Commits
-------
908a7a3 [HttpFoundation] Fix bug in clearCookie/removeCookie not clearing cookies set with a default '/' path, unless it was explicitly specified
Discussion
----------
[HttpFoundation] Fix bug in clearCookie/removeCookie not clearing cookies
[HttpFoundation] Fix bug in clearCookie/removeCookie not clearing cookies set with a default '/' path, unless it was explicitly specified
---------------------------------------------------------------------------
by Seldaek at 2011/08/02 10:31:44 -0700
The reason is that Cookie::__construct defaults to '/' btw, so if you don't specify it, and then call clearCookie without specifying again, the paths don't match.
---------------------------------------------------------------------------
by Koc at 2011/08/07 00:06:13 -0700
I think that correctrly use base path. Is it possible?
For example we have 2 apps
* site.com/app1/index.php
* site.com/app2/index.php
and app2 will remove cookies of app1
---------------------------------------------------------------------------
by Seldaek at 2011/08/07 02:58:10 -0700
IMO if people want that they should specify the path manually, by default cookies are always set for the entire host and I think it should stay like that.
---------------------------------------------------------------------------
by Koc at 2011/08/07 04:26:47 -0700
It is hard to specify path manually everywhere when set/remove cookies.
---------------------------------------------------------------------------
by Seldaek at 2011/09/27 07:01:43 -0700
@fabpot: ping? You said this was ok, but it was never merged.
Commits
-------
022a9a7 [Security] Make saving target_path extendible
Discussion
----------
[Security] Make saving target_path extendible
The problem lies in how Security component handles ``target_path`` - the latest request URI is always stored. This can lead to problems in following scenarios:
a) The response type of the request is not HTML (think JSON, XML ..)
b) The URI matches a route that does not listen to HTTP GET
I opened a [PR](https://github.com/symfony/symfony/pull/604) months ago, to partly solve scenario A, which did not make it. Now I am proposing a different solution - user can extend ``ExceptionListener`` and override the logic behind setting the ``target_path`` to match his precise needs.
In my simplified scenario, I would be using:
```
protected function setTargetPath(Request $request)
{
if ($request->isXmlHttpRequest() || 'GET' !== $request->getMethod()) {
return;
}
$request->getSession()->set('_security.target_path', $request->getUri());
}
```
@Seldaek, @schmittjoh, @lsmith77, thoughts?
---------------------------------------------------------------------------
by Seldaek at 2011/09/21 02:37:02 -0700
Seems like a better solution for flexibility's sake. Would be quite awesome if you could add a cookbook entry to symfony/symfony-docs about this, otherwise I'm afraid we'll have to explain it over and over again :)
---------------------------------------------------------------------------
by helmer at 2011/09/21 03:38:57 -0700
[Cookbook](b22c5e666e) entry done. Perhaps though I rushed ahead ..
---------------------------------------------------------------------------
by Seldaek at 2011/09/21 03:52:01 -0700
Thanks. You can already do a pull request against symfony-docs, just reference this pull request in it so it's not merged before this is merged.
Commits
-------
95dc7e1 Fixed fourth argument of Filesystem->mirror()
Discussion
----------
Fixed fourth argument of Filesystem->mirror()
See #2027 and #2033 for discussion.
@fabpot said that we don't want to use symlink at all on Windows so if this is confirmed, we should also change ``Filesystem->symlink()`` implementation.
---------------------------------------------------------------------------
by alexandresalome at 2011/09/16 08:29:40 -0700
Tested on Windows, OK for me
* EvanK-patch-1:
Per the [documentation][1], the `NotBlank` constraint should be using the `empty` language construct, otherwise it will not trigger on, for example, a boolean false from an unchecked checkbox field.
Doctrine caches annotations. For methods, it uses PHP reflection and the getDeclaringClass() to create
a unique cache key. Unfortunately, if you have 2 classes that extend another one, the cache will be shared.
It's not a problem except that before this patch, the default route name was also cached (as the cache is serialized
after we changed the object). So, all other classes inherited this default route name. The fix is quite easy:
just don't change the read annotation object.
Commits
-------
020fa51 [RedirectResponse] Added missing `doctype` and `title` tag
Discussion
----------
[RedirectResponse] Added missing `doctype` and `title` tag
* domcrawler-disabled-fields:
[DomCrawler] fixed disabled fields in forms (they are available in the DOM, but their values are not submitted -- whereas before, they were simply removed from the DOM)
$node->hasAttribute('disabled') sf2 should not create disagreement between implementation and practice for a crawler. If sahi real browser can find an element that is disabled, then sf2 should too. https://github.com/Behat/Mink/pull/58#issuecomment-1712459
Commits
-------
8a980bd $node->hasAttribute('disabled') sf2 should not create disagreement between implementation and practice for a crawler. If sahi real browser can find an element that is disabled, then sf2 should too. https://github.com/Behat/Mink/pull/58#issuecomment-1712459
Discussion
----------
$node->hasAttribute('disabled') sf2 should not create disagreement betwee
$node->hasAttribute('disabled') sf2 should not create disagreement between implementation and practice for a crawler. If sahi real browser can find an element that is disabled, then sf2 should too.
https://github.com/Behat/Mink/pull/58#issuecomment-1712459
---------------------------------------------------------------------------
by cordoval at 2011/08/09 20:34:56 -0700
@fabpot please let me know if this is going to be in sometime soon or not, just wondering why it is deviating ...
---------------------------------------------------------------------------
by fabpot at 2011/08/23 01:11:42 -0700
I have just checked in a browser and the Symfony2 implementation is actually the right one.
Try this in a browser:
<form action='#' method="post">
<input name="foo" disabled="disabled" value="foo" />
<input name="bar" value="bar" />
<input type="submit" />
</form>
<?php
print_r($_POST);
// output: Array ( [bar] => bar ) when the form is submitted
And here is the discussion about it in the HTML4 spec: http://www.w3.org/TR/html4/interact/forms.html#h-17.12:
"In this example, the INPUT element is disabled. Therefore, it cannot receive user input nor will its value be submitted with the form."
And the same is tru for HTML5: http://www.w3.org/TR/html5/association-of-controls-and-forms.html#constructing-form-data-set
---------------------------------------------------------------------------
by cordoval at 2011/08/23 01:29:53 -0700
@fabpot I guess you got my scenario wrong. I am not trying to submit any form. I am just happen to have a disabled box that is checked and I want to read with the DOM Crawler that is checked. Not to submit or anything but for the purposes of testing.
Please consider also that this request comes from asserting values using behat mink, mink is fully dependent on sf2 driver for when it is used except it is told to use a different driver like a real browser like sahi. When testing in chrome and firefox, the verification with the DOM is made that the disabled box is checked properly. Symfony2 DOM Crawler however misses that spot for that use.
Even in the case where Symfony2 DOM Crawler component would have been thought not for this purpose of testing, or further for this particular scenario it would be good to make it more reusable for this kind of scenario.
Just saying....
---------------------------------------------------------------------------
by fabpot at 2011/08/23 02:00:34 -0700
Indeed, I didn't get your issue right. So, basically, all fields should be in the form, but the disabled field values should not be submitted (that makes sense).
I've prepared a fix in this patch: e8852586073bc23d4a41f4cd9cbe0d17a2f0c76d which is in the symfony/domcrawler-disabled-fields branch for now as I don't know if we can make this change in 2.0 or if we need to put it in 2.1.
---------------------------------------------------------------------------
by cordoval at 2011/08/23 02:15:01 -0700
oh no I was hoping to enter the authors, you already did the fix :'(
Commits
-------
e9d2a67 CS
3a64b08 Search in others user providers when a user is not found in the first user provider and throws the right exception.
Discussion
----------
Chain user provider doesn't search in all user providers
I commit these changes because Chain user provider doesn't search in all user providers.
Example with the Acme/DemoBundle:
// security.yml
...
providers:
chain_provider:
providers: [in_memory, in_memory_extend]
in_memory_extend:
users:
admin2: { password: adminpass2, roles: [ 'ROLE_ADMIN' ] }
in_memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
...
firewalls:
...
secured_area:
pattern: ^/demo/secured/
provider: chain_provider OR in_memory_extend
...
We can see these logs :
security.INFO: User "admin2" has been authenticated successfully [] []
security.DEBUG: Write SecurityContext in the session [] []
security.DEBUG: Read SecurityContext from the session [] []
security.DEBUG: Reloading user from user provider. [] []
security.WARNING: Username "admin2" could not be found. [] []
The new code search in others user providers when a user is not found in the first user provider and throws the right exception.
---------------------------------------------------------------------------
by lsmith77 at 2011/08/14 12:20:04 -0700
I wonder if it should be a provider option to continue on a failed user lookup. I can see cases where you really dont want to iterate over all providers and others where you do.
---------------------------------------------------------------------------
by Abhoryo at 2011/08/14 17:27:16 -0700
If someone need a provider like you describe, he can create one.
Here we talk about a chain user provider.
Doc : [using-multiple-user-providers](http://symfony.com/doc/current/book/security.html#using-multiple-user-providers)
We can read in the doc: "The chain_provider will, in turn, try to load the user from both the in_memory and user_db providers."
But its not the case right now.
Commits
-------
c29fa9d [Form] Fix for treatment zero as empty data. Closes#1986
Discussion
----------
[Form] Fix for treatment zero as empty data. Closes#1986
For more info please read #1986.
Commits
-------
8d48cea [EventDispatcher] Change the license of EventDispatcher from LGPL to MIT
Discussion
----------
[EventDispatcher] Change the license of EventDispatcher from LGPL to MIT
It was previously agreed to re-license the Doctrine2 based
EventDispatcher refactoring to use the MIT license. However, the files
still retain the LGPL license notice.
This commit changes the license to MIT.
---------------------------------------------------------------------------
by fabpot at 2011/08/21 05:55:00 -0700
That's right but I would prefer that the PR comes from someone of the Doctrine core team like @beberlei or @jwage.
---------------------------------------------------------------------------
by fabpot at 2011/08/21 05:55:28 -0700
or at least, they can perhaps acknowledge this PR.
---------------------------------------------------------------------------
by beberlei at 2011/08/22 00:11:20 -0700
Acknowledged
It was previously agreed to re-license the Doctrine2 based
EventDispatcher refactoring to use the MIT license. However, the files
still retain the LGPL license notice.
This commit changes the license to MIT.
Commits
-------
d880db2 [Form] Test covered fix for invalid date (13 month/31.02.2011 etc.) send to transformer. Closes#1755df74f49 Patched src/Symfony/Component/Form/Extension/Core/DataTransformer/DateTimeToArrayTransformer.php to throw an exception when an invalid date is passed for transformation (e.g. 31st February)
Discussion
----------
[Form] Fix for "DateTimeToArrayTransformer" with invalid dates
Hey,
this is test covered fix from @mdavis1982 (closes#1755)
---------------------------------------------------------------------------
by stloyd at 2011/08/16 01:31:32 -0700
@fabpot Can we have this fix merged ?
Commits
-------
34a1b53 [HttpFoundation] Do not save session in Session::__destroy() when saved already
Discussion
----------
[HttpFoundation] Saving session data in __destroy() has a side effect on functional tests
Having functional test with several non-insulated requests, TestSessionListener invokes session saving at the end of every request. But instance of Session remains in memory until it's collected by garbage collector which saves the same data again in __destroy() method. The problem is that session object can get collected after other requests changed session data (e. g. user logged in) resulting in former data overwriting the latter.
Commits
-------
275da0d [Validator] changed 'self' to 'static' for child class to override pattern constant
Discussion
----------
[Validator] change 'self::' to 'static::' for PATTERN constant overridable in child classes
In TimeValidator and UrlValidator, PATTERN constant is not used with late static bind(static::) while DateValidator supports it.
Commits
-------
80d1718 [Fix] Email() constraints now guess as 'email' field type
Discussion
----------
[Fix] Email() constraints now guess as 'email' field type
I don't know what this was set to "text"
Commits
-------
e88ecbb [Form] Fixed a typo in AbstractType phpdoc
Discussion
----------
[Form] Fixed a typo in AbstractType phpdoc
This PR is a new version of PR #1862.
Original comment :
Hi,
Nothing really awesome, but I fixed a typo in some phpdoc of the AbstractType class.
Commits
-------
09c41d3 [Security] Fixed incorrect merge of two modifications (53f5c23c and 85199677) to AclVoter
Discussion
----------
[Security] Fixed incorrect merge of two modifications to AclVoter
It seems two modifications to `AclVoter` (53f5c23c and 85199677) have been merged incorrectly, leading to a method call on an object that is known to be `null` and a fatal error when running the tests
Commits
-------
4f9d229 The trace argument value could be string ("*DEEP NESTED ARRAY*")
6e7439e expanded namespaces within phpdoc (special for PhpStorm)
f0a6ee5 merge from master
8519967 Calling supportsClass from vote to find out if we can vote
Discussion
----------
The trace argument of an exception can be string (*DEEP NESTED ARRAY*) but with an array type specified
It leads to the exception of a foreach loop:
Invalid argument supplied for foreach() /.../vendor/symfony/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/CodeHelper.php:103
Commits
-------
ae55a98 Added $format in serialize() method, to keep consistence and give a hint to the normalizer.
Discussion
----------
Added $format in serialize() method, to keep consistence and give a hint
Added $format in serialize() method, to keep consistence and give a hint to the normalizer.
---------------------------------------------------------------------------
by Seldaek at 2011/08/12 02:06:19 -0700
👍
Commits
-------
81fb8e1 [DomCrawler] fix finding charset in addContent
Discussion
----------
[DomCrawler] fix finding charset in addContent
According to http://www.ietf.org/rfc/rfc2045.txt content type can include other field after charset. So they should be cut.
