* 2.1:
Options small typo
[Console] fixed unparsed StringInput tokens
[TwigBridge] fixed trans twig extractor
[DomCrawler] fix handling of schemes by Link::getUri()
[Console] Fixed comment
[TwigBridge] fixed the translator extractor that were not trimming the text in trans tags (closes#7056)
Fixed handling absent href attribute in base tag
added a DebuClassLoader::findFile() method to make the wrapping less invasive
fixed CHANGELOG
bumped Symfony version to 2.1.9-DEV
updated VERSION for 2.1.8
updated CHANGELOG for 2.1.8
StringInput resets the given options.
Conflicts:
src/Symfony/Component/HttpKernel/Kernel.php
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#7224).
Commits
-------
801a71f [Console] Options small typo
Discussion
----------
[Console] Fix small Options typo
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| License | MIT
This PR was merged into the 2.1 branch.
Commits
-------
5b19c89 [Console] fixed unparsed StringInput tokens
635b1fc StringInput resets the given options.
Discussion
----------
[Console] fixes unparsed StringInput tokens
`StringInput` instances call `setToken` after constructor, `parse` method is called in constructor, so `StringInput` tokens where never parsed.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6749
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#6482).
Commits
-------
f3e227a Mask PHP_AUTH_PW header in profiler
Discussion
----------
Mask PHP_AUTH_PW header in profiler
---------------------------------------------------------------------------
by fabpot at 2012-12-27T17:39:26Z
Not sure about this one. Having public access to the web profiler in the production environment is really bad anyway. There is a ton of information that could help an attacker. So, just hiding this specific bit of information won't make it better.
---------------------------------------------------------------------------
by lmcd at 2012-12-27T18:04:45Z
A few scenarios are suggested here where a developer might want the profiler switched on in production: http://symfony.com/doc/current/book/internals.html
I'm talking specifically about someone gaining malicious access to the filesystem. Ripping database tables are somewhat ineffective at stealing user credentials, considering passwords are usually securely hashed nowadays. But the profiler database would have usernames/passwords just sitting there in plaintext.
I know there is lots of information there to aid an attacker, but so is there in most databases (IP addresses, useragents, names, email addresses etc) - but passwords are widely accepted as the *one* thing that should *never* just be stored in plaintext.
This PR was merged into the 2.2 branch.
Commits
-------
da22926 [Validator] gracefully handle transChoice errors
Discussion
----------
[Validator] gracefully handle transChoice errors
This validator annotation was throwing an error for me:
```
/** @Assert\Length(min=6, minMessage="Must be 6 characters") */
```
To avoid this error in the current code I would need to provide a message template that accommodates the minimum length being 1, even though that's not the case.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ~
| License | MIT
| Doc PR | ~
---------------------------------------------------------------------------
by kriswallsmith at 2013-02-25T19:41:51Z
ping @fabpot
Any thoughts on this change? Having to provide a transChoice template when you know what the pluralization is going to be is a pain in the neck.
---------------------------------------------------------------------------
by kriswallsmith at 2013-02-25T19:42:11Z
ping @bschussek too :)
---------------------------------------------------------------------------
by fabpot at 2013-02-25T19:57:08Z
I'm +1 for this change. What do you think @bschussek?
---------------------------------------------------------------------------
by vicb at 2013-02-26T10:44:33Z
Would this be a common enough use case to be pushed to the translator ?
This PR was squashed before being merged into the 2.1 branch (closes#7206).
Commits
-------
bae83c7 [TwigBridge] fixed trans twig extractor
Discussion
----------
[TwigBridge] fixed trans twig extractor
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6943
This PR was squashed before being merged into the 2.2 branch (closes#7212).
Commits
-------
f40adbc [Finder] adds adapter selection/unselection capabilities
Discussion
----------
[Finder] adds adapter selection/unselection capabilities
As we have many issues with the native finder adapter, it would be good to:
* permit selection of a particular adapter which will be choosed over the others until its unselection
* permit unselection of adapters to get the finder select trhe best on (by priority)
* have `PhpAdapter` selected by default
This PR adds 2 methods to the `Finder`:
* `setAdapter($adapter)`: selects an adapter by its name
* `useBestAdapter()`: tells the finder to select best adapter by their priority
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
---------------------------------------------------------------------------
by jfsimon at 2013-02-28T14:05:25Z
@fabpot I just applied all your good advices, there was no bad one :)
This PR was merged into the 2.1 branch.
Commits
-------
8f8ba38 [DomCrawler] fix handling of schemes by Link::getUri()
Discussion
----------
[DomCrawler] fixed handling of schemes by Link::getUri()
A link (anchor tag with an href attr) in pages crawled by the Crawler
can contain any valid URI, including mailto: links.
Currently this is not correctly supported by `Link::getUri`.
Schemes that do not start with 'http' are treated as relative URIs
and appenden to the base URI. This leads to strange URIs like this:
http://foo.com/mailto:foo@bar.com
Fixed `Link::getUri` to treat any URI with a schema part as an
absolute URL. Updated the unit tests to test for this.
---------------------------------------------------------------------------
by matthijsvandenbos at 2013-02-28T11:55:18Z
Ok, I will update the pull request
---------------------------------------------------------------------------
by matthijsvandenbos at 2013-02-28T12:25:45Z
Fixed
A link (anchor tag with an href attr) in crawled by the Crawler
can contain any valid URI, including mailto: links.
Currently this is not correctly supported by Link::getUri.
Schemes that do not start with 'http' are treated as relative URIs
and appenden to the base URI. This leads to strange URIs like this:
http://foo.com/mailto:foo@bar.com
Fixed Link::getUri to treat any URI with a schema part as an
absolute URL. Updated the unit tests to test for this.
This PR was merged into the 2.1 branch.
Commits
-------
0690709 added a DebuClassLoader::findFile() method to make the wrapping less invasive
Discussion
----------
added a DebuClassLoader::findFile() method to make the wrapping less invasive
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
i have classified it as a bug fix, since due to the wrapping it can break assumptions about the loaded class loader, so implementing this method at least doesnt break the assumption that ``findFile()`` is available.
actually i think we should also introduced a loader interface to reduce the duct typing
---------------------------------------------------------------------------
by stof at 2013-02-24T16:39:46Z
👎 for the interface:
- it would make the use of the autoloader more difficult (you would have to require the interface before requiring the loader)
- it would forbid using these wrappers with the composer ClassLoader
---------------------------------------------------------------------------
by digitalkaoz at 2013-02-24T19:16:36Z
mh, i think all autoloaders should follow a common interface, maybe its worth to think about a PSR?
---------------------------------------------------------------------------
by lsmith77 at 2013-02-24T19:27:27Z
ah I see
---------------------------------------------------------------------------
by stof at 2013-02-24T20:33:07Z
@digitalkaoz Such an interface would have to be in PHP itself, otherwise, you would have to require it first each time (as it cannot be autoloaded before registering the autoloader). And an autoloader in PHP is just a callable.
---------------------------------------------------------------------------
by digitalkaoz at 2013-02-24T20:47:10Z
Yes @stof, i know, but it would be nice if all autoloaders follows a common pattern , call it a convention ;)
This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes#7178).
Commits
-------
c41f640 [DomCrawler] Fixed handling absent href attribute in base tag
Discussion
----------
[DomCrawler] Fixed handling absent href attribute in base tag
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
# Description
The HTML5 spec states that the href attribute is optional for the
base tag. The current code causes an exception on conforming HTML.
Fixed the DomCrawler::addHtmlContent() method to support this.
Added Unit Test to check for this situation.
# Explanantion
Currently, if the base tag doesn't have an href attribute, the uri for the DomCrawler gets set to an empty string. This is incorrect behaviour, especially because it breaks DomCrawler::links(). The Symfony\Component\DomCrawler\Link objects it creates, expect a non-empty string in their constructor arguments and throw an InvalidArgumentException.
# References
http://www.w3.org/TR/html-markup/base.html#base.attrs.hrefhttp://www.whatwg.org/specs/web-apps/current-work/multipage/semantics.html#the-base-element
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#7188).
Commits
-------
3b2cb79 [Finder] fixed paths/notPaths regex for shell adapters
45b84c5 [Finder] fix issue 4911
Discussion
----------
[Finder] Fixes paths/notPaths issue with shell adapters
This PR is built upon #5128 from @gajdaw.
It fixes wrong handling of regex in `paths` and `notPaths` criteria by shell adapters.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #4911, #5128
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#7190).
Commits
-------
b2e9bdb [Finder] Adds expandable globs support to shell adapters
Discussion
----------
[Finder] Adds expandable globs support to shell adapters
As expandable globs, i mean glob following `*.{a,b}` syntax.
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6586
This PR was squashed before being merged into the 2.2 branch (closes#7189).
Commits
-------
850bd5a [HttpFoundation] Fixed messed up headers
Discussion
----------
[HttpFoundation] Fixed messed up headers
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
I ran into this when somewhere in our code the Response object was cast into a string. After that, when send()'ing the Response, the headers would be all mixed up. This is because the __toString in HeaderBag ksorts the headers, while the __toString in ResponseHeaderBag doesn't ksort the corresponding headerNames. This patch ksorts that one as well.
allPreserveCase() is new to 2.2, so this bug doesn't seem to affect earlier versions.
To be exact, this is where it got introduced: https://github.com/symfony/symfony/commit/63a228c45613bb
---------------------------------------------------------------------------
by Burgov at 2013-02-26T09:27:20Z
B.t.w. another option was to ksort a copy of the headers array in the ResponseBag and leaving the actual thing as-is. Not sure which one would be the best option?
This PR was submitted for the master branch but it was merged into the 2.2 branch instead (closes#7180).
Commits
-------
6a33bc2 [HttpKernel] Fixes AppCache + ESI + Stopwatch problem
Discussion
----------
[HttpKernel] Fixes AppCache + ESI + Stopwatch problem
There is a very special case when using builtin AppCache class as kernel wrapper, in the case of an ESI request leading to a `stale` response [B] inside a `fresh` cached response [A]. In this case, `$token` contains the [B] debug token, but the open `stopwatch` section ID is equal to the [A] debug token. Trying to reopen section with the [B] token throws an exception which must be caught.
| Q | A
| ------------- | ---
| Bug fix? | yes
| Bug mask? | no, does @vicb agree?
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6227, #6230
I tried to find a better solution than just wrapping thrown exceptions with `try/catch`, but IMHO the #6230 solution from @lsmith77 was in fine the best one. I just added some comments in the code to avoid the WTF reactions while reading it.
---------------------------------------------------------------------------
by vicb at 2013-02-25T16:51:51Z
@vicb never agrees :)
I don't have time to check this deeply now but I would like to see a UT.
Could your use case be expressed as "on nested terminate events" ?
---------------------------------------------------------------------------
by jfsimon at 2013-02-25T16:58:49Z
@vicb If I had an idea on how to write a conclusive test for that, I swear, it would be provided in this PR.
* 2.1:
Defined stable version point of Doctrine.
[HttpFoundation] Remove Cache-Control when using https download via IE<9 (fixes#6750)
Update composer.json
[Form] Fixed TimeType not to render a "size" attribute in select tags
[Form] Added test for "label" option to accept the value "0"
Expanded fault-tolerance for unusual cookie dates
Fix docblock type
[Form] Fixed "label" option to accept the value "0"
merged branch jfcixmedia/2.1 (PR #5838)
[DomCrawler] lowered parsed protocol string (fixes#6986)
Conflicts:
composer.json
src/Symfony/Bridge/Twig/Resources/views/Form/form_div_layout.html.twig
src/Symfony/Bundle/FrameworkBundle/Resources/views/Form/time_widget.html.php
src/Symfony/Bundle/FrameworkBundle/composer.json
src/Symfony/Component/Form/Tests/Extension/Csrf/EventListener/CsrfValidationListenerTest.php
src/Symfony/Component/Routing/composer.json
src/Symfony/Component/Security/composer.json
src/Symfony/Component/Validator/composer.json
This PR was merged into the 2.1 branch.
Commits
-------
06ebb0d Defined stable version point of Doctrine.
Discussion
----------
Defined stable version point of Doctrine.
As per @stof suggestion, updated 2.1 branch to define the stable version point for Doctrine libraries. @fabpot it's all yours! =)
```
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
```
This PR was squashed before being merged into the 2.1 branch (closes#7153).
Commits
-------
b2080c4 [HttpFoundation] Remove Cache-Control when using https download via IE<9 (fixes#6750)
Discussion
----------
[HttpFoundation] Remove Cache-Control when using https download via IE<9 (fixes#6750)
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6750
| License | MIT
| Doc PR |
This PR was merged into the 2.1 branch.
Commits
-------
b7bd630 [Form] Fixed TimeType not to render a "size" attribute in select tags
Discussion
----------
[Form] Fixed TimeType not to render a "size" attribute in select tags
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #6153
| License | MIT
| Doc PR | -
This PR was merged into the 2.1 branch.
Commits
-------
f0704aa Update composer.json
Discussion
----------
Update composer.json
Bump doctrine common dependency for symfony 2.1 users
---------------------------------------------------------------------------
by stof at 2013-02-22T17:32:25Z
@guilhermeblanco what about using ``~2.2`` as Doctrine keeps BC between minor versions ?