* schmittjoh/security:
[Security] added method to retrieve the configured remember-me parameter
[Security] Copy token attributes when auth providers create a new token from another
* cristiangsp/Translation_FallbackLocale:
[Translation] Modified Translation unit test "testTransWithFallbackLocale"
[Translation] Fixed the addition of the fallbackLocale catalogue to the current locale catalogue.
[Translation] Added search to FallbackLocale Catalogue.
Now the test shows the behavior when is requested a translation to an undefined locale catalogue and, therefore, the fallbacklocale catalogue must be queried. The original test function only checks the step to reach the language catalog not to the fallbacklocale one (even the fallbacklocale isn't set). This test gives error in the current version of symfony/symfony.
PreAuthenticatedAuthenticationProvider and UserAuthenticationProvider tend to copy a token instead of modifying it during their authenticate() methods, which is probably a good idea if the token might be immutable. Ensure that the token's attributes get copied along with everything else.
According to ResponseHeaderBag::computeCacheControlValue(), a response with an ETag but no explicit Cache-Control header should have a sensible Cache-Control of "private, must-revalidate" set. According to Response::isCacheable(), a response that includes a private Cache-Controls is not considered cacheable. Therefore, in order for this test response to be cacheable and stored, it requires an explicit Cache-Control of public.
Without this patch, if you call __toString() on a Response,
the content-type auto-detection would never be trigerred
as __toString() changes the default content-type.
I had thought that this was unnecessary - when would you ever want to just let "extra" options fail silently?
But, the SecurityExtension takes advantage of this by creating two separate config trees. The first tree looks for just one particular value on the configuration array and ignores the rest. So, there *is* a use-case for allowing all extra fields to simply be ignored, though this should not be the norm.
We decided that this is not necessary and that it's leaving too many things wide open. Instead, in these cases where we have an array with unknown items, a prototype should be used.
Further functionality will need to be added later to allow you to specify a few nodes that you *do* know about under an array and then also specify a prototype to catch everything else.
This is *usually* what you want (and is defaulted this way). If you have an entry in an array *just* so it can become the key to that entry later, then you shouldn't normally still need it in the resulting array.
The importance of this comes in with validation. Since we're throwing an exception if you have any unrecognized options, the presence of the "key" field in the resulting array will cause issues when it's not needed.
This commit breaks functional tests in Symfony\Component\HttpKernel\HttpCache\HttpCacheTest.php. I tried to fix functional tests but I didn\'t manage to. For your information, the "try { } catch" block in the HttpKernel\HttpCache::lookup() method seems strange because I suspect line 274 to never leverage any exception...
How to upgrade?
For XML configuration files:
* All extensions should now use the config tag (this is just a convention as
the YAML configurations files do not use it anymore):
* The previous change means that the doctrine and security bundles now are
wrapped under a main "config" tag:
<doctrine:config>
<doctrine:orm />
<doctrine:dbal />
</doctrine:config>
<security:config>
<security:acl />
...
</security:config>
For YAML configuration files:
* The main keys have been renamed as follows:
* assetic:config -> assetic
* app:config -> framework
* webprofiler:config -> web_profiler
* doctrine_odm.mongodb -> doctrine_mongo_db
* doctrine:orm -> doctrine: { orm: ... }
* doctrine:dbal -> doctrine: { dbal: ... }
* security:config -> security
* security:acl -> security: { acl: ... }
* twig.config -> twig
* zend.config -> zend