summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* added the new Composer exclude-from-classmap optionFabien Potencier2015-10-304-4/+16
|
* Merge branch '2.3' into 2.7Fabien Potencier2015-10-301-1/+4
|\ | | | | | | | | | | | | | | * 2.3: added the new Composer exclude-from-classmap option fix expected argument type docblock Set back libxml settings after testings. fixed Twig deprecation notices
| * minor #16397 added the new Composer exclude-from-classmap option (annesosensio)Fabien Potencier2015-10-301-1/+4
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.3 branch. Discussion ---------- added the new Composer exclude-from-classmap option | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Commits ------- 65bef75 added the new Composer exclude-from-classmap option
| | * added the new Composer exclude-from-classmap optionAnne-Sophie Bachelard2015-10-301-1/+4
| | |
* | | Merge branch '2.3' into 2.7Fabien Potencier2015-10-271-0/+5
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: added missing quotes in YAML files [HttpKernel] Add `@group time-sensitive` on some transient tests [DoctrineBridge] Fix issue which prevent the profiler to explain a query Use mb_detect_encoding with $strict = true don't allow to install the split Security packages bumped Symfony version to 2.3.35 updated VERSION for 2.3.34 update CONTRIBUTORS for 2.3.34 updated CHANGELOG for 2.3.34
| * | bug #16144 [Security] don't allow to install the split Security packages ↵Fabien Potencier2015-10-271-0/+5
| |\ \ | | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (xabbuh) This PR was merged into the 2.3 branch. Discussion ---------- [Security] don't allow to install the split Security packages | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #16134 | License | MIT | Doc PR | Currently, you would be able to install the Security component fromm Symfony 2.3 together with one of the split packages from a higher Symfony vesion like this: ```json { "require": { "symfony/symfony": "2.3.*", "symfony/security-core": "~2.7" } } ``` However, you will end up with classes being present twice. This must be reverted after merging up in the `2.7` branch. Commits ------- 0d14064 don't allow to install the split Security packages
| | * don't allow to install the split Security packagesChristian Flothmann2015-10-271-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, you would be able to install the Security component fromm Symfony 2.3 together with one of the split packages from a higher Symfony vesion like this: ```json { "require": { "symfony/symfony": "2.3.*", "symfony/security-core": "~2.7" } } ``` However, you will end up with classes being present twice. This must be reverted after merging up in the `2.7` branch.
* | | Merge branch '2.3' into 2.7v2.7.6Fabien Potencier2015-10-181-1/+2
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | * 2.3: [Routing] use constants in tests [Validator] Allow an empty path in a URL with only a fragment or a query [HttpFoundation] Fix some typo in the Request doc fixed CS Added separated handling of root paths
| * | [Routing] use constants in testsv2.3.34Tobias Schultze2015-10-181-1/+2
| | |
* | | [Security] Use SessionAuthenticationStrategy on RememberMe loginSergey Novikov2015-10-162-10/+88
| | | | | | | | | | | | Regenerate session ID with default session strategy
* | | Merge branch '2.3' into 2.7Nicolas Grekas2015-10-122-8/+6
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | * 2.3: [ci] Fix tests requirements Conflicts: src/Symfony/Component/Validator/Tests/Mapping/Cache/LegacyApcCacheTest.php
| * | [ci] Fix tests requirementsNicolas Grekas2015-10-123-19/+12
| | |
* | | Merge branch '2.3' into 2.7Nicolas Grekas2015-10-115-20/+0
|\ \ \ | |/ / | | | | | | | | | | | | * 2.3: [ci] SymfonyTestsListener is now auto-registered adds validation messages missing italian translations
| * | [ci] SymfonyTestsListener is now auto-registeredNicolas Grekas2015-10-111-4/+0
| | |
* | | minor #16186 [2.7][tests] Use @requires annotation when possible ↵Nicolas Grekas2015-10-102-8/+3
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (nicolas-grekas) This PR was merged into the 2.7 branch. Discussion ---------- [2.7][tests] Use @requires annotation when possible | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - Commits ------- b028aea [tests] Use @requires annotation when possible
| * | | [tests] Use @requires annotation when possibleNicolas Grekas2015-10-102-8/+3
| | | |
* | | | Merge branch '2.3' into 2.7Nicolas Grekas2015-10-1010-5/+20
|\ \ \ \ | |/ / / |/| / / | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: [tests] Use @requires annotation when possible [ci] Enable collecting and replaying skipped tests [Process] Workaround buggy PHP warning [Console] Add additional ways to detect OS400 platform [Yaml] Allow tabs before comments at the end of a line Conflicts: composer.json src/Symfony/Bridge/Doctrine/Tests/Logger/DbalLoggerTest.php src/Symfony/Bridge/Monolog/composer.json src/Symfony/Bridge/Twig/composer.json src/Symfony/Bundle/FrameworkBundle/composer.json src/Symfony/Bundle/SecurityBundle/composer.json src/Symfony/Component/Asset/composer.json src/Symfony/Component/ClassLoader/Tests/LegacyApcUniversalClassLoaderTest.php src/Symfony/Component/Console/composer.json src/Symfony/Component/Debug/composer.json src/Symfony/Component/DomCrawler/composer.json src/Symfony/Component/EventDispatcher/composer.json src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/PdoSessionHandlerTest.php src/Symfony/Component/HttpFoundation/composer.json src/Symfony/Component/Intl/composer.json src/Symfony/Component/Routing/composer.json src/Symfony/Component/Security/composer.json src/Symfony/Component/Serializer/composer.json src/Symfony/Component/Templating/composer.json src/Symfony/Component/Translation/composer.json src/Symfony/Component/Validator/composer.json
| * | [ci] Enable collecting and replaying skipped testsNicolas Grekas2015-10-102-1/+4
| | |
* | | Merge branch '2.3' into 2.7Nicolas Grekas2015-10-064-26/+5
|\ \ \ | |/ / | | | | | | | | | | | | | | | Conflicts: src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php src/Symfony/Component/Security/Tests/Core/SecurityContextTest.php
| * | minor #16145 [FrameworkBundle] Fix deps=low/high tests (nicolas-grekas)Fabien Potencier2015-10-061-0/+5
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.3 branch. Discussion ---------- [FrameworkBundle] Fix deps=low/high tests | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - Commits ------- 26ca3dc [FrameworkBundle] Fix deps=low/high tests
| | * | [FrameworkBundle] Fix deps=low/high testsNicolas Grekas2015-10-061-0/+5
| | | |
| * | | [2.3][SECURITY] Add remember me cookie configurationKlaas Cuvelier2015-10-064-26/+5
| |/ /
| * | [FrameworkBundle] [Security] Remove trans from the security/core in 2.3 & ↵maxime.steinhausser2015-10-062-142/+0
| |/ | | | | | | dir loading
* | [Security] sync translations and add a test for itChristian Flothmann2015-10-064-6/+72
| |
* | Merge branch '2.3' into 2.7Nicolas Grekas2015-10-061-1/+1
|\ \ | |/ | | | | | | | | | | Conflicts: src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php src/Symfony/Bundle/SecurityBundle/composer.json src/Symfony/Component/Process/Process.php
| * [Security\Core] Fix test failure after sebastianbergmann/phpunit#1821Nicolas Grekas2015-10-061-1/+1
| |
* | Merge branch '2.3' into 2.7Fabien Potencier2015-10-056-23/+103
|\ \ | |/ | | | | | | | | | | | | | | * 2.3: [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1] [ci] Use current PHP_BINARY when running ./phpunit Fixed typos [UPGRADE-3.0] fix bullet indentation [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
| * bug #14842 [Security][bugfix] "Remember me" cookie cleared on logout with ↵Fabien Potencier2015-10-054-6/+50
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | custom "secure"/"httponly" config options [1] (MacDada) This PR was squashed before being merged into the 2.3 branch (closes #14842). Discussion ---------- [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1] | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #14822 | License | MIT | Doc PR | ~ * test now always pass "secure" and "httponly" options, as they are required * could be considered BC, but [`RememberMeFactory` passes them](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php#L21), so they should've always been treated as required * I can squash the commits before merging * Alternative solution: #14843 Commits ------- 18b1c6a [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
| | * [Security][bugfix] "Remember me" cookie cleared on logout with custom ↵Dawid Nowak2015-10-054-6/+50
| | | | | | | | | | | | "secure"/"httponly" config options [1]
| * | bug #13627 [Security] InMemoryUserProvider now concerns whether user's ↵Fabien Potencier2015-10-052-17/+53
| |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | password is changed when refreshing (issei-m) This PR was merged into the 2.3 branch. Discussion ---------- [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - When a user has changed own password, I want to logout any sessions which is authenticated by its user except changer itself. [DaoAuthenticationManager::checkAuthentication()](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php#L59) method seems to concern about it. But, this situation actually never happens because both users that will be passed to this method are always identical in re-authentication. It's because the token refreshes own user via [ContextListener](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Http/Firewall/ContextListener.php#L90) before re-authentication. Commits ------- 729902a [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
| | * | [Security] InMemoryUserProvider now concerns whether user's password is ↵Issei.M2015-08-102-17/+53
| | | | | | | | | | | | | | | | changed when refreshing
* | | | Merge branch '2.3' into 2.7Tobias Schultze2015-09-291-6/+6
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: src/Symfony/Component/ClassLoader/ApcUniversalClassLoader.php src/Symfony/Component/ClassLoader/DebugClassLoader.php src/Symfony/Component/ClassLoader/UniversalClassLoader.php src/Symfony/Component/Console/Command/Command.php src/Symfony/Component/DependencyInjection/Definition.php src/Symfony/Component/DependencyInjection/DefinitionDecorator.php src/Symfony/Component/EventDispatcher/Event.php src/Symfony/Component/Filesystem/Exception/IOException.php src/Symfony/Component/HttpFoundation/File/File.php src/Symfony/Component/HttpFoundation/ResponseHeaderBag.php src/Symfony/Component/HttpFoundation/Session/SessionInterface.php src/Symfony/Component/HttpFoundation/StreamedResponse.php src/Symfony/Component/HttpKernel/Controller/ControllerResolver.php src/Symfony/Component/HttpKernel/Controller/ControllerResolverInterface.php src/Symfony/Component/HttpKernel/HttpKernel.php src/Symfony/Component/HttpKernel/Kernel.php src/Symfony/Component/HttpKernel/KernelInterface.php src/Symfony/Component/HttpKernel/Log/LoggerInterface.php src/Symfony/Component/HttpKernel/Log/NullLogger.php src/Symfony/Component/Process/Process.php src/Symfony/Component/Routing/RequestContext.php src/Symfony/Component/Routing/Route.php src/Symfony/Component/Templating/EngineInterface.php src/Symfony/Component/Templating/PhpEngine.php src/Symfony/Component/Templating/TemplateNameParser.php src/Symfony/Component/Templating/TemplateReference.php src/Symfony/Component/Templating/TemplateReferenceInterface.php src/Symfony/Component/Translation/IdentityTranslator.php src/Symfony/Component/Translation/Translator.php src/Symfony/Component/Validator/ConstraintViolationInterface.php src/Symfony/Component/Validator/Constraints/False.php src/Symfony/Component/Validator/Constraints/FalseValidator.php src/Symfony/Component/Validator/Constraints/GroupSequence.php src/Symfony/Component/Validator/Constraints/Image.php src/Symfony/Component/Validator/Constraints/Null.php src/Symfony/Component/Validator/Constraints/NullValidator.php src/Symfony/Component/Validator/Constraints/True.php src/Symfony/Component/Validator/Constraints/TrueValidator.php src/Symfony/Component/Validator/ExecutionContextInterface.php src/Symfony/Component/Validator/ValidatorInterface.php
| * | | Fixed incorrect and inconsistent translationslashae2015-09-281-6/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "Fiş" is a correct translation for "token", however "bilet" is also used, I fixed that inconsistency. Moreover, "kimlik bilgileri" is a better translation for "credentials" than "girdiler". "Girdiler" is the translation of "inputs", so I fixed sentences with "credentials". "Hesap engellenmiş" is better than "Hesap devre dışı bırakılmış" for "Account is disabled.". "Digest nonce has expired" can be translated better as "Derleme zaman aşımına uğradı." because "Derleme zaman aşımı gerçekleşti" has a confirmation sense like user requested it to expire and it has expired. References: token: http://tureng.com/search/token (3rd entry) credentials: http://www2.zargan.com/tr/q/credentials-ceviri-nedir (1st entry) disable: http://tureng.com/search/disable (15th entry)
* | | | minor #15942 [Security] Improve AbstractVoter tests (WouterJ)Fabien Potencier2015-09-281-46/+30
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.7 branch. Discussion ---------- [Security] Improve AbstractVoter tests Applying the improved tests from https://github.com/symfony/symfony/pull/15932 into the oldest possible branch. Merge conflicts from 2.7 into 2.8 caused by this PR do not need to be done carefully, I'll create a new PR for 2.8 updating the tests as soon as these changes are merged up. | Q | A | ------------- | --- | Fixed tickets | - | License | MIT Commits ------- 5ff741d Readd the correct tests
| * | | | Readd the correct testsWouter J2015-09-271-46/+30
| | | | |
* | | | | [Security] fixed composer.jsonFabien Potencier2015-09-281-1/+1
|/ / / /
* | | | Merge branch '2.3' into 2.7Fabien Potencier2015-09-272-2/+8
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Detect Mintty for color support on Windows Add a group for tests of the finder against the FTP server Fix license headers Forbid serializing a Crawler Fix phpdoc block of NativeSessionStorage class Added exception when setAutoInitialize is called when locked [FrameworkBundle] Advanced search templates of bundles [Security] Allow user providers to be defined in many files Use random_bytes function if it is available for random number generation
| * | | Use random_bytes function if it is available for random number generationPierre du Plessis2015-09-232-5/+10
| | | |
* | | | fixed testsv2.7.5Fabien Potencier2015-09-251-1/+1
| | | |
* | | | Fixing test locationsRyan Weaver2015-09-232-2/+2
| | | |
* | | | fix leftover changes from previous mergeTobias Schultze2015-09-091-1/+1
| | | |
* | | | fix class use and in phpdocEvgeniy Sokolov2015-09-091-1/+1
| | | |
* | | | Don't trigger deprecation on interfacesv2.7.4Nicolas Grekas2015-08-301-2/+0
| | | |
* | | | Merge branch '2.3' into 2.7Nicolas Grekas2015-08-262-1/+8
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Windows and Intl fixes Add appveyor.yml for C.I. on Windows [travis] merge php: nightly and deps=high test-matrix lines [Security] Add missing docblock in PreAuthenticatedToken Conflicts: .travis.yml src/Symfony/Component/Filesystem/Tests/FilesystemTest.php src/Symfony/Component/HttpFoundation/JsonResponse.php src/Symfony/Component/Intl/DateFormatter/IntlDateFormatter.php
| * | | [Security] Add missing docblock in PreAuthenticatedTokenv2.3.33v2.3.32Titouan Galopin2015-08-072-1/+8
| |/ /
* | | fixes CSFabien Potencier2015-08-2425-26/+40
| | |
* | | Merge branch '2.3' into 2.7v2.7.3Nicolas Grekas2015-07-281-2/+6
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: [php7] Fix for substr() always returning a string [Security] Do not save the target path in the session for a stateless firewall [DependencyInjection] fixed FrozenParameterBag and improved Parameter… Conflicts: src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
| * | [Security] Do not save the target path in the session for a stateless firewallGrégoire Pineau2015-07-261-2/+6
| | |
* | | Merge branch '2.6' into 2.7Fabien Potencier2015-07-261-2/+2
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.6: [Yaml] throw a ParseException on invalid data type #15331 add infos about deprecated classes to UPGRADE-3.0 [Security] removed useless else condition in SwitchUserListener class. [travis] Tests deps=low with PHP 5.6 [Console] Fix console output with closed stdout
| * \ \ Merge branch '2.3' into 2.6v2.6.11Fabien Potencier2015-07-261-2/+2
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: #15331 add infos about deprecated classes to UPGRADE-3.0 [Security] removed useless else condition in SwitchUserListener class. [travis] Tests deps=low with PHP 5.6 [Console] Fix console output with closed stdout
| | * | [Security] removed useless else condition in SwitchUserListener class.Hugo Hamon2015-07-221-2/+2
| | | |
* | | | Merge branch '2.6' into 2.7Nicolas Grekas2015-07-241-4/+3
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | * 2.6: [2.6] Static Code Analysis for Components [Security/Http] Fix test relying on a private property
| * | | [Security/Http] Fix test relying on a private propertyNicolas Grekas2015-07-221-4/+3
| | | |
* | | | Merge branch '2.6' into 2.7Nicolas Grekas2015-07-224-4/+4
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.6: [Security] fix check for empty usernames [Form] updated exception message of ButtonBuilder::setRequestHandler() [travis] Fix deps=high jobs [HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content [DependencyInjection] Remove unused code in XmlFileLoader [HttpFoundation] Behaviour change in PHP7 for substr bumped Symfony version to 2.3.32 updated VERSION for 2.3.31 update CONTRIBUTORS for 2.3.31 updated CHANGELOG for 2.3.31 Conflicts: src/Symfony/Bridge/Twig/composer.json src/Symfony/Bundle/FrameworkBundle/composer.json
| * | | Merge branch '2.3' into 2.6Nicolas Grekas2015-07-224-4/+4
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: [Security] fix check for empty usernames [Form] updated exception message of ButtonBuilder::setRequestHandler() [travis] Fix deps=high jobs [HttpFoundation] [PSR-7] Allow to use resources as content body and to return resources from string content [DependencyInjection] Remove unused code in XmlFileLoader [HttpFoundation] Behaviour change in PHP7 for substr bumped Symfony version to 2.3.32 updated VERSION for 2.3.31 update CONTRIBUTORS for 2.3.31 updated CHANGELOG for 2.3.31 Conflicts: src/Symfony/Bridge/Twig/composer.json src/Symfony/Bundle/FrameworkBundle/composer.json src/Symfony/Component/DependencyInjection/Loader/XmlFileLoader.php src/Symfony/Component/HttpKernel/Kernel.php
| | * | [Security] fix check for empty usernamesChristian Flothmann2015-07-224-4/+4
| | | |
* | | | Merge branch '2.6' into 2.7v2.7.2Fabien Potencier2015-07-091-1/+1
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.6: Added 'default' color [HttpFoundation] Reload the session after regenerating its id [HttpFoundation] Add a test case to confirm a bug in session migration [2.6] Static Code Analysis for Components and Bundles [Finder] Command::addAtIndex() fails with Command instance argument [DependencyInjection] Freeze also FrozenParameterBag::remove [Twig][Bridge] replaced `extends` with `use` in bootstrap_3_horizontal_layout.html.twig fix CS fixed CS Add a way to reset the singleton [Security] allow to use `method` in XML configs Remove duplicate example Remove var not used due to returning early (introduced in 8982c32) Enhance hhvm test skip message
| * | | [2.6] Static Code Analysis for Components and Bundlesv2.6.10Vladimir Reznichenko2015-07-081-1/+1
| | | |
* | | | Fix mergeNicolas Grekas2015-07-011-2/+2
| | | |
* | | | Merge branch '2.6' into 2.7Nicolas Grekas2015-07-013-2/+61
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.6: [2.6] Towards 100% HHVM compat [Security/Http] Fix test [Stopwatch] Fix test Minor fixes Towards 100% HHVM compat unify default AccessDeniedExeption message trigger event with right user (add test) [Security] Initialize SwitchUserEvent::targetUser on attemptExitUser [Form] Fixed: Data mappers always receive forms indexed by their names Conflicts: src/Symfony/Bundle/FrameworkBundle/Controller/Controller.php src/Symfony/Component/VarDumper/Tests/CliDumperTest.php src/Symfony/Component/VarDumper/Tests/HtmlDumperTest.php
| * | | [Security/Http] Fix testNicolas Grekas2015-06-301-0/+6
| | | |
| * | | Merge branch '2.3' into 2.6Nicolas Grekas2015-06-302-1/+54
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Minor fixes Towards 100% HHVM compat trigger event with right user (add test) [Security] Initialize SwitchUserEvent::targetUser on attemptExitUser [Form] Fixed: Data mappers always receive forms indexed by their names Conflicts: src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php src/Symfony/Component/Filesystem/Filesystem.php src/Symfony/Component/Process/Tests/AbstractProcessTest.php
| | * | trigger event with right user (add test)v2.3.31Christian Flothmann2015-06-281-0/+52
| | | |
| | * | [Security] Initialize SwitchUserEvent::targetUser on attemptExitUserRichard van Laak2015-06-281-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | The `SwitchUserEvent` is triggered in case an account is switched. This works okay while switching to the user, but on exit the `SwitchUserEvent` is triggered again with the original User. That User was not initialized by the provider yet. load user by UserInterface instead of username
| * | | unify default AccessDeniedExeption messageChristian Flothmann2015-06-291-1/+1
| | | |
| * | | Merge branch '2.3' into 2.6Fabien Potencier2015-06-281-1/+1
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Fix quoting style consistency. [DependencyInjection] Fail when dumping a Definition with no class nor factory Normalizing recursively - see #9096 No change - the normalizeParams is a copy-and-paste of the earlier logic fixes issue with logging array of non-utf8 data fix validation for Maestro UK card numbers
| | * | Fix quoting style consistency.ogizanagi2015-06-281-1/+1
| | | |
| * | | Fix mergeNicolas Grekas2015-06-181-1/+1
| | | |
* | | | [PhpUnitBridge] Enforce @-silencing of deprecation notices according to new ↵Nicolas Grekas2015-06-182-4/+0
| | | | | | | | | | | | | | | | policy
* | | | Fix mergeNicolas Grekas2015-06-181-1/+1
| | | |
* | | | Merge branch '2.6' into 2.7Nicolas Grekas2015-06-1822-72/+72
|\ \ \ \ | |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.6: Add test for HHVM FatalErrors [2.6][Debug] Fix fatal-errors handling on HHVM [2.3][Debug] Fix fatal-errors handling on HHVM Standardize the name of the exception variables [2.3] Static Code Analysis for Components Remove duplicated paths Conflicts: src/Symfony/Component/Debug/ErrorHandler.php src/Symfony/Component/Security/Http/Firewall/BasicAuthenticationListener.php src/Symfony/Component/Security/Http/Firewall/ContextListener.php src/Symfony/Component/Security/Http/Firewall/RememberMeListener.php src/Symfony/Component/Security/Http/RememberMe/AbstractRememberMeServices.php
| * | | Merge branch '2.3' into 2.6Nicolas Grekas2015-06-1822-72/+72
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: [2.3][Debug] Fix fatal-errors handling on HHVM Standardize the name of the exception variables [2.3] Static Code Analysis for Components Remove duplicated paths Conflicts: src/Symfony/Component/Debug/ErrorHandler.php src/Symfony/Component/HttpFoundation/Session/Storage/MockArraySessionStorage.php src/Symfony/Component/Security/Acl/Dbal/AclProvider.php src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php
| | * | Standardize the name of the exception variablesJavier Eguiluz2015-06-1522-72/+72
| | |/
* | | Merge branch '2.6' into 2.7Nicolas Grekas2015-06-1813-15/+583
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.6: [Debug] Fix log level of stacked errors [VarDumper] Fix uninitialized id in HtmlDumper Fixed fluent interface [Debug] fix debug class loader case test on windows [Debug+VarDumper] Fix handling of PHP7 exception/error model [2.6][Security][Translation] #14920 update translations [VarDumper] Cherry-pick code style fixes from 2.7 Bug #14836 [HttpFoundation] Moves default JSON encoding assignment from constructor to property Conflicts: src/Symfony/Component/Debug/Tests/DebugClassLoaderTest.php src/Symfony/Component/VarDumper/Caster/DOMCaster.php src/Symfony/Component/VarDumper/Caster/ExceptionCaster.php src/Symfony/Component/VarDumper/Caster/PdoCaster.php src/Symfony/Component/VarDumper/Caster/SplCaster.php
| * | [2.6][Security][Translation] #14920 update translationsVincent AUBERT2015-06-1413-15/+583
| | |
* | | minor #14977 added missing deprecation in CHANGELOG (fabpot)Fabien Potencier2015-06-151-0/+1
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.7 branch. Discussion ---------- added missing deprecation in CHANGELOG Commits ------- ddddeb5 added missing deprecation in CHANGELOG
| * | | added missing deprecation in CHANGELOGFabien Potencier2015-06-141-0/+1
| | | |
* | | | Added a small Upgrade note regarding security.contextIltar van der Berg2015-06-153-8/+4
|/ / /
* | | Silence invasive deprecation warnings, opt-in for warningsv2.7.1reecefowell2015-06-082-2/+2
| | |
* | | Change error message to reflect SecurityContext deprecation.Nicholas Byfleet2015-06-051-1/+1
| | |
* | | Merge branch '2.6' into 2.7Fabien Potencier2015-06-051-2/+2
|\ \ \ | |/ / | | | | | | | | | | | | * 2.6: [Security] Update tests after a merge [Console] Remove an unused argument and fix a small cs issue
| * | [Security] Update tests after a mergeJakub Zalas2015-06-051-2/+2
| | | | | | | | | | | | Security component was split into three and test fixture namespaces are different between 2.3 and 2.6 branches.
* | | Merge branch '2.6' into 2.7Fabien Potencier2015-06-043-4/+26
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.6: Improve the config validation in TwigBundle [WebProfilerBundle][logger] added missing deprecation message. [Security][Acl] enforce string identifiers [BrowserKit] Fix bug when uri starts with http. bumped Symfony version to 2.3.31 updated VERSION for 2.3.30 updated CHANGELOG for 2.3.30 Php Inspections (EA Extended): - resolved possible PHP Fatal in \Symfony\Component\BrowserKit\Cookie::__toString -resolved implicit magic methods calls -resolved callable name case mismatches
| * | Merge branch '2.3' into 2.6Fabien Potencier2015-06-043-4/+26
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Improve the config validation in TwigBundle [Security][Acl] enforce string identifiers [BrowserKit] Fix bug when uri starts with http. bumped Symfony version to 2.3.31 updated VERSION for 2.3.30 updated CHANGELOG for 2.3.30 Php Inspections (EA Extended): - resolved possible PHP Fatal in \Symfony\Component\BrowserKit\Cookie::__toString -resolved implicit magic methods calls -resolved callable name case mismatches Conflicts: src/Symfony/Component/Debug/Tests/ErrorHandlerTest.php src/Symfony/Component/DependencyInjection/Tests/Dumper/PhpDumperTest.php src/Symfony/Component/HttpKernel/Kernel.php
| | * minor #14474 [2.3] Static Code Analysis for Components (kalessil)Fabien Potencier2015-06-011-1/+1
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.3 branch. Discussion ---------- [2.3] Static Code Analysis for Components | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Static Code Analysis with Php Inspections (EA Extended), no functional changes: - resolved possible PHP Fatal in \Symfony\Component\BrowserKit\Cookie::__toString - resolved callable name case mismatches Commits ------- 9eb2b14 Php Inspections (EA Extended): - resolved possible PHP Fatal in \Symfony\Component\BrowserKit\Cookie::__toString -resolved implicit magic methods calls -resolved callable name case mismatches
| | | * Php Inspections (EA Extended): - resolved possible PHP Fatal in ↵Vladimir Reznichenko2015-05-291-1/+1
| | | | | | | | | | | | | | | | \Symfony\Component\BrowserKit\Cookie::__toString -resolved implicit magic methods calls -resolved callable name case mismatches
| | * | [Security][Acl] enforce string identifiersChristian Flothmann2015-05-312-3/+25
| | |/
* | | Merge branch '2.6' into 2.7v2.7.0Fabien Potencier2015-05-226-14/+67
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.6: (30 commits) [Translation] fixed JSON loader on PHP 7 when file is empty Fix typo Check instance of FormBuilderInterface instead of FormBuilder [Security] TokenBasedRememberMeServices test to show why encoding username is required [Security] AbstractRememberMeServices::encodeCookie() validates cookie parts fixed typo [console][formater] allow format toString object. [HttpFoundation] Fix baseUrl when script filename is contained in pathInfo Avoid redirection to XHR URIs [HttpFoundation] IpUtils::checkIp4() should allow networks [2.6] Fix HTML escaping of to-source links Fix HTML escaping of to-source links ExceptionHandler: More Encoding Fix the rendering of deprecation log messages [FrameworkBundle] Removed unnecessary parameter in TemplateController [DomCrawler] Throw an exception if a form field path is incomplete. Fixed the indentation in the compiled template for the DumpNode [Console] Delete duplicate test in CommandTest [TwigBundle] Refresh twig paths when resources change. WebProfiler break words ... Conflicts: src/Symfony/Bridge/Twig/composer.json src/Symfony/Bundle/WebProfilerBundle/Resources/views/Collector/logger.html.twig src/Symfony/Component/Debug/ExceptionHandler.php
| * | Merge branch '2.3' into 2.6v2.6.9v2.6.8Fabien Potencier2015-05-226-14/+67
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Fix typo Check instance of FormBuilderInterface instead of FormBuilder [Security] TokenBasedRememberMeServices test to show why encoding username is required [Security] AbstractRememberMeServices::encodeCookie() validates cookie parts [console][formater] allow format toString object. [HttpFoundation] Fix baseUrl when script filename is contained in pathInfo Avoid redirection to XHR URIs [HttpFoundation] IpUtils::checkIp4() should allow networks Fix HTML escaping of to-source links [FrameworkBundle] Removed unnecessary parameter in TemplateController [DomCrawler] Throw an exception if a form field path is incomplete. [Console] Delete duplicate test in CommandTest [TwigBundle] Refresh twig paths when resources change. WebProfiler break words fixed typo Update README.md [HttpKernel] Handle an array vary header in the http cache store [Security][Translation] fixes #14584 [Framework] added test for Router commands. Handled bearer authorization header in REDIRECT_ form Conflicts: src/Symfony/Component/Debug/ExceptionHandler.php
| | * minor #14670 [Security] TokenBasedRememberMeServices test to show why ↵v2.3.30v2.3.29Fabien Potencier2015-05-212-3/+18
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | encoding username is required (MacDada) This PR was squashed before being merged into the 2.3 branch (closes #14670). Discussion ---------- [Security] TokenBasedRememberMeServices test to show why encoding username is required | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #14577 | License | MIT | Doc PR | no 241538d shows that it's not actually tested, 257b796 reimplements it with test. I can remove the POC commit if it's not needed. Commits ------- 63a9736 [Security] TokenBasedRememberMeServices test to show why encoding username is required
| | | * [Security] TokenBasedRememberMeServices test to show why encoding username ↵Dawid Nowak2015-05-212-3/+18
| | | | | | | | | | | | | | | | is required
| | * | bug #14678 [Security] AbstractRememberMeServices::encodeCookie() validates ↵Fabien Potencier2015-05-213-4/+42
| | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cookie parts (MacDada) This PR was squashed before being merged into the 2.3 branch (closes #14678). Discussion ---------- [Security] AbstractRememberMeServices::encodeCookie() validates cookie parts | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #14577 | License | MIT | Doc PR | no `AbstractRememberMeServices::encodeCookie()` guards against `COOKIE_DELIMITER` in `$cookieParts`. * it would make `AbstractRememberMeServices::cookieDecode()` broken * all current extending classes do it anyway (see #14670 ) * added tests – it's not a public method, but it is expected to be used by user implementations – as such, it's good to know that it works properly Commits ------- 464c39a [Security] AbstractRememberMeServices::encodeCookie() validates cookie parts
| | | * | [Security] AbstractRememberMeServices::encodeCookie() validates cookie partsDawid Nowak2015-05-213-4/+42
| | | |/
| | * | Avoid redirection to XHR URIsAlessandro Siragusa2015-05-201-1/+1
| | |/
| | * minor #14601 [Security][Translation] fixes #14584 (MatTheCat)Fabien Potencier2015-05-161-6/+6
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.3 branch. Discussion ---------- [Security][Translation] fixes #14584 | Q | A | ------------- | --- | Fixed tickets | #14584 | License | MIT Some french translations are wrong in the security component. As #14587 has been closed here's my fix. Commits ------- 34c780f [Security][Translation] fixes #14584
| | | * [Security][Translation] fixes #14584MatTheCat2015-05-101-6/+6
| | | |
* | | | minor #14581 [Security] Removed unnecessary statement (MacDada)Fabien Potencier2015-05-151-1/+0
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.7 branch. Discussion ---------- [Security] Removed unnecessary statement | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | ~ | License | MIT | Doc PR | ~ Removed unnecessary statement from `PersistentTokenBasedRememberMeServices.php`. `$series` comes from `$cookieParts` and `$this->tokenProvider->loadTokenBySeries($series);` is supposed to find the token with that value. Doing `$persistentToken->getSeries();` should give us exactly the same value, so it is an unnecessary statement. Why? * We don't need it? We won't miss it when it's gone. * It confuses a code reader who starts guessing why would that be needed (at least I did and lost time because of that). Unless… It actually is needed, as we want `TokenProviderInterface` implementations to have a possibility to give a `PersistentTokenInterface` with a different series value than asked… I can make a PR to the testing class so that such requirement is checked upon. I don't believe that this is BC, as this behaviour isn't documented anywhere and no existing (known to me) implementations return different series than the asked ones (and current tests pass successfully). Commits ------- c7a91f1 Removed unnecessary statement from PersistentTokenBasedRememberMeServices.php
| * | | | Removed unnecessary statement from PersistentTokenBasedRememberMeServices.phpDawid Nowak2015-05-071-1/+0
| | | | |
* | | | | Merge branch '2.6' into 2.7Fabien Potencier2015-05-153-3/+3
|\ \ \ \ \ | | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.6: fixed CS fixed CS Conflicts: src/Symfony/Component/Security/Http/Tests/Firewall/RememberMeListenerTest.php
| * | | | fixed CSFabien Potencier2015-05-153-3/+3
| | | | |
generated by cgit v1.1 at 2025-05-18 01:44:10 +0000