Commits
-------
11b6156 updated unittest
a931e21 get correct client IP from X-forwarded-for header
Discussion
----------
[HttpFoundation] Get correct client IP when using trusted proxy (Varnish)
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
Note: This is reopened PR #2686 for 2.0 branch.
If using trusted proxy (Varnish, ...) the client IP must be identified from X-Forwarded-For header. The header has de-facto standard format:
X-Forwarded-For : client1, proxy1, proxy2,
where the value is a comma+space separated list of IP addresses, the left-most being the farthest downstream client, and each successive proxy that passed the request adding the IP address where it received the request from. See: http://en.wikipedia.org/wiki/X-Forwarded-For
Function getClientIp should return only one client IP, not a list of all nonimportant IPs as it's now. Similar example can be seen in Cake framework: http://api.cakephp.org/view_source/request-handler-component/#line-477
There are many ways how to chose the first IP from X-Forwarded-For header. Any other faster and more reliable way is welcome.
Commits
-------
b6bf018 tweaked error handling for the forward compatibility
dd606b5 added note about the purpose of this class
c1426ba added locale handling forward compatibility
10eed30 added MessageDataCollector forward compatibility
Discussion
----------
Forward compat
Bug fix: no
Feature addition: yes
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: #2522
Commits
-------
269a5e6 Added the ablity to get a requests ContentType
Discussion
----------
Added getContentType
I've added the ability for Symfony\Component\HttpFoundation\Request to return the ContentType from serverBag this uses the $formats array to determine if the requested ContentType is valid.
---------------------------------------------------------------------------
by ericclemmons at 2011/11/03 20:00:51 -0700
Have you considered squashing a couple of your commits? They seem doubled up.
Trivial, I know, but it will make each commit stand on its own (instead of appearing as a typo correction)
---------------------------------------------------------------------------
by thomasbibb at 2011/11/04 02:02:36 -0700
done.
---------------------------------------------------------------------------
by ericclemmons at 2011/11/04 07:25:20 -0700
You may need to do a `git push -f origin master`. Check the commits tab to see the duplicate history:
> https://github.com/symfony/symfony/pull/2559/commits
Wheeeee, rebasing is fun!
---------------------------------------------------------------------------
by thomasbibb at 2011/11/04 12:26:06 -0700
There we got thats better :)
---------------------------------------------------------------------------
by ericclemmons at 2011/11/04 12:55:07 -0700
👍 Now let's see if it gets approved by @fabpot :)
---------------------------------------------------------------------------
by thomasbibb at 2011/11/06 03:39:12 -0800
I've removed the space between the method name and the parenthesis.
---------------------------------------------------------------------------
by thomasbibb at 2011/11/06 04:05:15 -0800
done.
---------------------------------------------------------------------------
by fabpot at 2011/11/06 23:44:22 -0800
Can you added some unit tests?
The locale management does not require sessions anymore.
In the Symfony2 spirit, the locale should be part of your URLs. If this is the case
(via the special _locale request attribute), Symfony will store it in the request
(getLocale()).
This feature is now also configurable/replaceable at will as everything is now managed
by the new LocaleListener event listener.
How to upgrade:
The default locale configuration has been moved from session to the main configuration:
Before:
framework:
session:
default_locale: en
After:
framework:
default_locale: en
Whenever you want to get the current locale, call getLocale() on the request (was on the
session before).
Commits
-------
007e395 do not set a default CONTENT_TYPE for PATCH
fa2c027 Added support for the PATCH method
Discussion
----------
[2.1] [HttpFoundation] Added support for the PATCH method
http://tools.ietf.org/html/rfc2068#section-19.6.1.1http://tools.ietf.org/html/rfc5789
---------------------------------------------------------------------------
by Seldaek at 2011/08/07 03:23:20 -0700
According to the spec it seems that PATCH requests shouldn't be of application/x-www-form-urlencoded content-type so it shouldn't match the first if, and in the second it's probably wrong to default to application/x-www-form-urlencoded, no?
---------------------------------------------------------------------------
by lsmith77 at 2011/08/07 03:31:48 -0700
Hmm you are right. I assumed the diff would be encoded as ``application/x-www-form-urlencoded`` but there indeed is no indication of that in the spec. But given that the second case would still need some sort of handling for PATCH, just not sure what exactly ``$defaults['CONTENT_TYPE']`` should be set to.
---------------------------------------------------------------------------
by Seldaek at 2011/08/07 03:48:53 -0700
As I understand it, a PATCH request must specify a content-type or it's invalid, so we could just skip the second behavior if no content-type is present.
As your first link says:
The list of differences is in a format defined by the media type of the entity (e.g.,
"application/diff") and MUST include sufficient information to allow
the server to recreate the changes necessary to convert the original
version of the resource to the desired version.
Sounds like PATCH is highly application specific, and not so standardized, probably because it's not very useful for most purposes.
---------------------------------------------------------------------------
by lsmith77 at 2011/08/07 04:02:43 -0700
Yes, but to me this means that the patch is actually correct aside from the fact that its setting a default Content-Type, which I just corrected (not sure if this use of switch is ok with our coding style). Now if the Content-Type does end up being ``application/x-www-form-urlencoded`` then I would say its correct to decode it.
