bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)

This PR was merged into the 2.3 branch. Discussion ---------- Enforce UTF-8 charset for core controllers | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #7532 | License | MIT | Doc PR | - See #7617 and #7532 for the context of this PR. Commits ------- 3032014 Enforce UTF-8 charset for core controllers
symfony · Feb 24, 2015 · 463b24b · 463b24b
2 parents c475704 + 3032014
commit 463b24b
Show file tree

Hide file tree

Showing 6 changed files with 88 additions and 57 deletions.
diff --git a/src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php b/src/Symfony/Bundle/TwigBundle/Controller/ExceptionController.php
@@ -51,7 +51,7 @@ public function showAction(Request $request, FlattenException $exception, DebugL
 
         $code = $exception->getStatusCode();
 
-        return new Response($this->twig->render(
+        return Response::create($this->twig->render(
             (string) $this->findTemplate($request, $request->getRequestFormat(), $code, $this->debug),
             array(
                 'status_code' => $code,
@@ -60,7 +60,7 @@ public function showAction(Request $request, FlattenException $exception, DebugL
                 'logger' => $logger,
                 'currentContent' => $currentContent,
             )
-        ));
+        ))->setCharset('UTF-8');
     }
 
     /**

diff --git a/src/Symfony/Bundle/TwigBundle/Tests/Controller/ExceptionControllerTest.php b/src/Symfony/Bundle/TwigBundle/Tests/Controller/ExceptionControllerTest.php
@@ -39,6 +39,7 @@ public function testOnlyClearOwnOutputBuffers()
         $request->headers->set('X-Php-Ob-Level', 1);
 
         $controller = new ExceptionController($twig, false);
-        $controller->showAction($request, $flatten);
+        $response = $controller->showAction($request, $flatten);
+        $this->assertEquals('UTF-8', $response->getCharset(), 'Request charset is explicitly set to UTF-8');
     }
 }
diff --git a/src/Symfony/Bundle/WebProfilerBundle/Controller/ExceptionController.php b/src/Symfony/Bundle/WebProfilerBundle/Controller/ExceptionController.php
@@ -62,16 +62,17 @@ public function showAction($token)
 
         $code = $exception->getStatusCode();
 
-        return new Response($this->twig->render(
-            $template,
-            array(
+        return Response::create(
+            $this->twig->render($template, array(
                 'status_code' => $code,
                 'status_text' => Response::$statusTexts[$code],
                 'exception' => $exception,
                 'logger' => null,
                 'currentContent' => '',
-            )
-        ), 200, array('Content-Type' => 'text/html'));
+            )),
+            200,
+            array('Content-Type' => 'text/html')
+        )->setCharset('UTF-8');
     }
 
     /**
@@ -97,10 +98,14 @@ public function cssAction($token)
         if (!$this->templateExists($template)) {
             $handler = new ExceptionHandler();
 
-            return new Response($handler->getStylesheet($exception), 200, array('Content-Type' => 'text/css'));
+            $response = new Response($handler->getStylesheet($exception), 200, array('Content-Type' => 'text/css'));
+        } else {
+            $response = new Response($this->twig->render('@WebProfiler/Collector/exception.css.twig'), 200, array('Content-Type' => 'text/css'));
         }
 
-        return new Response($this->twig->render('@WebProfiler/Collector/exception.css.twig'), 200, array('Content-Type' => 'text/css'));
+        $response->setCharset('UTF-8');
+
+        return $response;
     }
 
     protected function getTemplate()

diff --git a/src/Symfony/Bundle/WebProfilerBundle/Controller/ProfilerController.php b/src/Symfony/Bundle/WebProfilerBundle/Controller/ProfilerController.php
@@ -99,16 +99,20 @@ public function panelAction(Request $request, $token)
             throw new NotFoundHttpException(sprintf('Panel "%s" is not available for token "%s".', $panel, $token));
         }
 
-        return new Response($this->twig->render($this->getTemplateManager()->getName($profile, $panel), array(
-            'token' => $token,
-            'profile' => $profile,
-            'collector' => $profile->getCollector($panel),
-            'panel' => $panel,
-            'page' => $page,
-            'request' => $request,
-            'templates' => $this->getTemplateManager()->getTemplates($profile),
-            'is_ajax' => $request->isXmlHttpRequest(),
-        )), 200, array('Content-Type' => 'text/html'));
+        return Response::create(
+            $this->twig->render($this->getTemplateManager()->getName($profile, $panel), array(
+                'token' => $token,
+                'profile' => $profile,
+                'collector' => $profile->getCollector($panel),
+                'panel' => $panel,
+                'page' => $page,
+                'request' => $request,
+                'templates' => $this->getTemplateManager()->getTemplates($profile),
+                'is_ajax' => $request->isXmlHttpRequest(),
+            )),
+            200,
+            array('Content-Type' => 'text/html')
+        )->setCharset('UTF-8');
     }
 
     /**
@@ -147,9 +151,13 @@ public function infoAction($about)
 
         $this->profiler->disable();
 
-        return new Response($this->twig->render('@WebProfiler/Profiler/info.html.twig', array(
-            'about' => $about,
-        )), 200, array('Content-Type' => 'text/html'));
+        return Response::create(
+            $this->twig->render('@WebProfiler/Profiler/info.html.twig', array(
+                'about' => $about,
+            )),
+            200,
+            array('Content-Type' => 'text/html')
+        )->setCharset('UTF-8');
     }
 
     /**
@@ -197,13 +205,17 @@ public function toolbarAction(Request $request, $token)
             // the profiler is not enabled
         }
 
-        return new Response($this->twig->render('@WebProfiler/Profiler/toolbar.html.twig', array(
-            'position' => $position,
-            'profile' => $profile,
-            'templates' => $this->getTemplateManager()->getTemplates($profile),
-            'profiler_url' => $url,
-            'token' => $token,
-        )), 200, array('Content-Type' => 'text/html'));
+        return Response::create(
+            $this->twig->render('@WebProfiler/Profiler/toolbar.html.twig', array(
+                'position' => $position,
+                'profile' => $profile,
+                'templates' => $this->getTemplateManager()->getTemplates($profile),
+                'profiler_url' => $url,
+                'token' => $token,
+            )),
+            200,
+            array('Content-Type' => 'text/html')
+        )->setCharset('UTF-8');
     }
 
     /**
@@ -241,15 +253,19 @@ public function searchBarAction(Request $request)
             $token = $session->get('_profiler_search_token');
         }
 
-        return new Response($this->twig->render('@WebProfiler/Profiler/search.html.twig', array(
-            'token' => $token,
-            'ip' => $ip,
-            'method' => $method,
-            'url' => $url,
-            'start' => $start,
-            'end' => $end,
-            'limit' => $limit,
-        )), 200, array('Content-Type' => 'text/html'));
+        return Response::create(
+            $this->twig->render('@WebProfiler/Profiler/search.html.twig', array(
+                'token' => $token,
+                'ip' => $ip,
+                'method' => $method,
+                'url' => $url,
+                'start' => $start,
+                'end' => $end,
+                'limit' => $limit,
+            )),
+            200,
+            array('Content-Type' => 'text/html')
+        )->setCharset('UTF-8');
     }
 
     /**
@@ -279,18 +295,22 @@ public function searchResultsAction(Request $request, $token)
         $end = $request->query->get('end', null);
         $limit = $request->query->get('limit');
 
-        return new Response($this->twig->render('@WebProfiler/Profiler/results.html.twig', array(
-            'token' => $token,
-            'profile' => $profile,
-            'tokens' => $this->profiler->find($ip, $url, $limit, $method, $start, $end),
-            'ip' => $ip,
-            'method' => $method,
-            'url' => $url,
-            'start' => $start,
-            'end' => $end,
-            'limit' => $limit,
-            'panel' => null,
-        )), 200, array('Content-Type' => 'text/html'));
+        return Response::create(
+            $this->twig->render('@WebProfiler/Profiler/results.html.twig', array(
+                'token' => $token,
+                'profile' => $profile,
+                'tokens' => $this->profiler->find($ip, $url, $limit, $method, $start, $end),
+                'ip' => $ip,
+                'method' => $method,
+                'url' => $url,
+                'start' => $start,
+                'end' => $end,
+                'limit' => $limit,
+                'panel' => null,
+            )),
+            200,
+            array('Content-Type' => 'text/html')
+        )->setCharset('UTF-8');
     }
 
     /**
@@ -364,7 +384,7 @@ public function phpinfoAction()
         phpinfo();
         $phpinfo = ob_get_clean();
 
-        return new Response($phpinfo, 200, array('Content-Type' => 'text/html'));
+        return Response::create($phpinfo, 200, array('Content-Type' => 'text/html'))->setCharset('UTF-8');
     }
 
     /**

diff --git a/src/Symfony/Bundle/WebProfilerBundle/Controller/RouterController.php b/src/Symfony/Bundle/WebProfilerBundle/Controller/RouterController.php
@@ -68,10 +68,14 @@ public function panelAction($token)
 
         $request = $profile->getCollector('request');
 
-        return new Response($this->twig->render('@WebProfiler/Router/panel.html.twig', array(
-            'request' => $request,
-            'router' => $profile->getCollector('router'),
-            'traces' => $matcher->getTraces($request->getPathInfo()),
-        )), 200, array('Content-Type' => 'text/html'));
+        return Response::create(
+            $this->twig->render('@WebProfiler/Router/panel.html.twig', array(
+                'request' => $request,
+                'router' => $profile->getCollector('router'),
+                'traces' => $matcher->getTraces($request->getPathInfo()),
+            )),
+            200,
+            array('Content-Type' => 'text/html')
+        )->setCharset('UTF-8');
     }
 }
diff --git a/src/Symfony/Bundle/WebProfilerBundle/Tests/Controller/ProfilerControllerTest.php b/src/Symfony/Bundle/WebProfilerBundle/Tests/Controller/ProfilerControllerTest.php
@@ -69,6 +69,7 @@ public function testReturns404onTokenNotFound()
 
         $response = $controller->toolbarAction(Request::create('/_wdt/found'), 'found');
         $this->assertEquals(200, $response->getStatusCode());
+        $this->assertEquals('UTF-8', $response->getCharset(), 'Request charset is explicitly set to UTF-8');
 
         $response = $controller->toolbarAction(Request::create('/_wdt/notFound'), 'notFound');
         $this->assertEquals(404, $response->getStatusCode());