summaryrefslogtreecommitdiffstats
path: root/Tests/Http
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch '2.3' into 2.7v2.7.13Fabien Potencier2016-05-091-0/+78
|\ | | | | | | | | * 2.3: limited the maximum length of a submitted username
| * limited the maximum length of a submitted usernamev2.3.42v2.3.41origin/2.3Fabien Potencier2016-05-091-0/+78
| |
| * remove unused variablev2.3.40Christian Flothmann2016-04-051-1/+0
| |
| * [Security] Fixed SwitchUserListener when exiting an impersonication with ↵Grégoire Pineau2016-04-041-0/+48
| | | | | | | | | | | | | | | | | | | | AnonymousToken If you configure a firewall with switch user with `role: IS_AUTHENTICATED_ANONYMOUSLY` it's impossible to exit the impersonation because the next line `$this->provider->refreshUser($original->getUser())` will fail. It fails because `RefreshUser` expects an instance of `UserInterface` and here it's a string. Therefore, it does not make sense to refresh an Anonymous Token, right ?
| * fix mocksChristian Flothmann2016-03-251-1/+1
| | | | | | | | | | * fix a typo in a method name (`setResponse` instead of `seetResopnse`) * fix mocking a method that is not part of the `DomainObjectInterface`
| * [appveyor] Fix failure reportingNicolas Grekas2016-02-011-0/+9
| |
| * Static code analysisKonstantin.Myakshin2016-01-252-3/+2
| |
| * migrate session after remember me authenticationChristian Flothmann2015-11-231-0/+63
| |
| * [Routing] use constants in testsv2.3.34Tobias Schultze2015-10-181-1/+2
| |
| * [2.3][SECURITY] Add remember me cookie configurationKlaas Cuvelier2015-10-063-24/+0
| |
| * bug #14842 [Security][bugfix] "Remember me" cookie cleared on logout with ↵Fabien Potencier2015-10-053-5/+49
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | custom "secure"/"httponly" config options [1] (MacDada) This PR was squashed before being merged into the 2.3 branch (closes #14842). Discussion ---------- [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1] | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #14822 | License | MIT | Doc PR | ~ * test now always pass "secure" and "httponly" options, as they are required * could be considered BC, but [`RememberMeFactory` passes them](https://github.com/symfony/symfony/blob/2.3/src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/RememberMeFactory.php#L21), so they should've always been treated as required * I can squash the commits before merging * Alternative solution: #14843 Commits ------- 18b1c6a [Security][bugfix] "Remember me" cookie cleared on logout with custom "secure"/"httponly" config options [1]
| | * [Security][bugfix] "Remember me" cookie cleared on logout with custom ↵Dawid Nowak2015-10-053-5/+49
| | | | | | | | | | | | "secure"/"httponly" config options [1]
| * | trigger event with right user (add test)v2.3.31Christian Flothmann2015-06-281-0/+52
| | |
| * | Standardize the name of the exception variablesJavier Eguiluz2015-06-151-1/+1
| |/
| * minor #14670 [Security] TokenBasedRememberMeServices test to show why ↵v2.3.30v2.3.29Fabien Potencier2015-05-211-3/+16
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | encoding username is required (MacDada) This PR was squashed before being merged into the 2.3 branch (closes #14670). Discussion ---------- [Security] TokenBasedRememberMeServices test to show why encoding username is required | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #14577 | License | MIT | Doc PR | no 241538d shows that it's not actually tested, 257b796 reimplements it with test. I can remove the POC commit if it's not needed. Commits ------- 63a9736 [Security] TokenBasedRememberMeServices test to show why encoding username is required
| | * [Security] TokenBasedRememberMeServices test to show why encoding username ↵Dawid Nowak2015-05-211-3/+16
| | | | | | | | | | | | is required
| * | [Security] AbstractRememberMeServices::encodeCookie() validates cookie partsDawid Nowak2015-05-211-0/+34
| |/
| * Fix tests in HHVMDiego Saint Esteben2015-05-111-1/+1
| |
| * CS: Binary operators should be arounded by at least one spaceDariusz Ruminski2015-03-271-2/+2
| |
| * minor #13862 [2.3] [Config] [Console] [DependencyInjection] [DomCrawler] ↵Fabien Potencier2015-03-071-3/+3
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [Form] [HttpKernel] [PropertyAccess] [Security] [Translation] [Yaml] static code analysis, code cleanup (kalessil) This PR was squashed before being merged into the 2.3 branch (closes #13862). Discussion ---------- [2.3] [Config] [Console] [DependencyInjection] [DomCrawler] [Form] [HttpKernel] [PropertyAccess] [Security] [Translation] [Yaml] static code analysis, code cleanup | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Split <a href="https://github.com/symfony/symfony/pull/13813">PR 13813</a>: part 1 - targeting v2.3 Following is included (no functional changes, found with <a href="https://plugins.jetbrains.com/plugin/7622?pr=phpStorm">Php Inspections (EA Extended)</a>): - Fixed couple of concatenation as array index warnings - Unset calls can be merged inspection fixes - array_search in in_array context inspection fixes - Is null usage inspection fixes - Prefixed increment/decrement inspection fixes - Elvis operator can be used inspection fixes - Alias functions usage inspection fixes - Ternary operator simplification inspection fixes - _ _ DIR _ _ equivalent inspection fixes Commits ------- f13b5f7 [2.3] [Config] [Console] [DependencyInjection] [DomCrawler] [Form] [HttpKernel] [PropertyAccess] [Security] [Translation] [Yaml] static code analysis, code cleanup
| | * [2.3] [Config] [Console] [DependencyInjection] [DomCrawler] [Form] ↵Vladimir Reznichenko2015-03-071-3/+3
| | | | | | | | | | | | [HttpKernel] [PropertyAccess] [Security] [Translation] [Yaml] static code analysis, code cleanup
| * | CS fixesDariusz Ruminski2015-03-021-4/+4
| |/
| * [Security] Remove ContextListener's onKernelResponse listener as it is usedDave Marshall2015-02-051-3/+33
| |
| * [Security] Don't destroy the session on buggy php releases.v2.3.24Alexander M. Turek2015-01-071-0/+17
| |
| * minor #13206 [2.3] Cleanup deprecations (nicolas-grekas)Fabien Potencier2015-01-0328-280/+0
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR was merged into the 2.3 branch. Discussion ---------- [2.3] Cleanup deprecations | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | let's see | Fixed tickets | - | License | MIT | Doc PR | - Commits ------- d649bef [2.3] Remove useless tests skips 1d68ad3 [2.3] Cleanup deprecations
| | * [2.3] Remove useless tests skipsNicolas Grekas2015-01-0328-280/+0
| | |
| * | adapted previous commit for 2.3Fabien Potencier2015-01-031-1/+0
| | |
| * | [Security] Don't send remember cookie for sub requestblanchonvincent2015-01-031-2/+20
| |/
| * Fix phpdoc and coding standardsChristophe Coevoet2014-12-294-4/+0
| | | | | | | | | | | | This removes the unused use statements which were not catched by PHP-CS-Fixer because of string occurences. It also fixes some invalid phpdoc (scalar is not recognized as a valid type for instance).
| * [Security] Delete old session on auth strategy migrateAlexander Schwenn2014-12-201-1/+1
| |
| * CS fixesGraham Campbell2014-12-032-2/+0
| |
| * PSR-2 fixesv2.3.23Graham Campbell2014-12-021-2/+2
| |
| * Remove aligned '=>' and '='Disquedur2014-10-264-8/+8
| |
| * fixed CSFabien Potencier2014-09-2212-46/+47
| |
| * Fixed incompatibility of x509 auth with nginxalcaeus2014-04-221-18/+33
| |
| * fixed various inconsistenciesv2.3.10Fabien Potencier2014-02-114-33/+33
| |
| * fixes PSR-0 issues in testsFabien Potencier2013-12-302-2/+2
| |
| * [Security] removed obsolete commentFabien Potencier2013-12-291-1/+0
| |
* | [Security] moved test files into the right placeFabien Potencier2015-01-081-184/+0
| |
* | [Security] simplified some unit testsFabien Potencier2013-12-291-7/+1
| |
* | Merge branch '2.3' into 2.4Fabien Potencier2013-12-291-0/+190
|\ \ | |/ | | | | | | | | | | | | | | | | | | * 2.3: [Security] made code easier to understand, added some missing unit tests [DependencyInjection] fixed InlineServiceDefinitionsPass to not inline a service if it's part of the current definition (to avoid an infinite loop) [DomCrawler] Fixed creating form objects from form nodes. disabled php.ini changes when using HHVM in .travis.yml [Process] fixed HHVM support Add support for HHVM in the getting of the PHP executable [Security] fixed error 500 instead of 403 if previous exception is provided to AccessDeniedException
| * [Security] made code easier to understand, added some missing unit testsFabien Potencier2013-12-291-0/+190
| |
| * Merge branch '2.2' into 2.3v2.3.8Fabien Potencier2013-11-252-2/+2
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.2: fixed some typos fixed @expectedException class names Conflicts: src/Symfony/Component/Config/Tests/Definition/ArrayNodeTest.php src/Symfony/Component/Console/Tests/Command/CommandTest.php src/Symfony/Component/Locale/Tests/Stub/StubLocaleTest.php src/Symfony/Component/Locale/Tests/Stub/StubNumberFormatterTest.php
| | * fixed @expectedException class namesv2.2.11Fabien Potencier2013-11-252-2/+2
| | |
| * | Merge branch '2.2' into 2.3Fabien Potencier2013-09-191-1/+0
| |\ \ | | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.2: Fix some annotates [FrameworkBundle] made sure that the debug event dispatcher is used everywhere [HttpKernel] remove unneeded strtoupper updated the composer install command to reflect changes in Composer Conflicts: src/Symfony/Component/Console/Application.php src/Symfony/Component/Console/Command/Command.php src/Symfony/Component/Console/Input/InputDefinition.php src/Symfony/Component/CssSelector/Node/CombinedSelectorNode.php src/Symfony/Component/Form/Form.php src/Symfony/Component/HttpKernel/Debug/ErrorHandler.php src/Symfony/Component/HttpKernel/DependencyInjection/RegisterListenersPass.php src/Symfony/Component/HttpKernel/Tests/DependencyInjection/RegisterListenersPassTest.php src/Symfony/Component/Locale/Locale.php src/Symfony/Component/Locale/README.md src/Symfony/Component/Locale/Stub/DateFormat/FullTransformer.php
| | * Fix some annotatesbronze1man2013-09-191-1/+0
| | |
* | | [Security] Split the component into 3 sub-components Core, ACL, HTTPBernhard Schussek2013-09-1829-4384/+0
| | |
* | | [Security] Keep other query string parameters when switching usersLars Vierbergen2013-08-271-0/+35
| | |
* | | Fixed typosPascal Borreli2013-08-242-2/+2
| | |
* | | removed deps checks in unit testsFabien Potencier2013-08-1928-276/+0
| | | | | | | | | | | | | | | | | | | | | | | | As Composer is now widely used in the PHP world, having to run composer install before running the test suite is expected. This also has the nice benefit of removing a bunch of code, making things easier to maintain (there is only one place to declare a dev dependency), and probably more.
* | | [HttpKernel] added $event->isMasterRequest()Kris Wallsmith2013-08-081-2/+2
|/ /
* | Merge branch '2.2' into 2.3Fabien Potencier2013-07-203-2/+436
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | * 2.2: [PropertyAccess] added moves to pluralMap [Security] fixed issue where authentication listeners clear unrelated tokens fix issue #8499 modelChoiceList call getPrimaryKey on a non object [DependencyInjection] Add exception for service name not dumpable in PHP Conflicts: src/Symfony/Component/DependencyInjection/Dumper/PhpDumper.php src/Symfony/Component/DependencyInjection/Tests/Dumper/PhpDumperTest.php src/Symfony/Component/Security/Tests/Http/Firewall/BasicAuthenticationListenerTest.php
| * [Security] fixed issue where authentication listeners clear unrelated tokensalcaeus2013-07-193-2/+436
| | | | | | | | | | This commit fixes an issue where authentication listeners clear all security tokens in case of authentication failure. This behavior makes it impossible to combine certain authentication mechanisms, notably x509 with form-based login.
* | [Security] Added few new test cases for the HttpUtils and improved ↵v2.3.1Jakub Zalas2013-06-021-18/+127
| | | | | | | | readability of existing tests.
* | [Security] Added tests for the SwitchUserListener.Jakub Zalas2013-06-021-0/+175
| |
* | [Security] Added tests for the ContextListener.Jakub Zalas2013-06-021-7/+75
| |
* | [Security] Added a test to the BasicAuthenticationListener.Jakub Zalas2013-06-021-0/+14
| |
* | [Security] Removed an unnecessary call to sprintf() and added a test case.Jakub Zalas2013-06-021-0/+17
| |
* | [Security] Fixed the check if an interface exists.Jakub Zalas2013-05-261-1/+1
| |
* | [Security] Added tests for the DefaultLogoutSuccessHandler.Jakub Zalas2013-05-253-2/+48
| |
* | [Security] Added tests for the DefaultAuthenticationSuccessHandler.Jakub Zalas2013-05-241-0/+173
| |
* | [Security] Added tests for the DefaultAuthenticationFailureHandler.Jakub Zalas2013-05-241-0/+182
| |
* | [Security] Added tests for the remember me ReponseListener.Jakub Zalas2013-05-241-0/+92
| |
* | [Security] Added tests for the SessionAuthenticationStrategy.Jakub Zalas2013-05-241-0/+80
| |
* | [Security] Added tests for the AccessMap.Jakub Zalas2013-05-241-0/+58
| |
* | [CS Fix] Consistent coding-style of concatenation operator usageDariusz Górecki2013-04-021-6/+6
| |
* | [Security] Return 401 when using use_forward for form authenticationGunnar Lium2013-03-231-2/+5
|/
* Merge branch '2.1' into 2.2Fabien Potencier2013-03-191-4/+4
|\ | | | | | | | | | | | | | | | | * 2.1: Add a public modifier to an interface method [HttpRequest] fixes Request::getLanguages() bug [HttpCache] added a test (cached content should be kept after purging) [DoctrineBridge] Fixed non-utf-8 recognition [Security] fixed HttpUtils class tests
| * [Security] fixed HttpUtils class testsJean-François Simon2013-03-151-4/+4
| |
* | Merge branch '2.1' into 2.2Fabien Potencier2013-03-151-2/+14
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.1: sub-requests are now created with the same class as their parent [FrameworkBundle] removed BC break [FrameworkBundle] changed temp kernel name in cache:clear [DoctrineBridge] Avoids blob values to be logged by doctrine [Security] use current request attributes to generate redirect url? [Validator] fix showing wrong max file size for upload errors [TwigBridge] removed double var initialization (refs #7344) [2.1][TwigBridge] Fixes Issue #7342 in TwigBridge [FrameworkBundle] fixed cahe:clear command's warmup [TwigBridge] now enter/leave scope on Twig_Node_Module [TwigBridge] fixed fixed scope & trans_default_domain node visitor [TwigBridge] fixed non probant tests & added new one [BrowserKit] added ability to ignored malformed set-cookie header [Translation] removed wriong 'use' [Translation] added xliff loader/dumper with resname support [TwigBridge] fixes Conflicts: src/Symfony/Bundle/FrameworkBundle/HttpKernel.php src/Symfony/Component/Security/Http/HttpUtils.php src/Symfony/Component/Translation/Loader/XliffFileLoader.php src/Symfony/Component/Translation/Tests/Loader/XliffFileLoaderTest.php
| * [Security] use current request attributes to generate redirect url?Jean-François Simon2013-03-131-2/+14
| |
* | Merge branch '2.1' into 2.2Fabien Potencier2013-02-111-0/+19
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | * 2.1: added support for the X-Forwarded-For header (closes #6982, closes #7000) fixed the IP address in HttpCache when calling the backend [EventDispatcher] Added assertion. [EventDispathcer] Fix removeListener [DependencyInjection] Add clone for resources which were introduced in 2.1 [DependencyInjection] Allow frozen containers to be dumped to graphviz Fix 'undefined index' error, when entering scope recursively [Security] fixed session creation on login (closes #7011) Add dot character `.` to legal mime subtype regular expression [HttpFoundation] fixed the creation of sub-requests under some circumstancies (closes #6923, closes #6936)
| * [Security] fixed session creation on login (closes #7011)Adrien Samson2013-02-071-0/+19
| |
* | Merge branch '2.1' into 2.2Fabien Potencier2013-02-071-28/+30
|\ \ | |/ | | | | | | | | | | * 2.1: [HttpKernel] fixed the creation of the Profiler directory [Security] fixed session creation when none is needed (closes #6917) [FrameworkBundle] removed obsolete comment (see 2e356c1)
| * [Security] fixed session creation when none is needed (closes #6917)Fabien Potencier2013-02-041-28/+30
| |
* | Remove use of deprecated HttpKernel LoggerInterfaceJordi Boggiano2013-01-091-1/+1
| |
* | Fixed @expectedException definitions to reference absolute exception pathsBernhard Schussek2013-01-052-3/+3
| |
* | Merge branch '2.1'Fabien Potencier2013-01-041-1/+1
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.1: (24 commits) updated license year Update src/Symfony/Component/HttpFoundation/Response.php [Form] Fixed inheritance of "error_bubbling" in RepeatedType [Form] Fixed DateType when used with the intl extension disabled. [HttpFoundation] fix return types and handling of zero in Response [HttpFoundation] better fix for non-parseable Expires header date Fixed missing plural message in portuguese validator Fix Expires when the header is -1 [DoctrineBridge] Allowing memcache port to be 0 to support memcache unix domain sockets. [Console] fixed unitialized properties (closes #5935) [Process] Prevented test from failing when pcntl extension is not enabled. Revert "[DoctrineBridge] Improved performance of the EntityType when used with the "query_builder" option" [Form] Fixed failing tests for DateTimeToStringTransformer. [Locale] Fixed the StubLocaleTest for ICU versions lower than 4.8. [Bundle] [FrameworkBundle] fixed typo in phpdoc of the SessionListener. [Form] Fixed test regression introduced in #6440 [Tests] Fix namespaces Fixed php doc of GenericEvent::__construct HttpUtils must handle RequestMatcher too use preferred_choices in favor of preferred_query ... Conflicts: src/Symfony/Bridge/Propel1/Form/ChoiceList/ModelChoiceList.php
| * [Tests] Fix namespacesFran Moreno2012-12-271-1/+1
| |
* | Merge branch '2.1'Fabien Potencier2012-12-111-0/+5
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * 2.1: fixed CS fixed CS [Security] fixed path info encoding (closes #6040, closes #5695) [HttpFoundation] added some tests for the previous merge and removed dead code (closes #6037) Improved Cache-Control header when no-cache is sent removed unneeded comment Fix to allow null values in labels array fix date in changelog removed the Travis icon (as this is not stable enough -- many false positive, closes #6186) Revert "merged branch gajdaw/finder_splfileinfo_fpassthu (PR #4751)" (closes #6224) Fixed a typo Fixed: HeaderBag::parseCacheControl() not parsing quoted zero correctly [Form] Fix const inside an anonymous function [Config] Loader::import must return imported data [DoctrineBridge] Fixed caching in DoctrineType when "choices" or "preferred_choices" is passed [Form] Fixed the default value of "format" in DateType to DateType::DEFAULT_FORMAT if "widget" is not "single_text" [HttpFoundation] fixed a small regression Conflicts: src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/MongoDbSessionHandlerTest.php
| * [Security] fixed path info encoding (closes #6040, closes #5695)Fabien Potencier2012-12-111-0/+5
| |
* | Merge branch '2.1'Fabien Potencier2012-12-061-0/+181
|\ \ | |/ | | | | | | | | | | | | | | | | | | | | | | | | * 2.1: [Locale] fixed tests [Config] Fixed tests on Windows [TwigBundle] Fixed tests [Security] Move DigestDataTest.php inside the Security component Fixed DefaultValue for session.auto_start in NodeDefinition Fix namespace of Validator and BrowserKit Tests Conflicts: src/Symfony/Bundle/TwigBundle/Tests/DependencyInjection/TwigExtensionTest.php src/Symfony/Bundle/TwigBundle/Tests/TwigEngineTest.php
| * [Security] Move DigestDataTest.php inside the Security componentFran Moreno2012-12-041-0/+181
| |
* | Try to make sure cookies get deleted from the TokenProvider when no longer ↵Terje Bråten2012-11-212-9/+9
| | | | | | | | in use
* | [Security] removed the 401 error custom status messageFabien Potencier2012-11-062-5/+0
| |
* | [Security] fixed tests when OpenSSL is not installedFabien Potencier2012-10-281-1/+1
| |
* | moved the secure random dep for remember me as a constructor argumentFabien Potencier2012-10-281-4/+1
| |
* | renamed Prng to SecureRandomFabien Potencier2012-10-281-2/+2
| |
* | moved the secure random class from JMSSecurityExtraBundle to Symfony (closes ↵Fabien Potencier2012-10-281-1/+5
|/ | | | #3595)
* [Security] fixed typo in a testFabien Potencier2012-08-311-1/+1
|
* merged 2.0Fabien Potencier2012-08-101-0/+43
|
* [Security] Extract default logout success handling logicAlexander2012-07-141-5/+7
|
* [Security] changed the HttpUtils constructor to tak both a UrlGenerator and ↵Fabien Potencier2012-06-261-23/+23
| | | | a UrlMatcher instead of a Router (to make it useable by Silex)
* fixed CS (missing or misplaced license blocks)Eriksen Costa2012-04-0211-0/+99
|
* updated license blocksEriksen Costa2012-03-316-18/+18
|
* moved component and bridge unit tests to the src/ directoryFabien Potencier2012-03-2919-0/+2815
This is the first step to make each Symfony Component and Bridge self-contained.
generated by cgit v1.1 at 2025-05-18 10:53:35 +0000