merged branch Tobion/fix-double-encoding (PR #6363)

This PR was merged into the 2.0 branch.

Commits
-------

8b2c17f fix double-decoding in the routing system

Discussion
----------

fix double-decoding in the routing system

@fabpot @vicb This should fix it. You know what ;) Don't want to leak more information.
And the good thing, it's no hack nor does it break BC.

src/Symfony/Bundle/FrameworkBundle/EventListener/RouterListener.php

@@ -70,7 +70,10 @@ public function onKernelRequest(GetResponseEvent $event)
 
         // add attributes based on the path info (routing)
         try {
-            $parameters = $this->router->match($request->getPathInfo());
+            // The path is returned in decoded form from the request, so we need to
+            // encode it again as the router applies its own decoding. This prevents
+            // double-decoding.
+            $parameters = $this->router->match(urlencode($request->getPathInfo()));
 
             if (null !== $this->logger) {
                 $this->logger->info(sprintf('Matched route "%s" (parameters: %s)', $parameters['_route'], $this->parametersToString($parameters)));

src/Symfony/Component/Security/Http/HttpUtils.php

@@ -107,7 +107,7 @@ public function checkRequestPath(Request $request, $path)
     {
         if ('/' !== $path[0]) {
             try {
-                $parameters = $this->router->match($request->getPathInfo());
+                $parameters = $this->router->match(urlencode($request->getPathInfo()));
 
                 return $path === $parameters['_route'];
             } catch (MethodNotAllowedException $e) {
@@ -129,7 +129,7 @@ private function resetLocale(Request $request)
         }
 
         try {
-            $parameters = $this->router->match($request->getPathInfo());
+            $parameters = $this->router->match(urlencode($request->getPathInfo()));
 
             if (isset($parameters['_locale'])) {
                 $context->setParameter('_locale', $parameters['_locale']);