summaryrefslogtreecommitdiffstats
path: root/Core
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch '2.7' into 2.8v2.8.14Fabien Potencier2016-11-151-1/+1
|\ | | | | | | | | * 2.7: DX: replace @link with @see annotation
| * DX: replace @link with @see annotationv2.7.21Dariusz Ruminski2016-11-131-1/+1
| |
* | Merge branch '2.7' into 2.8v2.8.13Fabien Potencier2016-10-052-1/+12
|\ \ | |/ | | | | | | | | | | | | * 2.7: [HttpFoundation] JSONP callback validation [Console] Improved the explanation of the hasOption() method add missing use statement bug #18042 [Security] $attributes can be anything, but RoleVoter assumes strings
| * bug #19725 [Security] $attributes can be anything, but RoleVoter assumes ↵v2.7.20Fabien Potencier2016-10-052-1/+12
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | strings (Jonatan Männchen) This PR was merged into the 2.7 branch. Discussion ---------- [Security] $attributes can be anything, but RoleVoter assumes strings | Q | A | ------------- | --- | Branch? | 2.7 | Bug fix? | yes | New feature? | no | BC breaks? | yes | Deprecations? | no | Tests pass? | yes | Fixed tickets | #18042 | License | MIT | Doc PR | reference to the documentation PR, if any Commits ------- ad3ac95 bug #18042 [Security] $attributes can be anything, but RoleVoter assumes strings
| | * bug #18042 [Security] $attributes can be anything, but RoleVoter assumes stringsJonatan Männchen2016-09-212-1/+12
| | |
* | | Merge branch '2.7' into 2.8v2.8.12Fabien Potencier2016-09-241-0/+71
|\ \ \ | |/ / | | | | | | | | | | | | | | | * 2.7: Fixed expectedException annotations Security and validators messages translation to Latvian [Form] FormView->isRendered() remove dead code and simplify the flow
| * | Security and validators messages translation to Latvianv2.7.19Rikijs Murgs2016-09-221-0/+71
| |/
* | Merge branch '2.7' into 2.8Fabien Potencier2016-09-121-2/+10
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | * 2.7: [travis/appveyor] Wire simple-phpunit [Console] fixed PHP7 Errors are now handled and converted to Exceptions Fix #19721 bumped Symfony version to 2.7.19 updated VERSION for 2.7.18 update CONTRIBUTORS for 2.7.18 updated CHANGELOG for 2.7.18 [Security] Optimize RoleHierarchy's buildRoleMap method
| * minor #19868 [Security] Optimize RoleHierarchy's buildRoleMap method (Enleur)v2.7.18Fabien Potencier2016-09-061-2/+10
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was squashed before being merged into the 2.7 branch (closes #19868). Discussion ---------- [Security] Optimize RoleHierarchy's buildRoleMap method | Q | A | ------------- | --- | Branch? | 2.7 | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | no | License | MIT | Doc PR | no I have an issue with a large role hierarchy(~150 roles). Optimized it a little bit ![image](https://cloud.githubusercontent.com/assets/858989/18271257/df6c4ba0-7439-11e6-8406-e13bdcefe9ca.png) Commits ------- c3b68b0 [Security] Optimize RoleHierarchy's buildRoleMap method
| | * [Security] Optimize RoleHierarchy's buildRoleMap methodEnleur2016-09-061-2/+10
| | |
| * | Minor fixesv2.7.16Vyacheslav Pavlov2016-07-301-2/+0
| | |
* | | [Security] Added note inside phpdoc.Konstantin Myakshin2016-09-061-0/+1
| | |
* | | Merge branch '2.7' into 2.8Nicolas Grekas2016-07-051-2/+0
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | * 2.7: removed @since Remove and change unrelevant comments in Validator and Security components. [Validator] UuidValidator must accept a Uuid constraint. [Validator] make UuidValidator class formatting consistent.
| * | removed @sinceFabien Potencier2016-07-041-2/+0
| | |
* | | Merge branch '2.7' into 2.8v2.8.8Fabien Potencier2016-06-295-5/+5
|\ \ \ | |/ / | | | | | | | | | | | | * 2.7: removed dots at the end of @param and @return fixed typo
| * | removed dots at the end of @param and @returnv2.7.15Fabien Potencier2016-06-285-5/+5
| | |
* | | security #18736 Fixed issue with blank password with Ldap (csarrazi)v2.8.7v2.8.6Fabien Potencier2016-05-092-1/+22
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- Fixed issue with blank password with Ldap | Q | A | ------------- | --- | Branch? | 1.8 | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Commits ------- c7d9c62 Fixed issue with blank password with Ldap
| * | | Fixed issue with blank password with LdapCharles Sarrazin2016-05-092-1/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The bind operation of LDAP, as described in RFC 4513, provides a method which allows for authentication of users. For the Simple Authentication Method a user may use the anonymous authentication mechanism, the unauthenticated authentication mechanism, or the name/password authentication mechanism. The unauthenticated authentication mechanism is used when a client who desires to establish an anonymous authorization state passes a non-zero length distinguished name and a zero length password. Most LDAP servers either can be configured to allow this mechanism or allow it by default. _Web-based applications which perform the simple bind operation with the client's credentials are at risk when an anonymous authorization state is established. This can occur when the web-based application passes a distinguished name and a zero length password to the LDAP server._ Thus, misconfiguring a server with simple bind can trick Symfony into thinking the username/password tuple as valid, potentially leading to unauthorized access.
* | | | Merge branch '2.7' into 2.8Fabien Potencier2016-05-092-0/+2
|\ \ \ \ | | |/ / | |/| | | | | | | | | | * 2.7: limited the maximum length of a submitted username
| * | | Merge branch '2.3' into 2.7v2.7.13Fabien Potencier2016-05-092-0/+2
| |\ \ \ | | | | | | | | | | | | | | | | | | | | * 2.3: limited the maximum length of a submitted username
| | * | | limited the maximum length of a submitted usernamev2.3.42v2.3.41origin/2.3Fabien Potencier2016-05-091-0/+1
| | | | |
* | | | | Merge branch '2.7' into 2.8Fabien Potencier2016-05-092-2/+2
|\ \ \ \ \ | |/ / / / | | | / / | |_|/ / |/| | | | | | | | | | | | | | | | | | | * 2.7: [2.3][Component/Security] Fixed phpdoc in AnonymousToken constructor for user param prevent calling get() for service_container service call get() after the container was compiled Fixed readme of OptionsResolver [DependencyInjection] Suggest ExpressionLanguage in composer.json
| * | | Merge branch '2.3' into 2.7Fabien Potencier2016-05-092-2/+2
| |\ \ \ | | |/ / | | | | | | | | | | | | | | | | | | | | * 2.3: [2.3][Component/Security] Fixed phpdoc in AnonymousToken constructor for user param call get() after the container was compiled Fixed readme of OptionsResolver
| | * | minor #18727 [2.3][Component/Security] Fixed phpdoc in AnonymousToken ↵Fabien Potencier2016-05-092-2/+2
| | |\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | constructor for user param (eriwin) This PR was squashed before being merged into the 2.3 branch (closes #18727). Discussion ---------- [2.3][Component/Security] Fixed phpdoc in AnonymousToken constructor for user param | Q | A | ------------- | --- | Branch? | 2.3 | Bug fix? | yes, phpdoc one | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - Updated phpdoc of AnonymousToken $user param from string to string|object since an object is allowed to in the parent AbstractToken: https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Core/Authentication/Token/AbstractToken.php#L91 Commits ------- b1c60b4 [2.3][Component/Security] Fixed phpdoc in AnonymousToken constructor for user param
| | | * | [2.3][Component/Security] Fixed phpdoc in AnonymousToken constructor for ↵Erik van Wingerden2016-05-092-2/+2
| | | | | | | | | | | | | | | | | | | | user param
* | | | | Merge branch '2.7' into 2.8Fabien Potencier2016-05-031-0/+4
|\ \ \ \ \ | |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: add @Event annotation for AuthenticationEvents add @Event annotation for KernelEvents bumped Symfony version to 2.7.13 updated VERSION for 2.7.12 update CONTRIBUTORS for 2.7.12 updated CHANGELOG for 2.7.12 bumped Symfony version to 2.3.41 updated VERSION for 2.3.40 update CONTRIBUTORS for 2.3.40 updated CHANGELOG for 2.3.40 Revert "minor #18257 [Routing] Don't needlessly execute strtr's as they are fairly expensive (arjenm)" Revert "fixed CS" [FrameworkBundle] Remove misleading comment bug #17460 [DI] fix ambiguous services schema
| * | | | Merge branch '2.3' into 2.7Fabien Potencier2016-05-031-0/+4
| |\ \ \ \ | | |/ / / | | | | / | | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | * 2.3: add @Event annotation for AuthenticationEvents bumped Symfony version to 2.3.41 updated VERSION for 2.3.40 update CONTRIBUTORS for 2.3.40 updated CHANGELOG for 2.3.40 bug #17460 [DI] fix ambiguous services schema
| | * | add @Event annotation for AuthenticationEventsDaniel Espendiller2016-05-031-0/+4
| | |/
* | | Merge branch '2.7' into 2.8Nicolas Grekas2016-03-071-12/+5
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: [HttpFoundation] Fix transient test [HttpFoundation] Add a dependency on the mbstring polyfill [2.7] update readme files for new components add readme files where missing fix lowest TwigBridge deps versions [EventDispatcher] fix syntax error Don't use reflections when possible Don't use reflections when possible [Form] Update form tests after the ICU data update [Intl] Update tests and the number formatter to match behaviour of the intl extension [Intl] Update the ICU data to version 55 [Intl] Fix the update-data.php script in preparation for ICU 5.5 [Process] Fix memory issue when using large input streams Use constant instead of function call. fixed test name automatically generate safe fallback filename [Console] default to stderr in the console helpers Conflicts: composer.json src/Symfony/Bridge/PhpUnit/README.md src/Symfony/Bridge/Twig/composer.json src/Symfony/Component/Console/Helper/DialogHelper.php src/Symfony/Component/Debug/DebugClassLoader.php src/Symfony/Component/HttpFoundation/composer.json src/Symfony/Component/Security/Acl/README.md src/Symfony/Component/Security/Core/README.md src/Symfony/Component/Security/Csrf/README.md src/Symfony/Component/Security/Http/README.md
| * | [2.7] update readme files for new componentsChristian Flothmann2016-03-071-12/+5
| | |
* | | Merge branch '2.7' into 2.8v2.8.3Fabien Potencier2016-02-261-0/+31
|\ \ \ | |/ / | | | | | | | | | * 2.7: [Security] added some tests
| * | [Security] added some testsv2.7.10Fabien Potencier2016-02-261-0/+31
| | |
* | | Merge branch '2.7' into 2.8Nicolas Grekas2016-02-221-2/+2
|\ \ \ | |/ / | | | | | | | | | * 2.7: Fix merge
| * | Fix mergeNicolas Grekas2016-02-221-2/+2
| | |
* | | Merge branch '2.7' into 2.8Fabien Potencier2016-01-251-1/+1
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: fixed undefined variable Fixed the phpDoc of UserInterface fixed APCu dep version make apc class loader testable against apcu without apc bc layer Added support for the `0.0.0.0/0` trusted proxy [DoctrineBridge][Validator] >= 2.3 Pass association instead of ID as argument added missing constant Added 451 status code Remove unnecessary code Allow absolute URLs to be displayed in the debug toolbar [ClassLoader] Use symfony/polyfill-apcu [HttpKernel] Lookup the response even if the lock was released after 2 seconds
| * | Merge branch '2.3' into 2.7Fabien Potencier2016-01-251-1/+1
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: fixed undefined variable Fixed the phpDoc of UserInterface fixed APCu dep version Added support for the `0.0.0.0/0` trusted proxy [DoctrineBridge][Validator] >= 2.3 Pass association instead of ID as argument [HttpKernel] Lookup the response even if the lock was released after 2 seconds
| | * Fixed the phpDoc of UserInterfaceJavier Eguiluz2016-01-251-1/+1
| | |
* | | Merge branch '2.7' into 2.8Fabien Potencier2016-01-251-0/+4
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: fixed test [Request] Ignore invalid IP addresses sent by proxies Throw for missing container extensions [TwigBridge] add missing unit tests (AppVariable) Able to load big xml files with DomCrawler fixed typo [Form] Fix constraints could be null if not set [Finder] Check PHP version before applying a workaround for a PHP bug fixed CS add defaultNull to version sort bundles in config:dump-reference command Fixer findings. [Translation][Writer] avoid calling setBackup if the dumper is not an instance of FileDumper. [FrameworkBundle] Compute the kernel root hash only one time
| * | Merge branch '2.3' into 2.7Fabien Potencier2016-01-251-0/+4
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: [Request] Ignore invalid IP addresses sent by proxies Able to load big xml files with DomCrawler fixed typo [Form] Fix constraints could be null if not set [Finder] Check PHP version before applying a workaround for a PHP bug fixed CS sort bundles in config:dump-reference command Fixer findings.
* | | fixed CSFabien Potencier2016-01-211-1/+0
| | |
* | | Merge branch '2.7' into 2.8Fabien Potencier2016-01-201-1/+1
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: (28 commits) [Process] Use stream based storage to avoid memory issues Fix upgrade guides concerning erroneous removal of assets helper [Process] Remove a misleading comment Fix markdown typo ChooseBaseUrl should return an index [Form] ChoiceType: Fix a notice when 'choices' normalizer is replaced Improve the phpdoc of SplFileInfo methods [Process] Use stream based storage to avoid memory issues [FrameworkBundle] Don't log twice with the error handler Remove useless is_object condition [Process] Fix typo, no arguments needed anymore [Serializer] Introduce constants for context keys Fixed the documentation of VoterInterface::supportsAttribute Fixed Bootstrap form theme form "reset" buttons Remove useless duplicated tests [FrameworkBundle] Optimize framework extension tests synchronize 2.7 and 3.0 upgrade files fix merge 2.3 into 2.7 for SecureRandom dependency Use is_subclass_of instead of reflection Use is_subclass_of instead of Reflection when possible ...
| * | Merge branch '2.3' into 2.7Fabien Potencier2016-01-201-1/+1
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: [Process] Remove a misleading comment Improve the phpdoc of SplFileInfo methods [Process] Use stream based storage to avoid memory issues Fixed the documentation of VoterInterface::supportsAttribute Remove useless duplicated tests [FrameworkBundle] Optimize framework extension tests Use is_subclass_of instead of Reflection when possible
| | * Fixed the documentation of VoterInterface::supportsAttributeJavier Eguiluz2016-01-181-1/+1
| | |
* | | Merge branch '2.7' into 2.8v2.8.2Fabien Potencier2016-01-141-161/+0
|\ \ \ | |/ / | | | | | | | | | | | | | | | * 2.7: added missing requirement removed obsolete tests, fixed composer.json do not ship with a custom rng implementation
| * | added missing requirementv2.7.9Fabien Potencier2016-01-141-1/+2
| | |
| * | Merge branch '2.3' into 2.7Fabien Potencier2016-01-142-289/+1
| |\ \ | | |/ | | | | | | | | | | | | * 2.3: removed obsolete tests, fixed composer.json do not ship with a custom rng implementation
| | * do not ship with a custom rng implementationChristian Flothmann2016-01-141-90/+1
| | |
* | | Merge branch '2.7' into 2.8Fabien Potencier2016-01-031-1/+1
|\ \ \ | |/ / | | | | | | | | | | | | | | | * 2.7: updated copyright year Update copyright year [2.3] Static Code Analysis for Components
| * | updated copyright yearFabien Potencier2016-01-031-1/+1
| | |
* | | Merge branch '2.7' into 2.8v2.8.1Fabien Potencier2015-12-261-9/+0
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: [2.7] Fixed flatten exception recursion with errors Embedded identifier support Also transform inline mappings to objects Change the ExtensionInterface load method definition to bo identical to the documentation. add and correct armenian translations [Config] Fix array sort on normalization in edge case [Security] Run tests on all PHP versions [Serializer] Make metadata interfaces internal [Yaml] fix indented line handling in folded blocks improve BrowserKit test coverage p1
| * | [Security] Run tests on all PHP versionsv2.7.8Jakub Zalas2015-12-231-9/+0
| | | | | | | | | | | | Symfony 2.7 supports PHP >= 5.3.9
* | | Merge branch '2.7' into 2.8Nicolas Grekas2015-12-221-0/+9
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | * 2.7: Clean EOL whitespace [travis] Fix [Routing] Reduce memory usage of a high consuming test case use requires annotation skip bcrypt tests on incompatible platforms
| * | Merge branch '2.3' into 2.7Nicolas Grekas2015-12-221-0/+9
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Clean EOL whitespace [travis] Fix [Routing] Reduce memory usage of a high consuming test case use requires annotation skip bcrypt tests on incompatible platforms Conflicts: .travis.yml
* | | Merge branch '2.7' into 2.8Nicolas Grekas2015-12-223-3/+7
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: [SecurityBundle] Removing test insulations for a huge perf win [Validator] Use the new interface in the README [Filesystem] fix tests on 2.3 [Filesystem] Recursivly widen non-executable directories [Form] fix #15544 when a collection type attribute "required" is false, "prototype" should too updated validators.bg.xlf [Security] Enable bcrypt validation and result length tests on all PHP versions [Security] Verify if a password encoded with bcrypt is no longer than 72 characters [Console] Avoid extra blank lines when rendering exceptions [Console][Table] fixed render row with multiple cells. [Yaml] do not remove "comments" in scalar blocks Conflicts: src/Symfony/Component/Console/Application.php src/Symfony/Component/Console/Tests/Fixtures/application_renderexception1.txt src/Symfony/Component/Console/Tests/Fixtures/application_renderexception2.txt src/Symfony/Component/Console/Tests/Fixtures/application_renderexception4.txt src/Symfony/Component/Form/Extension/Core/Type/CollectionType.php src/Symfony/Component/Form/Tests/Extension/Core/Type/CollectionTypeTest.php src/Symfony/Component/Yaml/Tests/ParserTest.php
| * | Merge branch '2.3' into 2.7Fabien Potencier2015-12-183-3/+7
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: [Form] fix #15544 when a collection type attribute "required" is false, "prototype" should too updated validators.bg.xlf [Security] Enable bcrypt validation and result length tests on all PHP versions [Security] Verify if a password encoded with bcrypt is no longer than 72 characters [Console] Avoid extra blank lines when rendering exceptions [Yaml] do not remove "comments" in scalar blocks
| | * [Security] Verify if a password encoded with bcrypt is no longer than 72 ↵Jakub Zalas2015-12-172-1/+3
| | | | | | | | | | | | characters
* | | [Security] Fix a Polyfill import statement in StringUtilsBaptiste Lafontaine2015-12-081-1/+1
| | |
* | | Merge branch '2.7' into 2.8Christophe Coevoet2015-12-051-1/+1
|\ \ \ | |/ / | | | | | | | | | | | | | | | * 2.7: [Process] Fix stopping a process on Windows Added a test case for the Logger class. CS: general fixes
| * | Merge branch '2.3' into 2.7Christophe Coevoet2015-12-051-1/+1
| |\ \ | | |/ | | | | | | | | | | | | | | | * 2.3: [Process] Fix stopping a process on Windows Added a test case for the Logger class. CS: general fixes
| | * CS: general fixesDariusz Ruminski2015-12-011-1/+1
| | |
* | | add subject variable to expression contextv2.8.0Christian Flothmann2015-11-301-0/+1
| | |
* | | [Bridge/Doctrine+Ldap] Fix testsNicolas Grekas2015-11-292-0/+6
| | |
* | | feature #16735 [WIP] [Ldap] Marked the Ldap component as internal (csarrazi)Fabien Potencier2015-11-292-2/+2
|\ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- [WIP] [Ldap] Marked the Ldap component as internal | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | yes | Deprecations? | no | Tests pass? | no | Fixed tickets | no | License | MIT | Doc PR | not yet As mentioned earlier, the LDAP component suffers from a few problems, addressed in PR #15994 However, as raised by @Tobion, the component does not yet have tests (they can be added at a later time, though), and is not considered stable yet. Commits ------- 3f89b2c Marked the Ldap component as internal and removed Ldap constants polyfill
| * | | Marked the Ldap component as internal and removed Ldap constants polyfillCharles Sarrazin2015-11-282-2/+2
| | | |
* | | | [SecurityBundle] Fix disabling of RoleHierarchyVoter when passing empty ↵WouterJ2015-11-281-0/+15
|/ / / | | | | | | | | | hierarchy
* | | [Security] Deprecate "AbstractVoter" in favor of "Voter"Grégoire Pineau2015-11-242-0/+155
| | |
* | | [Security] Revert changes made between 2.7 and 2.8-betaNicolas Grekas2015-11-243-149/+41
| | |
* | | Merge branch '2.7' into 2.8Nicolas Grekas2015-11-181-1/+2
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: Fix undefined array $server Fix bug in windows detection [ProxyManager] Tmp fix composer reqs issue in ZF Add missing exclusions from phpunit.xml.dist [Serializer] ObjectNormalizer: don't serialize static methods and props Fix the server variables in the router_*.php files [Validator] Allow an empty path with a non empty fragment or a query The following change adds support for Armenian pluralization. [2.3][Process] fix Proccess run with pts enabled Conflicts: composer.json src/Symfony/Bridge/ProxyManager/composer.json src/Symfony/Component/Security/phpunit.xml.dist
| * | Merge branch '2.3' into 2.7Nicolas Grekas2015-11-181-1/+2
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: Fix undefined array $server [ProxyManager] Tmp fix composer reqs issue in ZF Add missing exclusions from phpunit.xml.dist Fix the server variables in the router_*.php files [Validator] Allow an empty path with a non empty fragment or a query The following change adds support for Armenian pluralization. [2.3][Process] fix Proccess run with pts enabled Conflicts: composer.json src/Symfony/Bridge/ProxyManager/composer.json src/Symfony/Bundle/DebugBundle/phpunit.xml.dist src/Symfony/Component/Security/phpunit.xml.dist
* | | Renamed key to secretv2.8.0-BETA1WouterJ2015-11-071-5/+5
| | |
* | | [Security\Core] Deprecate passing $salt to ↵Nicolas Grekas2015-11-041-0/+2
| | | | | | | | | | | | BCryptPasswordEncoder::encodePassword()
* | | Merge branch '2.7' into 2.8Nicolas Grekas2015-11-031-2/+1
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: [Security][2.7] Clean deps [HttpKernel] Fix time-sensitive test case [travis] Fail early when an invalid composer.json is found Conflicts: src/Symfony/Component/Security/Core/composer.json src/Symfony/Component/Security/composer.json
| * | [Security][2.7] Clean depsNicolas Grekas2015-11-031-2/+1
| | |
* | | Merge branch '2.7' into 2.8Fabien Potencier2015-11-022-52/+0
|\ \ \ | |/ / | | | | | | | | | | | | | | | * 2.7: removed @covers annotations in tests removed all @covers annotations [PropertyAccess] Major performance improvement
| * | removed @covers annotations in testsFabien Potencier2015-11-021-3/+0
| | |
| * | Merge branch '2.3' into 2.7Fabien Potencier2015-11-022-49/+0
| |\ \ | | |/ | | | | | | | | | | | | * 2.3: removed all @covers annotations [PropertyAccess] Major performance improvement
* | | Merge branch '2.7' into 2.8Fabien Potencier2015-10-301-1/+4
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | * 2.7: added the new Composer exclude-from-classmap option added the new Composer exclude-from-classmap option fix expected argument type docblock Set back libxml settings after testings. fixed Twig deprecation notices
| * | added the new Composer exclude-from-classmap optionFabien Potencier2015-10-301-1/+4
| | |
| * | Merge branch '2.3' into 2.7Nicolas Grekas2015-10-111-4/+0
| |\ \ | | |/ | | | | | | | | | | | | * 2.3: [ci] SymfonyTestsListener is now auto-registered adds validation messages missing italian translations
* | | Add the PHP 7 polyfill for the random_bytes functionPierre du Plessis2015-10-281-0/+1
| | |
* | | Rely on iconv and symfony/polyfill-*Nicolas Grekas2015-10-286-69/+18
| | |
* | | Added UserLoaderInterface for loading users through Doctrine.Michal Trojanowski2015-10-161-2/+0
| | |
* | | [PhpUnit] Auto-register SymfonyTestsListenerNicolas Grekas2015-10-111-4/+0
| | |
* | | Merge branch '2.7' into 2.8Nicolas Grekas2015-10-102-1/+4
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: [tests] Use @requires annotation when possible [tests] Use @requires annotation when possible [ci] Enable collecting and replaying skipped tests [Process] Workaround buggy PHP warning [Console] Add additional ways to detect OS400 platform [Yaml] Allow tabs before comments at the end of a line Added more tests for PropertyAccess Conflicts: .travis.yml src/Symfony/Bridge/Doctrine/composer.json src/Symfony/Bridge/Monolog/composer.json src/Symfony/Bridge/ProxyManager/composer.json src/Symfony/Bridge/Swiftmailer/composer.json src/Symfony/Bridge/Twig/composer.json src/Symfony/Bundle/DebugBundle/composer.json src/Symfony/Bundle/FrameworkBundle/composer.json src/Symfony/Bundle/SecurityBundle/composer.json src/Symfony/Bundle/TwigBundle/composer.json src/Symfony/Bundle/WebProfilerBundle/composer.json src/Symfony/Component/Asset/composer.json src/Symfony/Component/BrowserKit/composer.json src/Symfony/Component/ClassLoader/composer.json src/Symfony/Component/Config/composer.json src/Symfony/Component/Console/composer.json src/Symfony/Component/CssSelector/composer.json src/Symfony/Component/Debug/composer.json src/Symfony/Component/DependencyInjection/composer.json src/Symfony/Component/DomCrawler/composer.json src/Symfony/Component/EventDispatcher/composer.json src/Symfony/Component/ExpressionLanguage/composer.json src/Symfony/Component/Filesystem/composer.json src/Symfony/Component/Finder/composer.json src/Symfony/Component/Form/composer.json src/Symfony/Component/HttpFoundation/composer.json src/Symfony/Component/HttpKernel/composer.json src/Symfony/Component/Intl/composer.json src/Symfony/Component/Locale/composer.json src/Symfony/Component/OptionsResolver/composer.json src/Symfony/Component/Process/composer.json src/Symfony/Component/PropertyAccess/composer.json src/Symfony/Component/Routing/composer.json src/Symfony/Component/Security/Acl/composer.json src/Symfony/Component/Security/Core/composer.json src/Symfony/Component/Security/Csrf/composer.json src/Symfony/Component/Security/Http/composer.json src/Symfony/Component/Security/composer.json src/Symfony/Component/Serializer/composer.json src/Symfony/Component/Stopwatch/composer.json src/Symfony/Component/Templating/composer.json src/Symfony/Component/Translation/Tests/Dumper/IcuResFileDumperTest.php src/Symfony/Component/Translation/composer.json src/Symfony/Component/Validator/composer.json src/Symfony/Component/VarDumper/composer.json src/Symfony/Component/Yaml/composer.json
| * | Merge branch '2.3' into 2.7Nicolas Grekas2015-10-102-1/+4
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.3: [tests] Use @requires annotation when possible [ci] Enable collecting and replaying skipped tests [Process] Workaround buggy PHP warning [Console] Add additional ways to detect OS400 platform [Yaml] Allow tabs before comments at the end of a line Conflicts: composer.json src/Symfony/Bridge/Doctrine/Tests/Logger/DbalLoggerTest.php src/Symfony/Bridge/Monolog/composer.json src/Symfony/Bridge/Twig/composer.json src/Symfony/Bundle/FrameworkBundle/composer.json src/Symfony/Bundle/SecurityBundle/composer.json src/Symfony/Component/Asset/composer.json src/Symfony/Component/ClassLoader/Tests/LegacyApcUniversalClassLoaderTest.php src/Symfony/Component/Console/composer.json src/Symfony/Component/Debug/composer.json src/Symfony/Component/DomCrawler/composer.json src/Symfony/Component/EventDispatcher/composer.json src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/PdoSessionHandlerTest.php src/Symfony/Component/HttpFoundation/composer.json src/Symfony/Component/Intl/composer.json src/Symfony/Component/Routing/composer.json src/Symfony/Component/Security/composer.json src/Symfony/Component/Serializer/composer.json src/Symfony/Component/Templating/composer.json src/Symfony/Component/Translation/composer.json src/Symfony/Component/Validator/composer.json
| | * [FrameworkBundle] [Security] Remove trans from the security/core in 2.3 & ↵maxime.steinhausser2015-10-062-142/+0
| | | | | | | | | | | | dir loading
* | | cs fixNicolas Grekas2015-10-071-1/+1
| | |
* | | Deprecate the SecureRandom classPierre du Plessis2015-10-064-141/+21
| | |
* | | Merge branch '2.7' into 2.8Nicolas Grekas2015-10-062-7/+7
|\ \ \ | |/ / | | | | | | | | | | | | | | | Conflicts: src/Symfony/Component/Security/Http/Tests/RememberMe/PersistentTokenBasedRememberMeServicesTest.php src/Symfony/Component/Security/Http/Tests/RememberMe/TokenBasedRememberMeServicesTest.php src/Symfony/Component/Security/composer.json
| * | [Security] sync translations and add a test for itChristian Flothmann2015-10-061-6/+6
| | |
| * | Merge branch '2.3' into 2.7Nicolas Grekas2015-10-061-1/+1
| |\ \ | | |/ | | | | | | | | | | | | | | | Conflicts: src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php src/Symfony/Bundle/SecurityBundle/composer.json src/Symfony/Component/Process/Process.php
* | | Merge branch '2.7' into 2.8Fabien Potencier2015-10-052-17/+53
|\ \ \ | |/ / | | | | | | | | | | | | | | | | | | | | | | | | * 2.7: [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1] [ci] Use current PHP_BINARY when running ./phpunit Fixed typos [UPGRADE-3.0] fix bullet indentation Fix PropertyAccessor modifying array in object when array key does not exist [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
| * | Merge branch '2.3' into 2.7Fabien Potencier2015-10-052-17/+53
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | * 2.3: [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1] [ci] Use current PHP_BINARY when running ./phpunit Fixed typos [UPGRADE-3.0] fix bullet indentation [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
| | * bug #13627 [Security] InMemoryUserProvider now concerns whether user's ↵Fabien Potencier2015-10-051-11/+26
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | password is changed when refreshing (issei-m) This PR was merged into the 2.3 branch. Discussion ---------- [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - When a user has changed own password, I want to logout any sessions which is authenticated by its user except changer itself. [DaoAuthenticationManager::checkAuthentication()](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Core/Authentication/Provider/DaoAuthenticationProvider.php#L59) method seems to concern about it. But, this situation actually never happens because both users that will be passed to this method are always identical in re-authentication. It's because the token refreshes own user via [ContextListener](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Http/Firewall/ContextListener.php#L90) before re-authentication. Commits ------- 729902a [Security] InMemoryUserProvider now concerns whether user's password is changed when refreshing
| | | * [Security] InMemoryUserProvider now concerns whether user's password is ↵Issei.M2015-08-101-11/+26
| | | | | | | | | | | | | | | | changed when refreshing
* | | | feature #16102 Simplify AbstractVoter (Koc)Fabien Potencier2015-10-052-27/+8
|\ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.8 branch. Discussion ---------- Simplify AbstractVoter | Q | A | ------------- | --- | Bug fix? | no | New feature? | no, just simplification | BC breaks? | no, because 2.8 is not yet released | Deprecations? | no | Tests pass? | yes | Fixed tickets | - | License | MIT | Doc PR | - Commits ------- 93de659 Simplify AbstractVoter
| * | | | Simplify AbstractVoterKonstantin.Myakshin2015-10-042-27/+8
| | | | |
* | | | | Updated PHPDoc of the AbstractVoter classKonstantin Myakshin2015-10-021-5/+2
|/ / / /
* | | | [Security] Configuring a user checker per firewallIltar van der Berg2015-10-021-2/+9
| | | |
* | | | [Ldap] add some missing license file headersChristian Flothmann2015-09-282-0/+18
| | | |
generated by cgit v1.1 at 2025-05-14 18:31:00 +0000