A link (anchor tag with an href attr) in crawled by the Crawler
can contain any valid URI, including mailto: links.
Currently this is not correctly supported by Link::getUri.
Schemes that do not start with 'http' are treated as relative URIs
and appenden to the base URI. This leads to strange URIs like this:
http://foo.com/mailto:foo@bar.com
Fixed Link::getUri to treat any URI with a schema part as an
absolute URL. Updated the unit tests to test for this.
This PR was merged into the 2.1 branch.
Commits
-------
0690709 added a DebuClassLoader::findFile() method to make the wrapping less invasive
Discussion
----------
added a DebuClassLoader::findFile() method to make the wrapping less invasive
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
i have classified it as a bug fix, since due to the wrapping it can break assumptions about the loaded class loader, so implementing this method at least doesnt break the assumption that ``findFile()`` is available.
actually i think we should also introduced a loader interface to reduce the duct typing
---------------------------------------------------------------------------
by stof at 2013-02-24T16:39:46Z
👎 for the interface:
- it would make the use of the autoloader more difficult (you would have to require the interface before requiring the loader)
- it would forbid using these wrappers with the composer ClassLoader
---------------------------------------------------------------------------
by digitalkaoz at 2013-02-24T19:16:36Z
mh, i think all autoloaders should follow a common interface, maybe its worth to think about a PSR?
---------------------------------------------------------------------------
by lsmith77 at 2013-02-24T19:27:27Z
ah I see
---------------------------------------------------------------------------
by stof at 2013-02-24T20:33:07Z
@digitalkaoz Such an interface would have to be in PHP itself, otherwise, you would have to require it first each time (as it cannot be autoloaded before registering the autoloader). And an autoloader in PHP is just a callable.
---------------------------------------------------------------------------
by digitalkaoz at 2013-02-24T20:47:10Z
Yes @stof, i know, but it would be nice if all autoloaders follows a common pattern , call it a convention ;)
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#7178).
Commits
-------
c41f640 [DomCrawler] Fixed handling absent href attribute in base tag
Discussion
----------
[DomCrawler] Fixed handling absent href attribute in base tag
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
# Description
The HTML5 spec states that the href attribute is optional for the
base tag. The current code causes an exception on conforming HTML.
Fixed the DomCrawler::addHtmlContent() method to support this.
Added Unit Test to check for this situation.
# Explanantion
Currently, if the base tag doesn't have an href attribute, the uri for the DomCrawler gets set to an empty string. This is incorrect behaviour, especially because it breaks DomCrawler::links(). The Symfony\Component\DomCrawler\Link objects it creates, expect a non-empty string in their constructor arguments and throw an InvalidArgumentException.
# References
http://www.w3.org/TR/html-markup/base.html#base.attrs.hrefhttp://www.whatwg.org/specs/web-apps/current-work/multipage/semantics.html#the-base-element
This PR was merged into the 2.1 branch.
Commits
-------
06ebb0d Defined stable version point of Doctrine.
Discussion
----------
Defined stable version point of Doctrine.
As per @stof suggestion, updated 2.1 branch to define the stable version point for Doctrine libraries. @fabpot it's all yours! =)
```
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
```
This PR was squashed before being merged into the 2.1 branch (closes#7153).
Commits
-------
b2080c4 [HttpFoundation] Remove Cache-Control when using https download via IE<9 (fixes#6750)
Discussion
----------
[HttpFoundation] Remove Cache-Control when using https download via IE<9 (fixes#6750)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6750
| License | MIT
| Doc PR |
This PR was merged into the 2.1 branch.
Commits
-------
b7bd630 [Form] Fixed TimeType not to render a "size" attribute in select tags
Discussion
----------
[Form] Fixed TimeType not to render a "size" attribute in select tags
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6153
| License | MIT
| Doc PR | -
This PR was merged into the 2.1 branch.
Commits
-------
f0704aa Update composer.json
Discussion
----------
Update composer.json
Bump doctrine common dependency for symfony 2.1 users
---------------------------------------------------------------------------
by stof at 2013-02-22T17:32:25Z
@guilhermeblanco what about using ``~2.2`` as Doctrine keeps BC between minor versions ?
This PR was merged into the 2.1 branch.
Commits
-------
00fbb7e [Form] Added test for "label" option to accept the value "0"
Discussion
----------
[Form] Added test for "label" option to accept the value "0"
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6862
| License | MIT
| Doc PR | -
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#7149).
Commits
-------
0c25d41 Expanded fault-tolerance for unusual cookie dates
Discussion
----------
Expanded fault-tolerance for unusual cookie dates
Building on pull #1793, this resolves situations where the Cookie's date field uses a numeric month. Also, expanding on the 7 most typical formats we fall-back to date_create() before throwing an exception.
---------------------------------------------------------------------------
by vicb at 2013-02-21T17:30:28Z
Please add some unit tests for the new formats.
---------------------------------------------------------------------------
by ecaron at 2013-02-21T18:06:46Z
Sorry for neglecting the unit tests, they've been updated (2 matching new common date formats, 1 uncommon date format, and changing the existing bad-date check to be more realistically bad.)
I also changed from strtotime to date_create to match the existing DateTime::createFromFormat check (although in my cookiejar analysis leading to this pull requests, all the cookies I'd encountered had timezones in them.) I'm using date_create vs. constructing a DateTime so I can immediately rely on the return value.
---------------------------------------------------------------------------
by ecaron at 2013-02-21T18:21:03Z
@vicb The two Travis failures are against the master branch unrelated to my changes. Should I retarget this pull against 2.3, or what would you advise to get this pull accepted?
---------------------------------------------------------------------------
by vicb at 2013-02-21T19:40:59Z
The Travis failure come for a bug in PHPUnit (there is a Sf issue for that).
There is no 2.3 branch yet (devs happen in master).
@fabpot will decide wether this should be considered a a fix (and merge to former releases) or an enhancement which will be merged to 2.3.
_(Could you please update the PR header which still refers to strtotime, thanks)_
---------------------------------------------------------------------------
by fabpot at 2013-02-21T21:37:15Z
This should probably go into 2.0. Also, do you have a reference where those 7 formats are explained/described?
---------------------------------------------------------------------------
by ecaron at 2013-02-21T23:10:38Z
@fabpot I couldn't find a reference because the cookies that we're addressing are ones that are behaving outside the spec (at least what I understand from http://curl.haxx.se/rfc/cookie_spec.html), as pull #1793 began to address and this continues. The cases that I've added are ones that I have encountered over the weeks of using BrowserKit and Goutte.
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#7151).
Commits
-------
766e987 Fix docblock type
Discussion
----------
Fix docblock type
This PR was merged into the 2.0 branch.
Commits
-------
f8812b2 [Form] Fixed "label" option to accept the value "0"
Discussion
----------
[Form] Fixed "label" option to accept the value "0"
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6862
| License | MIT
| Doc PR | -
@fabpot: This commit will cause troubles when merging 2.0 into 2.1 and up. Tell me if you need help upon conflict resolution.
This PR was squashed before being merged into the master branch (closes#5838).
Commits
-------
201f3e6 [Form] Fixed cannot unset string offsets in CsrfValidationListener
Discussion
----------
[Form] Fixed cannot unset string offsets in CsrfValidationListener
Bug fix: yes
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: yes
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
A php fatal error is happening when someone rewrite the entire form data for an object with a single input.
```
Fatal error: Cannot unset string offsets in vendor/symfony/symfony/src/Symfony/Component/Form/Extension/Csrf/EventListener/CsrfValidationListener.php on line 72
```
Example:
```html
<form action="/app_dev.php/post/create" method="post" >
<div id="posttype">
<div>
<label for="posttype_name" class="required">Name</label>
<input type="text" id="posttype_name" name="posttype[name]" required="required" maxlength="255" />
</div>
<div>
<label for="posttype_text" class="required">Text</label>
<textarea id="posttype_text" name="posttype[text]" required="required"></textarea>
</div>
<input type="hidden" id="posttype__token" name="posttype[_token]" value="83a1617c694fbdea43c2527f1a55c7419ce82a42" /></div>
<p>
<button type="submit">Create</button>
</p>
</form>
```
If someone alters the html to add a simple input at the bottom of the form like this one:
```html
<input type="text" id="posttype" name="posttype" value="test123" />
```
The result will be a php fatal error.
---------------------------------------------------------------------------
by bschussek at 2012-10-26T09:49:05Z
Thank you for the pull request! Could you please reference the pull request in the test?
```php
// https://github.com/symfony/symfony/pull/5838
public function testStringFormData()
{
...
```
---------------------------------------------------------------------------
by jfcixmedia at 2012-10-26T10:21:29Z
@bschussek Added, thanks.
This PR was merged into the 2.1 branch.
Commits
-------
3e40c17 [HttpKernel] fixed locale management when exiting sub-requests
Discussion
----------
[HttpKernel] fixed locale management when exiting sub-requests
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7063
| License | MIT
| Doc PR | n/a
This fix is temporary as #7007 will fix it properly in Symfony 2.3.
---------------------------------------------------------------------------
by vicb at 2013-02-17T20:17:44Z
changelog ?
---------------------------------------------------------------------------
by fabpot at 2013-02-17T20:27:22Z
The changelogs are updated when we release a new version only.
---------------------------------------------------------------------------
by stof at 2013-02-17T20:41:00Z
@fabpot the intl locale should be reset to the right value too
---------------------------------------------------------------------------
by stof at 2013-02-17T20:42:31Z
hmm sorry, I missed the fact that you are changing the locale in the Request again, which will set the intl one
This PR was merged into the 2.0 branch.
Commits
-------
179cd58 [Process] Fix regression introduced in #6620 / 880da01c49, fixes#7082
Discussion
----------
[Process][2.0] getcwd failure fix
Fix regression introduced in #6620Fixes#7082
For reference, here is the current behavior I saw:
PHP 5.4.11, windows:
```
5.4.11\php.exe -r "chdir('c:\\'); var_dump(getcwd()); $p = proc_open('pwd', [['pipe', 'r'], ['pipe', 'w'], ['pipe', 'w']], $pipes, null); var_dump(stream_get_contents($pipes[1]));"
string(3) "C:\\"
string(14) "/c/Users/seld\n"
```
(I use pwd which is a unix util so it dumps a funny path, but don't look at that)
PHP 5.5alpha4, windows (seems fixed):
```
5.5.0a4\php.exe -r "chdir('c:\\'); var_dump(getcwd()); $p = proc_open('pwd', [['pipe', 'r'], ['pipe', 'w'], ['pipe', 'w']], $pipes, null); var_dump(stream_get_contents($pipes[1]));"
string(3) "C:\"
string(3) "/c\n"
```
PHP 5.3.10, ubuntu:
```
php -r "chdir('/'); var_dump(getcwd()); \$p = proc_open('pwd', array(array('pipe', 'r'), array('p
ipe', 'w'), array('pipe', 'w')), \$pipes, null); var_dump(stream_get_contents(\$pipes[1]));"
string(1) "/"
string(2) "/\n"
```
Since the permission issue that #6620 originally was fixing is most likely not gonna happen on windows, this seems like a safe enough compromise. Ideally a check for PHP<5.5 should be introduced, but I would like to be sure it's been fixed and is not just a lucky coincidence (/cc @PierreJoye)
I would recommend merging fast and maybe adding the version check later, since it breaks composer create-project on windows. The workaround being: cd in the dir and run `composer install` again to finalize the project setup.
---------------------------------------------------------------------------
by vicb at 2013-02-17T20:12:17Z
Thanks @Seldaek !
Would you mind creating an issue for the version check so that it doesn't get lost ?
---------------------------------------------------------------------------
by Seldaek at 2013-02-18T10:43:56Z
@vicb done.
---------------------------------------------------------------------------
by vicb at 2013-02-18T11:45:16Z
thanks !
This PR was merged into the 2.1 branch.
Commits
-------
18b139d [FrameworkBundle] tweaked reference dumper command (see #7093)
Discussion
----------
[FrameworkBundle] tweaked reference dumper command (see #7093)
The same as #7093 just for 2.1.
This PR was submitted for the 2.2 branch but it was merged into the 2.1 branch instead (closes#7092).
Commits
-------
187645f Fix REMOTE_ADDR for cached subrequests
Discussion
----------
[HttpKernel/HttpCache] Fix "REMOTE_ADDR" for cached subrequests
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | none that I know of
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | 7091
| License | MIT
I moved the code that modifies the REMOTE_ADDR variable further up the chain so that cached subrequests also receive the local IP address. Before, only new subrequests received the local IP address and cached ones received the original IP, which made "validateRequest" in FragmentListener fail.
Please review. I'm not sure about side-effects of this patch, including possible security issues.
Fixes #7091
---------------------------------------------------------------------------
by bamarni at 2013-02-16T11:49:27Z
@fabpot rejected setting this on the master request, so you should do it on the ```forward()``` method instead.
---------------------------------------------------------------------------
by mweimerskirch at 2013-02-16T12:13:46Z
@bamarni @fabpot done
This PR was merged into the 2.1 branch.
Commits
-------
5e8d844 [Process] Warn user with a useful message when tmpfile() failed
Discussion
----------
[Process] Warn user with a useful message when tmpfile() failed
Simple warning so users know what's going on instead of getting a proc_open error, see composer/composer#1581.
Can't get the PR template since ~~symfony.com~~ my dns resolver is dead :)
This PR was merged into the 2.0 branch.
Commits
-------
4ce9ac3 [EventDispatcher] Added assertion.
Discussion
----------
[EventDispatcher] Added assertion
re #7023, I think it actually makes sense to add an assertion here. It reveals the intent of the test (listener is not removed).
---------------------------------------------------------------------------
by vicb at 2013-02-10T11:32:06Z
I don't think the assertion would fail with the former code, would it ?
---------------------------------------------------------------------------
by vicb at 2013-02-10T11:34:30Z
I mean an error would be generated even before the assertion.
---------------------------------------------------------------------------
by jakzal at 2013-02-10T11:37:05Z
Yes, it would fail before getting to the assertion with: *Object of class Closure could not be converted to int*.
However, this is something good to test for (and document - test is a documentation). We're not checking if type is taken into account in other tests. This test might still fail if code inside removeListener() changed.
---------------------------------------------------------------------------
by vicb at 2013-02-10T11:42:29Z
I don't really understand your point and think it is a bit useless here but I am not against your change - I don't argue that test is doc though.
---------------------------------------------------------------------------
by jakzal at 2013-02-10T15:38:09Z
Assertion is indeed useless for the bug you discovered and fixed. I think it's still worth to have it there for other reason:
* test readability and completeness - with an assertion it's more clear that we don't expect the listener to be removed with the `removeListener()` call if passed argument doesn't match the one added before
If you still don't see my point just close this PR :)
---------------------------------------------------------------------------
by vicb at 2013-02-10T17:34:35Z
What I mean is that you are unit testing php and it is not a job for sf. So it is not strictly required but as it doesn't hurt, let's merge your change.
Jakub Zalas <notifications@github.com> wrote:
>Assertion is indeed useless for the bug you discovered and fixed. I
>think it's still worth to have it there for other reason:
>* test readability and completeness - with an assertion it's more clear
>that we don't expect the listener to be removed with the
>`removeListener()` call if passed argument doesn't match the one added
>before
>
>If you still don't see my point just close this PR :)
>
>
>---
>Reply to this email directly or view it on GitHub:
>https://github.com/symfony/symfony/pull/7038#issuecomment-13351469
This PR was submitted for the 2.2 branch but it was merged into the 2.1 branch instead (closes#7034).
Commits
-------
1fdded5 [HttpKernel] added support for the X-Forwarded-For header (closes#6982, closes#7000)
be65d7c [HttpKernel] fixed the IP address in HttpCache when calling the backend
Discussion
----------
Make HttpCache behaves more like a real reverse proxy
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6982, #7000
| License | MIT
| Doc PR | n/a
---------------------------------------------------------------------------
by bendavies at 2013-02-10T00:55:29Z
Awesome, thanks Fabien. should this not target 2.0/2.1?
