This PR was merged into the 2.2 branch.
Discussion
----------
replaced deprecated Twig features
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
As Symfony depends on Twig 1.11+, removing the usage of deprecated features will allow Symfony 2.2+ to work with Twig 2.0.
Commits
-------
322f880 replaced deprecated Twig features
This PR was merged into the 2.2 branch.
Discussion
----------
[Form] Removed the "disabled" attribute from the placeholder option in select fields due to problems with the BlackBerry 10 browser
| Q | A
| ------------- | ---
| Bug fix? | yes (together with #8623)
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #7678#8478#8526
| License | MIT
| Doc PR | -
Commits
-------
97cbb19 [Form] Removed the "disabled" attribute from the placeholder option in select fields due to problems with the BlackBerry 10 browser
This PR was merged into the 2.2 branch.
Discussion
----------
[Routing] add ability for apache matcher to handle array values
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8567
Commits
-------
c138304 [routing] added ability for apache matcher to handle array values
This PR was merged into the 2.2 branch.
Discussion
----------
removed dead code and fixed CS
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
Commits
-------
7d58147 removed dead code and fixed CS
This PR was squashed before being merged into the 2.2 branch (closes#8421).
Discussion
----------
[Validator] fixed ConstraintViolation::$propertyPath incorrect when nested
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8351
| License | MIT
In nested constraints, the property path will be overwritten in the context (as there would be a recursive call to CollectionValidotor when nested). Reason is, in ConstraintValidatorFactory object is loaded from memory if exists and context is initialized with the new context. So, other constraints after the nested constraints PropertyPath would be wrong.
So I think better create a new object for CollectionValidator always.
see this https://gist.github.com/alexkappa/5851274
It shows [name][email] even though the email is not under the name node.
Commits
-------
28e0709 [Validator] fixed ConstraintViolation:: incorrect when nested
This PR was merged into the 2.2 branch.
Discussion
----------
[Validator] Fixed groups argument misplace for validateValue method from validator class
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
Signature of validateValue method in ExecutionContext Class is this.
```
public function validateValue($value, $constraints, $subPath = '', $groups = null)
```
But this was called wrongly in Validator Class.
Commits
-------
d3eb9b7 [Validator] Fixed groups argument misplace for validateValue method from validator class
This PR was merged into the 2.2 branch.
Discussion
----------
[DependencyInjection] Add exception for service name not dumpable in PHP
| Q | A
| ------------- | ---
| Bug fix? | no
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8485#8030
| License | MIT
| Doc PR | n/a
Throws an exception when the DIC is dumped to PHP, before generating invalid PHP.
The regex comes from the PHP doc: http://www.php.net/manual/en/language.oop5.basic.php
Commits
-------
242b318 [DependencyInjection] Add exception for service name not dumpable in PHP
This PR was merged into the 2.2 branch.
Discussion
----------
[Security] fixed issue where x509 authentication clears unrelated tokens
| Q | A
| ------------- | ---
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | #8226
| License | MIT
| Doc PR | symfony/symfony-docs#2825
| Notes | Replaces PR #8283
TODO:
- [x] Feedback on change to make sure security is not affected
- [x] Fix other authentication listeners (they suffer the same problem)
- [x] Write unit tests for bug and maybe a few listener classes as well
This pull request is the summary of the problem mentioned in the ticket above.
It only fixes the "disappearing token" problem for one authentication provider, not all. If acceptable, the change needs to be applied to all authentication listeners since they always clear all tokens from the security context.
Commits
-------
2317443 [Security] fixed issue where authentication listeners clear unrelated tokens
This commit fixes an issue where authentication listeners clear all security tokens in case of authentication failure.
This behavior makes it impossible to combine certain authentication mechanisms, notably x509 with form-based login.
