* 2.1:
Removed trailing whitespace
[Validator] added missing estonian translation of messages
Filesystem::touch() not working with different owners (utime/atime issue)
Conflicts:
src/Symfony/Component/Validator/Resources/translations/validators.et.xlf
This PR was merged into the 2.2 branch.
Discussion
----------
[Validator] added missing estonian translation of messages
| Q | A
| ------------- | ---
| Fixed tickets | -
| License | MIT
This commit adds missing Estonian translation of messages introduced in 2.2. It's a follow-up to #7769.
Commits
-------
633b63b [Validator] added missing estonian translation of messages
This PR was merged into the 2.1 branch.
Discussion
----------
[Validator] added missing estonian translation of messages
| Q | A
| ------------- | ---
| Fixed tickets | -
| License | MIT
Commits
-------
efff50a [Validator] added missing estonian translation of messages
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#7752).
Discussion
----------
Filesystem::touch() not working with different owners (utime/atime issue)
This PR was submitted on the symfony/Filesystem read-only repository and moved automatically to the main Symfony repository (closessymfony/Filesystem#3).
Case: I have 2 users, www-data and myself. I have a command script that makes a lock file in /var/lock/.../ something. This command is called from a post request by FOS and ran in the background. Whever one of the 2 methods (web/cli manually) is used, the other user won't have permissions to use the Filesystem::touch(). The reason this won't work is the second parameter.
What touch() does:
$touch param: The touch time. If time is not supplied, the current system time is used.
$atime param: If present, the access time of the given filename is set to the value of atime. Otherwise, it is set to the value passed to the time parameter. If neither are present, the current system time is used.
So the current code is basically copying this. However, if the second parameter is null it is still present and will cause the same problem. Note that all files and folders related are set to 0777 and have the owner of www-data. I'm accessing them under my own account here:
Interactive shell
php > var_dump(touch('/var/lock/tripolis/ontw/dev/2140191804.lock', null));
PHP Warning: touch(): Utime failed: Operation not permitted in php shell code on line 1
Warning: touch(): Utime failed: Operation not permitted in php shell code on line 1
bool(false)
php > var_dump(touch('/var/lock/tripolis/ontw/dev/2140191804.lock'));
bool(true)
If I were to pass it without second parameter, let it be time() or null (Filesystem uses time() by default if not present), it DOES work. However, Filesystem::touch() ALWAYS gives a parameter to touch. This parameter is exactly the same value as what the function itself would do in php. Let it be that in my case there is an issue with the atime. I'm not exactly sure how it works but it's not tracked or usable in my case. Because parameter 2 exists, parameter 3 is set. Parameter 3 is not allowed and therefore causes Filesystem::touch() to throw an exception.
Commits
-------
e3a0fe6 Filesystem::touch() not working with different owners (utime/atime issue)
* 2.1:
[HttpFoundation][BrowserKit] fixed path when converting a cookie to a string
[BrowserKit] removed dead code
[HttpFoundation] fixed empty domain= in Cookie::__toString()
fixed detection of secure cookies received over https
[Translation] removed an uneeded class property
[Translation] removed unneeded getter/setter
[Translator] added additional conversion for encodings other than utf-8
fix a DI circular reference recognition bug
[HttpFoundation] fixed the creation of sub-requests under some circumstances for IIS
This PR was squashed before being merged into the 2.2 branch (closes#7655).
Discussion
----------
[Config] #7644 add tests for passing number looking attributes as strings
| Q | A |
| ----------------- |:-------------:|
| Bug fix? | yes |
| New feature | no |
| BC breaks? | no |
| Deprecations?| no |
| Tests pass? | yes |
| Fixed tickets | #7644 |
| License | MIT |
Commits
-------
d98118a [Config] #7644 add tests for passing number looking attributes as strings
This PR was merged into the 2.1 branch.
Discussion
----------
[BrowserKit] fixed detection of secure cookies received over https
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7666, #7738
| License | MIT
| Doc PR | N/A
As reported in symfony/symfony#7666, BrowserKit's cookie handling only recognises a secure cookie if the cookie option is set and the cookie was set over an https request. The client was not passing the url into the cookiejar update code, causing Cookie::isSecure() to always return false for every cookie.
I have corrected this behaviour and added an additional unit test to prove the bug and fix.
Commits
-------
36d057b [HttpFoundation][BrowserKit] fixed path when converting a cookie to a string
c884151 [BrowserKit] removed dead code
495d0e3 [HttpFoundation] fixed empty domain= in Cookie::__toString()
c2bc707 fixed detection of secure cookies received over https
BrowserKit's cookie handling only recognises a secure cookie if the
cookie option is set and the cookie was set over an https request.
The client was not passing the url into the cookiejar update code,
causing Cookie::isSecure() to always return false for every cookie.
Fixessymfony/symfony#7666
This PR was squashed before being merged into the 2.2 branch (closes#7253).
Discussion
----------
[2.2] Pass ESI header to subrequests
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7252
| License | MIT
Commits
-------
af819a7 [2.2] Pass ESI header to subrequests
This PR was merged into the 2.1 branch.
Discussion
----------
[HttpFoundation] fixes creation of sub requests under IIS & Rewite Module
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6936, #6923
| License | MIT
| Doc PR | N/A
There are a few bugs to address.
1. `HTTP_X_ORIGINAL_URL` wasn't removed from the server parameters, so is picked back up [here](https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/ServerBag.php#L33) upon recreation of a sub request.
2. When `X_ORIGINAL_URL` is passed in the headers by IIS, `IIS_WasUrlRewritten` and `UNENCODED_URL` can also be passed as server vars, so they must also be removed for sub request URI's to be resolved correctly.
Additionally, I have removed the OS check for windows, because it was only done for 2 out of 4 of the IIS specific checks, and it made the code untestable.
Also added tests for all scenarios as there were none.
Commits
-------
9fcd2f6 [HttpFoundation] fixed the creation of sub-requests under some circumstances for IIS
This PR was squashed before being merged into the 2.1 branch (closes#7698).
Discussion
----------
[Translator] added additional conversion for encodings other than utf-8
Added an additional conversion if there is another encoding in the
xlf file present. Values from simple_xml are always utf-8 encoded.
Also added some tests to verify this new behaviour.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
Commits
-------
54bcf5c [Translator] added additional conversion for encodings other than utf-8
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#7718).
Discussion
----------
[2.2+][Validator][translation] update Japanese translation for Validator component
| Q | A
| ------------- | ---
| Fixed tickets | N/A
| License | MIT
Commits
-------
4ea64cd [Validator][translation][japanese] fixed source messages to accept pluralized messages [Validator][translation][japanese] add messages for new validator
This PR was merged into the 2.1 branch.
Discussion
----------
[DependencyInjection] Fix a DI circular reference recognition bug
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | no
| Fixed tickets |
| License | MIT
| Doc PR |
plus add ability to detect deeper circular references eg: A -> B -> C -> B
Commits
-------
8a434ed fix a DI circular reference recognition bug
* 2.1:
Fix default value handling for multi-value options
[HttpKernel] truncate profiler token to 6 chars (see #7665)
Disabled APC on Travis for PHP 5.5+ as it is not available
[HttpFoundation] do not use server variable PATH_INFO because it is already decoded and thus symfony is fragile to double encoding of the path
[Yaml] improved boolean naming ($notEOF -> !$EOF)
[Yaml] fixed handling an empty value
[Routing][XML Loader] Add a possibility to set a default value to null
The /e modifier for preg_replace() is deprecated in PHP 5.5; replace with preg_replace_callback()
[HttpFoundation] Fixed bug in key searching for NamespacedAttributeBag
[Form] DateTimeToRfc3339Transformer use proper transformation exteption in reverse transformation
Update PhpEngine.php
[HttpFoundation] getClientIp is fixed.
Conflicts:
.travis.yml
src/Symfony/Component/Routing/Loader/XmlFileLoader.php
src/Symfony/Component/Routing/Loader/schema/routing/routing-1.0.xsd
src/Symfony/Component/Routing/Tests/Fixtures/validpattern.xml
src/Symfony/Component/Routing/Tests/Loader/XmlFileLoaderTest.php
This PR was submitted for the 2.2 branch but it was merged into the 2.1 branch instead (closes#7690).
Discussion
----------
[Console] Fix default value handling for multi-value options
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7689
| License | MIT
The default value for array options will be an array, so it is not suitable to use as the default when processing one of many values for a multi-value option. Using null seems appropriate here, as it indicates the absence of a value and also converts nicely to an empty string (as opposed to an empty array).
Commits
-------
a9c28ff [Console] Fix default value handling for multi-value options
The default value for array options will be an array, so it is not suitable to use as the default when processing one of many values for a multi-value option. Using null seems appropriate here, as it indicates the absence of a value and also converts nicely to an empty string (as opposed to an empty array).
Fixes#7689
This PR was merged into the 2.1 branch.
Discussion
----------
Disabled APC on Travis for PHP 5.5+ as it is not available
As APC is not available, PHP triggers a warning when trying to load the extension, which lead to many test failures.
Commits
-------
6084176 Disabled APC on Travis for PHP 5.5+ as it is not available
This PR was merged into the 2.1 branch.
Discussion
----------
[HttpFoundation] do not use server variable PATH_INFO
because it is already decoded (see http://www.ietf.org/rfc/rfc3875) and thus symfony is fragile to double encoding of the path. This is not really a security issue (in contrast to a [previous problem](http://symfony.com/blog/security-release-symfony-2-0-20-and-2-1-5-released)) but when using the apacherequest, one could access pages with double encoded characters although the path should not match.
BC break: no
tests pass: yes
Commits
-------
d552e4c [HttpFoundation] do not use server variable PATH_INFO because it is already decoded and thus symfony is fragile to double encoding of the path
This PR was merged into the 2.2 branch.
Discussion
----------
[HTTPFoundation] Fix download over SSL using IE < 8 and binary file response
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
related to #7153
Commits
-------
4c51ec7 Fix download over SSL using IE < 8 and binary file response
This PR was merged into the 2.2 branch.
Discussion
----------
[Console] Fix merging of application definition
Fixes#7068, replaces #7158 - the fix there introduces a regression and always shows the application arguments in the commands help (i.e. it lists "command" as an argument to every command, except list because it overrides getNativeDefinition).
Commits
-------
46909fa [Console] Fix merging of application definition, fixes#7068, replaces #7158
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#7643).
Discussion
----------
[WebProfilerBundle] fixed output of bag values
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7540
| License | MIT
| Doc PR | -
Call json_encode with flags: JSON_UNESCAPED_SLASHES and
JSON_UNESCAPED_UNICODE
Commits
-------
7ee8b10 [WebProfilerBundle] fixed output of bag values
Fabien Potencier
Kristen Gilden
Pascal Borreli
Iltar van der Berg
Luis Cordova
Andrew Coulton
Michel Weimerskirch
Benjamin Paap
77web
Tóth Gábor
Jeremy Mikola
Uwe Jäger
Gábor Egyed
Christophe Coevoet
Tobias Schultze
Nicolas Le Goff
Jordi Boggiano
