Merge branch '2.4'

* 2.4:
  Lower mbstring dependency
  [Console]Improve formatter for double-width character
  Lower mbstring dep, remove it for Yaml and CssSelector components
  [Security] Add check for supported attributes in AclVoter
  [Form] Fixed TrimListenerTest as of PHP 5.5
  Added more IDE links
  [DependencyInjection] Fix parameter description in ConfigurationExtensionInterface
  [Security] fixed wrong PHPDoc of the TokenGeneratorInterface
  [Finder] fixed typehint of the Finder::addAdapter() method
  [TwigBridge][Transchoice] set %count% from the current context.
  [DependencyInjection] Fix travis unit tests
  Update PHPUnit before run
  [Validator] fixed wrong test
  [WebProfilerBundle] added test case for #10773
  [WebProfilerBundle] fixed profiler homepage, fixed #10806
  [WebProfilerBundle] Added test case for #10806
  changed travis to run on the nightly builds of HHVM until everything gets stable
  Fixed issue #5427
  Allow URLs that don't contain a path

Conflicts:
	.travis.yml
	src/Symfony/Component/Console/Application.php

3 files changed, 35 insertions, 16 deletions

diff --git a/Acl/Tests/Voter/AclVoterTest.php b/Acl/Tests/Voter/AclVoterTest.php
index 6bec231..f13df1f 100644
--- a/Acl/Tests/Voter/AclVoterTest.php
+++ b/Acl/Tests/Voter/AclVoterTest.php
@@ -27,7 +27,7 @@ class AclVoterTest extends \PHPUnit_Framework_TestCase
      */
     public function testSupportsAttribute($attribute, $supported)
     {
-        list($voter,, $permissionMap,,) = $this->getVoter();
+        list($voter,, $permissionMap,,) = $this->getVoter(true, false);
 
         $permissionMap
             ->expects($this->once())
@@ -39,6 +39,16 @@ class AclVoterTest extends \PHPUnit_Framework_TestCase
         $this->assertSame($supported, $voter->supportsAttribute($attribute));
     }
 
+    /**
+     * @dataProvider getSupportsAttributeNonStringTests
+     */
+    public function testSupportsAttributeNonString($attribute)
+    {
+        list($voter,,,,,) = $this->getVoter(true, false);
+
+        $this->assertFalse($voter->supportsAttribute($attribute));
+    }
+
     public function getSupportsAttributeTests()
     {
         return array(
@@ -47,6 +57,16 @@ class AclVoterTest extends \PHPUnit_Framework_TestCase
         );
     }
 
+    public function getSupportsAttributeNonStringTests()
+    {
+        return array(
+            array(new \stdClass()),
+            array(1),
+            array(true),
+            array(array()),
+        );
+    }
+
     /**
      * @dataProvider getSupportsClassTests
      */
@@ -387,13 +407,20 @@ class AclVoterTest extends \PHPUnit_Framework_TestCase
         return $this->getMock('Symfony\Component\Security\Core\Authentication\Token\TokenInterface');
     }
 
-    protected function getVoter($allowIfObjectIdentityUnavailable = true)
+    protected function getVoter($allowIfObjectIdentityUnavailable = true, $alwaysContains = true)
     {
         $provider = $this->getMock('Symfony\Component\Security\Acl\Model\AclProviderInterface');
         $permissionMap = $this->getMock('Symfony\Component\Security\Acl\Permission\PermissionMapInterface');
         $oidStrategy = $this->getMock('Symfony\Component\Security\Acl\Model\ObjectIdentityRetrievalStrategyInterface');
         $sidStrategy = $this->getMock('Symfony\Component\Security\Acl\Model\SecurityIdentityRetrievalStrategyInterface');
 
+        if ($alwaysContains) {
+            $permissionMap
+                ->expects($this->any())
+                ->method('contains')
+                ->will($this->returnValue(true));
+        }
+
         return array(
             new AclVoter($provider, $oidStrategy, $sidStrategy, $permissionMap, null, $allowIfObjectIdentityUnavailable),
             $provider,
diff --git a/Acl/Voter/AclVoter.php b/Acl/Voter/AclVoter.php
index d401ef3..b21b1e6 100644
--- a/Acl/Voter/AclVoter.php
+++ b/Acl/Voter/AclVoter.php
@@ -48,12 +48,16 @@ class AclVoter implements VoterInterface
 
     public function supportsAttribute($attribute)
     {
-        return $this->permissionMap->contains($attribute);
+        return is_string($attribute) && $this->permissionMap->contains($attribute);
     }
 
     public function vote(TokenInterface $token, $object, array $attributes)
     {
         foreach ($attributes as $attribute) {
+            if (!$this->supportsAttribute($attribute)) {
+                continue;
+            }
+
             if (null === $masks = $this->permissionMap->getMasks($attribute, $object)) {
                 continue;
             }
diff --git a/Csrf/TokenGenerator/TokenGeneratorInterface.php b/Csrf/TokenGenerator/TokenGeneratorInterface.php
index 4d81da9..e02ac66 100644
--- a/Csrf/TokenGenerator/TokenGeneratorInterface.php
+++ b/Csrf/TokenGenerator/TokenGeneratorInterface.php
@@ -12,19 +12,7 @@
 namespace Symfony\Component\Security\Csrf\TokenGenerator;
 
 /**
- * Generates and validates CSRF tokens.
- *
- * You can generate a CSRF token by using the method {@link generateCsrfToken()}.
- * This method expects a unique token ID as argument. The token ID can later be
- * used to validate a token provided by the user.
- *
- * Token IDs do not necessarily have to be secret, but they should NEVER be
- * created from data provided by the client. A good practice is to hard-code the
- * token IDs for the various CSRF tokens used by your application.
- *
- * You should use the method {@link isCsrfTokenValid()} to check a CSRF token
- * submitted by the client. This method will return true if the CSRF token is
- * valid.
+ * Generates CSRF tokens.
  *
  * @since  2.4
  * @author Bernhard Schussek <bschussek@gmail.com>