604aaa2e1e
This PR was merged into the master branch. Discussion ---------- [2.3] [TwigBridge] save auto-escaping of generated URLs when possible | Q | A | ------------- | --- | Bug fix? | [no] | New feature? | [yes: optimization] | BC breaks? | [no] | Deprecations? | [no] | Tests pass? | [yes] | Fixed tickets | #7088 | License | MIT | Doc PR | [-] Determines at compile time whether the generated URL will be safe and thus saving the unneeded automatic escaping for performance reasons. The URL generation process percent encodes non-alphanumeric characters. So there is no risk that malicious/invalid characters are part of the URL. The only character within an URL that must be escaped in html is the ampersand ("&") which separates query params. So we cannot mark the URL generation as always safe, but only when we are sure there won't be multiple query params. This is the case when there are none or only one constant parameter given. E.g. we know beforehand this will be safe: - path('route') - path('route', {'param': 'value'}) But the following may not: - path('route', var) - path('route', {'param': ['val1', 'val2'] }) // a sub-array - path('route', {'param1': 'value1', 'param2': 'value2'}) If param1 and param2 reference placeholder in the route, it would still be safe. But we don't know. Commits ------- |
||
|---|---|---|
| src/Symfony | ||
| .editorconfig | ||
| .gitignore | ||
| .travis.yml | ||
| autoload.php.dist | ||
| CHANGELOG-2.0.md | ||
| CHANGELOG-2.1.md | ||
| CHANGELOG-2.2.md | ||
| composer.json | ||
| CONTRIBUTING.md | ||
| CONTRIBUTORS.md | ||
| LICENSE | ||
| phpunit.xml.dist | ||
| README.md | ||
| UPGRADE-2.1.md | ||
| UPGRADE-2.2.md | ||
| UPGRADE-2.3.md | ||
| UPGRADE-3.0.md | ||
README
What is Symfony2?
Symfony2 is a PHP 5.3 full-stack web framework. It is written with speed and flexibility in mind. It allows developers to build better and easy to maintain websites with PHP.
Symfony can be used to develop all kind of websites, from your personal blog to high traffic ones like Dailymotion or Yahoo! Answers.
Requirements
Symfony2 is only supported on PHP 5.3.3 and up.
Be warned that PHP versions before 5.3.8 are known to be buggy and might not work for you:
-
before PHP 5.3.4, if you get "Notice: Trying to get property of non-object", you've hit a known PHP bug (see https://bugs.php.net/bug.php?id=52083 and https://bugs.php.net/bug.php?id=50027);
-
before PHP 5.3.8, if you get an error involving annotations, you've hit a known PHP bug (see https://bugs.php.net/bug.php?id=55156).
-
PHP 5.3.16 has a major bug in the Reflection subsystem and is not suitable to run Symfony2 (https://bugs.php.net/bug.php?id=62715)
Installation
The best way to install Symfony2 is to download the Symfony Standard Edition available at http://symfony.com/download.
Documentation
The "Quick Tour" tutorial gives you a first feeling of the framework. If, like us, you think that Symfony2 can help speed up your development and take the quality of your work to the next level, read the official Symfony2 documentation.
Contributing
Symfony2 is an open source, community-driven project. If you'd like to contribute, please read the Contributing Code part of the documentation. If you're submitting a pull request, please follow the guidelines in the Submitting a Patch section and use Pull Request Template.
Running Symfony2 Tests
Information on how to run the Symfony2 test suite can be found in the Running Symfony2 Tests section.