainneutron)
0b5348e minor #11441 [Translator] Optimize assertLocale regexp (Jérémy Derussé)
537c39b Optimize assertLocale regexp
4cf50e8 Bring code into standard
9f4313c [Process] Add test to verify fix for issue #11421
02eb765 [Process] Fixes issue #11421
6787669 [DependencyInjection] Pass a Scope instance instead of a scope name.
9572918 bug #11411 [Validator] Backported #11410 to 2.3: Object initializers are called only once per object (webmozart)
291cbf9 [Validator] Backported #11410 to 2.3: Object initializers are called only once per object
efab884 bug #11403 [Translator][FrameworkBundle] Added @ to the list of allowed chars in Translator (takeit)
3176f8b [Translator][FrameworkBundle] Added @ to the list of allowed chars in Translator
91e32f8 bug #11381 [2.3] [Process] Use correct test for empty string in UnixPipes (whs, romainneutron)
45df2f3 minor #11397 [2.3][Process] Fix unit tests on Windows platform (romainneutron)
cec0a45 [Process] Adjust PR #11264, make it Windows compatible and fix CS
d418935 [Process] Fix unit tests on Windows platform
ff0bb01 [Process] Reduce I/O load on Windows platform
ace5a29 bumped Symfony version to 2.3.19
75e07e6 updated VERSION for 2.3.18
4a12f4d update CONTRIBUTORS for 2.3.18
98b891d updated CHANGELOG for 2.3.18
06a80fb Validate locales sets intos translator
06fc97e feature #11367 [HttpFoundation] Fix to prevent magic bytes injection in JSONP responses... (CVE-2014-4671) (Andrew Moore)
3c54659 minor #11387 [2.3] [Validator] Fix UserPassword validator translation (redstar504)
73d50ed Fix UserPassword validator translation
93a970c bug #11386 Remove Spaceless Blocks from Twig Form Templates (chrisguitarguy)
8f9ed3e Remove Spaceless Blocks from Twig Form Templates
9e1ea4a [Process] Use correct test for empty string in UnixPipes
6af3d05 [HttpFoundation] Fix to prevent magic bytes injection in JSONP responses (Prevents CVE-2014-4671)
ebf967d [Form] Check if IntlDateFormatter constructor returned a valid object before using it
2014-07-25 11:23:56 +02:00
Romain Neutron
5939d34c17 [Process] Fix unit tests in sigchild environment 2014-07-25 10:39:28 +02:00
Christian Flothmann
eb68662360 [Process] fix signal handling in wait()
wait() throws an exception when the process was terminated by a signal.
This should not happen when the termination was requested by calling
either the stop() or the signal() method (for example, inside a callback
which is passed to wait()).
2014-07-25 10:39:21 +02:00
Fabien Potencier
94ffc4fab2 bug #11469 [BrowserKit] Fixed server HTTP_HOST port uri conversion (bcremer, fabpot)
This PR was merged into the 2.3 branch.

Discussion
----------

 [BrowserKit] Fixed server HTTP_HOST port uri conversion

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #11356
| License       | MIT
| Doc PR        | n/a

See #11356

Commits
-------

103fd88 [BrowserKit] refactor code and fix unquoted regex
f401ab9 Fixed server HTTP_HOST port uri conversion
2014-07-25 08:30:34 +02:00
Fabien Potencier
103fd88b40 [BrowserKit] refactor code and fix unquoted regex 2014-07-25 07:47:26 +02:00
Benjamin Cremer
f401ab9032 Fixed server HTTP_HOST port uri conversion 2014-07-25 07:41:17 +02:00
Fabien Potencier
045cbc53cc bug #11425 Fix issue described in #11421 (Ben, ben-rosio)
This PR was merged into the 2.3 branch.

Discussion
----------

Fix issue described in #11421

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #11421
| License       | MIT
| Doc PR        | NA

This pull request fixes the issue described in #11421.  It also adds a test for the issue.  The issue is present in 2.0 forward, but I decided to fix it on the 2.3 branch so that I could also write a test for it (2.0 had no tests for the Process component, and 2.1 and 2.2 didn't have tests for the `ExecutableFinder` class).

Commits
-------

4cf50e8 Bring code into standard
9f4313c [Process] Add test to verify fix for issue #11421
02eb765 [Process] Fixes issue #11421
2014-07-25 07:28:54 +02:00
Fabien Potencier
f5bfa9bc9e bug #11423 Pass a Scope instance instead of a scope name when cloning a container in the GrahpvizDumper (jakzal)
This PR was merged into the 2.3 branch.

Discussion
----------

Pass a Scope instance instead of a scope name when cloning a container in the GrahpvizDumper

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #11055
| License       | MIT
| Doc PR        | -

Commits
-------

6787669 [DependencyInjection] Pass a Scope instance instead of a scope name.
2014-07-25 07:22:20 +02:00
Fabien Potencier
3177be50f8 minor #11464 [Translator] Use quote to surround invalid locale (lyrixx)
This PR was submitted for the 2.5 branch but it was merged into the 2.3 branch instead (closes #11464).

Discussion
----------

[Translator] Use quote to surround invalid locale

| Q             | A
| ------------- | ---
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

I got this message in one application (CLI):

```

  [InvalidArgumentException]
  Invalid locale: en_US .

```

It's not so easy to spot the issue.

Commits
-------

c9742ef [Translator] Use quote to surround invalid locale
2014-07-24 18:59:35 +02:00
Grégoire Pineau
c9742efe99 [Translator] Use quote to surround invalid locale 2014-07-24 18:59:28 +02:00
Fabien Potencier
4dbe0e1c34 bug #11120 [2.3][Process] Reduce I/O load on Windows platform (romainneutron)
This PR was merged into the 2.3 branch.

Discussion
----------

[2.3][Process] Reduce I/O load on Windows platform

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | n/a
| License       | MIT

When using file handles, no `stream_select` call is done.
On linux platforms, `stream_select` introduce a sleep as it has 0.2s timeout, there is no such pause on Windows, producing lot's of disk I/Os when reading file handles

Commits
-------

ff0bb01 [Process] Reduce I/O load on Windows platform
2014-07-23 17:11:31 +02:00
Fabien Potencier
797d8141e3 bug #11342 [2.3][Form] Check if IntlDateFormatter constructor returned a valid object before using it (romainneutron)
This PR was merged into the 2.3 branch.

Discussion
----------

[2.3][Form] Check if IntlDateFormatter constructor returned a valid object before using it

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | n/a
| License       | MIT

`IntlDateFormatter` constructor [may return false](http://www.php.net/manual/en/intldateformatter.create.php#refsect1-intldateformatter.create-returnvalues). This patches avoids fatal errors in these cases

This PR replaces #11334

Commits
-------

ebf967d [Form] Check if IntlDateFormatter constructor returned a valid object before using it
2014-07-23 16:33:41 +02:00
Fabien Potencier
0b5348ea3a minor #11441 [Translator] Optimize assertLocale regexp (Jérémy Derussé)
This PR was merged into the 2.3 branch.

Discussion
----------

[Translator] Optimize assertLocale regexp

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets |
| License       | MIT
| Doc PR        |

Optimize regexp by remove unused variable and using anchored regex.
Thanks @Tobion

Commits
-------

537c39b Optimize assertLocale regexp
2014-07-23 09:58:41 +02:00
Jérémy Derussé
537c39b11e Optimize assertLocale regexp 2014-07-22 23:54:07 +02:00
Ben
4cf50e8d30 Bring code into standard 2014-07-20 22:50:55 -06:00
Ben
9f4313cf6f [Process] Add test to verify fix for issue #11421 2014-07-19 17:48:53 -06:00
Ben
02eb765a9c [Process] Fixes issue #11421 2014-07-19 17:29:08 -06:00
Jakub Zalas
678766900b [DependencyInjection] Pass a Scope instance instead of a scope name. 2014-07-19 21:50:43 +01:00
Fabien Potencier
9572918064 bug #11411 [Validator] Backported #11410 to 2.3: Object initializers are called only once per object (webmozart)
This PR was merged into the 2.3 branch.

Discussion
----------

[Validator] Backported #11410 to 2.3: Object initializers are called only once per object

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

Before, object initializers were called multiple times if an object was validated in different groups in the same validation run. The initializers, however, are not aware of the current validation group, so calling them more than once does not make sense.

Now, object initializers are called exactly once per validated object.

See #11410

Commits
-------

291cbf9 [Validator] Backported #11410 to 2.3: Object initializers are called only once per object
2014-07-18 11:07:06 +02:00
Bernhard Schussek
291cbf9efa [Validator] Backported #11410 to 2.3: Object initializers are called only once per object 2014-07-18 10:20:25 +02:00
Fabien Potencier
efab88490e bug #11403 [Translator][FrameworkBundle] Added @ to the list of allowed chars in Translator (takeit)
This PR was squashed before being merged into the 2.3 branch (closes #11403).

Discussion
----------

[Translator][FrameworkBundle] Added @ to the list of allowed chars in Translator

| Q             | A
| ------------- | ---
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #11396
| License       | MIT

Commits
-------

3176f8b [Translator][FrameworkBundle] Added @ to the list of allowed chars in Translator
2014-07-17 12:20:14 +02:00
Rafał Muszyński
3176f8bb98 [Translator][FrameworkBundle] Added @ to the list of allowed chars in Translator 2014-07-17 12:20:11 +02:00
Fabien Potencier
91e32f810b bug #11381 [2.3] [Process] Use correct test for empty string in UnixPipes (whs, romainneutron)
This PR was merged into the 2.3 branch.

Discussion
----------

[2.3] [Process] Use correct test for empty string in UnixPipes

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | n/a
| License       | MIT
| Doc PR        | n/a

This PR supersedes #11264 : 2.3 compatibility + Windows compatibility + CS fix

Commits
-------

cec0a45 [Process] Adjust PR #11264, make it Windows compatible and fix CS
9e1ea4a [Process] Use correct test for empty string in UnixPipes
2014-07-16 15:02:06 +02:00
Fabien Potencier
45df2f314c minor #11397 [2.3][Process] Fix unit tests on Windows platform (romainneutron)
This PR was merged into the 2.3 branch.

Discussion
----------

[2.3][Process] Fix unit tests on Windows platform

| Q             | A
| ------------- | ---
| Bug fix?      | no
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | n/a
| License       | MIT

Commits
-------

d418935 [Process] Fix unit tests on Windows platform
2014-07-16 14:58:19 +02:00
Romain Neutron
cec0a45ff5 [Process] Adjust PR #11264, make it Windows compatible and fix CS 2014-07-16 14:40:06 +02:00
Romain Neutron
d4189350c0 [Process] Fix unit tests on Windows platform 2014-07-16 11:55:07 +02:00
Romain Neutron
ff0bb01a91 [Process] Reduce I/O load on Windows platform 2014-07-16 11:39:41 +02:00
Fabien Potencier
ace5a29867 bumped Symfony version to 2.3.19 2014-07-15 21:58:41 +02:00
Fabien Potencier
75e07e6bde updated VERSION for 2.3.18 2014-07-15 16:20:44 +02:00
Fabien Potencier
4a12f4d0f2 update CONTRIBUTORS for 2.3.18 2014-07-15 16:20:27 +02:00
Fabien Potencier
98b891d271 updated CHANGELOG for 2.3.18 2014-07-15 16:20:17 +02:00
Jérémy Derussé
06a80fbdbe Validate locales sets intos translator 2014-07-15 15:44:49 +02:00
Fabien Potencier
06fc97ead8 feature #11367 [HttpFoundation] Fix to prevent magic bytes injection in JSONP responses... (CVE-2014-4671) (Andrew Moore)
This PR was merged into the 2.3 branch.

Discussion
----------

[HttpFoundation] Fix to prevent magic bytes injection in JSONP responses... (CVE-2014-4671)

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no*
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | N/A
| License       | MIT
| Doc PR        | N/A
| CVE Ticket   | [CVE-2014-4671](http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4671)
| See Also | [Rosetta Flash](http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/)

\* Unless you are parsing the response string manually, which you really shouldn't do anyway

**THIS IS A SECURITY FIX AND SHOULD BE MERGED SHORTLY**

This fix prevents attacks vectors where third-party browser plugins depends on ASCII magic bytes in order to execute a plugin. This is currently exploited with Flash using a carefully crafted JSONP response, allowing the execution of random SWF data from a domain with a vulnerable JSONP endpoint.

This security issue is mitigated by adding an empty comment right before the callback parameter. This does not affect the execution of the JSONP callback.

Commits
-------

6af3d05 [HttpFoundation] Fix to prevent magic bytes injection in JSONP responses (Prevents CVE-2014-4671)
2014-07-15 15:35:51 +02:00
Fabien Potencier
3c54659baf minor #11387 [2.3] [Validator] Fix UserPassword validator translation (redstar504)
This PR was merged into the 2.3 branch.

Discussion
----------

[2.3] [Validator] Fix UserPassword validator translation

| Q             | A
| ------------- | ---
| Fixed tickets | None
| License       | MIT

Fixes the UserPassword translation message only for 2.3 as discussed in symfony/symfony#11383.

Commits
-------

73d50ed Fix UserPassword validator translation
2014-07-15 10:15:42 +02:00
redstar504
73d50edc17 Fix UserPassword validator translation 2014-07-13 22:59:18 -07:00
Fabien Potencier
93a970c17d bug #11386 Remove Spaceless Blocks from Twig Form Templates (chrisguitarguy)
This PR was merged into the 2.3 branch.

Discussion
----------

Remove Spaceless Blocks from Twig Form Templates

In favor of using Twig's whitespace control operators. See #11277

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #11277
| License       | MIT
| Doc PR        |

Per @fabpot and @stof's requests in #11278, this is a PR for the 2.3 branch.

Commits
-------

8f9ed3e Remove Spaceless Blocks from Twig Form Templates
2014-07-14 07:07:18 +02:00
Christopher Davis
8f9ed3ebb9 Remove Spaceless Blocks from Twig Form Templates
In favor of using Twig's whitespace control operators. See #11277
2014-07-13 13:09:52 -04:00
Manatsawin Hanmongkolchai
9e1ea4aa4b [Process] Use correct test for empty string in UnixPipes 2014-07-12 16:25:05 +02:00
Fabien Potencier
ea45769aab fixed typo 2014-07-11 11:32:34 +02:00
Andrew Moore
6af3d05b85 [HttpFoundation] Fix to prevent magic bytes injection in JSONP responses (Prevents CVE-2014-4671) 2014-07-10 09:27:11 -04:00