Skip to content
Browse files

Support session cookie options with cookie_ prefix

  • Loading branch information...
1 parent e0fba80 commit 6e2a7dabb6057b4d29c1c1b5cc075eecd7d02f08 @mvrhov mvrhov committed Feb 29, 2012
View
4 CHANGELOG-2.1.md
@@ -42,6 +42,8 @@ To get the diff between two versions, go to https://github.com/symfony/symfony/c
* added support for placeholders in route defaults and requirements (replaced by the value set in the service container)
* added Filesystem component as a dependency
* added support for hinclude (use ``standalone: 'js'`` in render tag)
+ * session options: lifetime, path, domain, secure, httponly were deprecated.
+ Prefixed versions should now be used instead: cookie_lifetime, cookie_path, cookie_domain, cookie_secure, cookie_httponly
* [BC BREAK] following session options: 'lifetime', 'path', 'domain', 'secure', 'httponly'
are now prefixed with cookie_ when dumped to the container
@@ -244,7 +246,7 @@ To get the diff between two versions, go to https://github.com/symfony/symfony/c
* Added `Symfony\Component\HttpFoundation\Session\Storage\AbstractSessionStorage` base class for
session storage drivers.
* Added `SessionHandlerInterface` interface which storage drivers should implement after inheriting from
- `Symfony\Component\HttpFoundation\Session\Storage\AbstractSessionStorage` when writing custom
+ `Symfony\Component\HttpFoundation\Session\Storage\AbstractSessionStorage` when writing custom
session save handlers using PHP 5.3. This interface is a stub for the PHP 5.4 interface.
* [BC BREAK] `SessionStorageInterface` methods removed: `write()`, `read()` and `remove()`. Added
`getBag()`, `registerBag()`.
View
48 UPGRADE-2.1.md
@@ -112,9 +112,9 @@ UPGRADE FROM 2.0 to 2.1
protected function load()
{
parent::load();
-
+
// load choices
-
+
$this->choices = $choices;
}
}
@@ -128,7 +128,7 @@ UPGRADE FROM 2.0 to 2.1
public function __construct()
{
// load choices
-
+
parent::__construct($choices);
}
}
@@ -143,7 +143,7 @@ UPGRADE FROM 2.0 to 2.1
protected function loadChoiceList()
{
// load choices
-
+
return new SimpleChoiceList($choices);
}
}
@@ -216,15 +216,15 @@ UPGRADE FROM 2.0 to 2.1
```
$builder->add('tags', 'collection', array('prototype' => 'proto'));
-
+
// results in the name "$$proto$$" in the template
```
After:
```
$builder->add('tags', 'collection', array('prototype' => '__proto__'));
-
+
// results in the name "__proto__" in the template
```
@@ -244,7 +244,7 @@ UPGRADE FROM 2.0 to 2.1
$this->setMessage($constraint->message, array(
'{{ value }}' => $value,
));
-
+
return false;
}
}
@@ -260,7 +260,7 @@ UPGRADE FROM 2.0 to 2.1
$this->context->addViolation($constraint->message, array(
'{{ value }}' => $value,
));
-
+
return false;
}
}
@@ -295,7 +295,7 @@ UPGRADE FROM 2.0 to 2.1
If you used these methods on bound forms, you should consider moving your
logic to an event listener that observes one of the following events:
`FormEvents::PRE_BIND`, `FormEvents::BIND_CLIENT_DATA` or
- `FormEvents::BIND_NORM_DATA`.
+ `FormEvents::BIND_NORM_DATA`.
### Session
@@ -341,3 +341,33 @@ UPGRADE FROM 2.0 to 2.1
Any session storage driver that wants to use custom save handlers should
implement `SessionHandlerInterface`.
+
+### FrameworkBundle
+
+ * session options: lifetime, path, domain, secure, httponly were deprecated.
+ Prefixed versions should now be used instead: cookie_lifetime, cookie_path, cookie_domain, cookie_secure, cookie_httponly
+
+ Before:
+
+ ```
+ framework:
+ session:
+ lifetime: 3600
+ path: \
+ domain: example.com
+ secure: true
+ httponly: true
+ ```
+
+ After:
+
+ ```
+ framework:
+ session:
+ cookie_lifetime: 3600
+ cookie_path: \
+ cookie_domain: example.com
+ cookie_secure: true
+ cookie_httponly: true
+ ```
+
View
15 src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
@@ -169,11 +169,16 @@ private function addSessionSection(ArrayNodeDefinition $rootNode)
->booleanNode('auto_start')->defaultFalse()->end()
->scalarNode('storage_id')->defaultValue('session.storage.native_file')->end()
->scalarNode('name')->end()
- ->scalarNode('lifetime')->end()
- ->scalarNode('path')->end()
- ->scalarNode('domain')->end()
- ->booleanNode('secure')->end()
- ->booleanNode('httponly')->end()
+ ->scalarNode('cookie_lifetime')->end()
+ ->scalarNode('cookie_path')->end()
+ ->scalarNode('cookie_domain')->end()
+ ->booleanNode('cookie_secure')->end()
+ ->booleanNode('cookie_httponly')->end()
+ ->scalarNode('lifetime')->setInfo('DEPRECATED! Please use: cookie_lifetime')->end()
+ ->scalarNode('path')->setInfo('DEPRECATED! Please use: cookie_path')->end()
+ ->scalarNode('domain')->setInfo('DEPRECATED! Please use: cookie_domain')->end()
+ ->booleanNode('secure')->setInfo('DEPRECATED! Please use: cookie_secure')->end()
+ ->booleanNode('httponly')->setInfo('DEPRECATED! Please use: cookie_httponly')->end()
->end()
->end()
->end()
View
8 src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
@@ -294,14 +294,16 @@ private function registerSessionConfiguration(array $config, ContainerBuilder $c
// session storage
$container->setAlias('session.storage', $config['storage_id']);
$options = array();
- foreach (array('name', 'auto_start') as $key) {
+ foreach (array('name', 'cookie_lifetime', 'cookie_path', 'cookie_domain', 'cookie_secure', 'cookie_httponly', 'auto_start') as $key) {
if (isset($config[$key])) {
$options[$key] = $config[$key];
}
}
- //drivers require correct names for cookie options e.g the one with cookie_ prefix
+
+ //we deprecated session options without cookie_ prefix, but we are still supporting them,
+ //Let's merge the ones that were supplied without prefix
foreach (array('lifetime', 'path', 'domain', 'secure', 'httponly') as $key) {
- if (isset($config[$key])) {
+ if (!isset($options['cookie_'.$key]) && isset($config[$key])) {
$options['cookie_'.$key] = $config[$key];
}
}
View
7 src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd
@@ -75,11 +75,18 @@
<xsd:complexType name="session">
<xsd:attribute name="storage-id" type="xsd:string" />
<xsd:attribute name="name" type="xsd:string" />
+ <xsd:attribute name="cookie-lifetime" type="xsd:integer" />
+ <xsd:attribute name="cookie-path" type="xsd:string" />
+ <xsd:attribute name="cookie-domain" type="xsd:string" />
+ <xsd:attribute name="cookie-secure" type="xsd:boolean" />
+ <xsd:attribute name="cookie-httponly" type="xsd:boolean" />
+ <!-- deprecated attributes -->
<xsd:attribute name="lifetime" type="xsd:integer" />
<xsd:attribute name="path" type="xsd:string" />
<xsd:attribute name="domain" type="xsd:string" />
<xsd:attribute name="secure" type="xsd:boolean" />
<xsd:attribute name="httponly" type="xsd:boolean" />
+ <!-- end of deprecated attributes -->
<xsd:attribute name="cache-limiter" type="xsd:string" />
<xsd:attribute name="auto-start" type="xsd:boolean" />
</xsd:complexType>
View
21 ...y/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/deprecated_merge_full.php
@@ -0,0 +1,21 @@
+<?php
+
+$container->loadFromExtension('framework', array(
+ 'secret' => 's3cr3t',
+ 'session' => array(
+ 'auto_start' => true,
+ 'storage_id' => 'session.storage.native_file',
+ 'name' => '_SYMFONY',
+ 'lifetime' => 2012,
+ 'path' => '/sf2',
+ 'domain' => 'sf2.example.com',
+ 'secure' => false,
+ 'httponly' => false,
+ 'cookie_lifetime' => 86400,
+ 'cookie_path' => '/',
+ 'cookie_domain' => 'example.com',
+ 'cookie_secure' => true,
+ 'cookie_httponly' => true,
+ ),
+));
+
View
18 ...undle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/deprecated_merge_partial.php
@@ -0,0 +1,18 @@
+<?php
+
+$container->loadFromExtension('framework', array(
+ 'secret' => 's3cr3t',
+ 'session' => array(
+ 'auto_start' => true,
+ 'storage_id' => 'session.storage.native_file',
+ 'name' => '_SYMFONY',
+ 'lifetime' => 2012,
+ 'path' => '/sf2',
+ 'domain' => 'sf2.example.com',
+ 'secure' => false,
+ 'cookie_lifetime' => 86400,
+ 'cookie_path' => '/',
+ 'cookie_httponly' => true,
+ ),
+));
+
View
12 ...y/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/deprecated_merge_full.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" ?>
+
+<container xmlns="http://symfony.com/schema/dic/services"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:framework="http://symfony.com/schema/dic/symfony"
+ xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd
+ http://symfony.com/schema/dic/symfony http://symfony.com/schema/dic/symfony/symfony-1.0.xsd">
+
+ <framework:config secret="s3cr3t">
+ <framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" lifetime="2012" path="/sf2" domain="sf2.example.com" secure="false" httponly="false" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-httponly="true" />
+ </framework:config>
+</container>
View
12 ...undle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/deprecated_merge_partial.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" ?>
+
+<container xmlns="http://symfony.com/schema/dic/services"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:framework="http://symfony.com/schema/dic/symfony"
+ xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd
+ http://symfony.com/schema/dic/symfony http://symfony.com/schema/dic/symfony/symfony-1.0.xsd">
+
+ <framework:config secret="s3cr3t">
+ <framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" lifetime="2012" path="/sf2" domain="sf2.example.com" secure="false" httponly="false" cookie-lifetime="86400" cookie-path="/" cookie-httponly="true" />
+ </framework:config>
+</container>
View
2 src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml
@@ -12,7 +12,7 @@
<framework:esi enabled="true" />
<framework:profiler only-exceptions="true" />
<framework:router resource="%kernel.root_dir%/config/routing.xml" type="xml" />
- <framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" lifetime="86400" path="/" domain="example.com" secure="true" httponly="true" />
+ <framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-httponly="true" />
<framework:templating assets-version="SomeVersionScheme" cache="/path/to/cache" >
<framework:loader>loader.foo</framework:loader>
<framework:loader>loader.bar</framework:loader>
View
16 ...y/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/deprecated_merge_full.yml
@@ -0,0 +1,16 @@
+framework:
+ secret: s3cr3t
+ session:
+ auto_start: true
+ storage_id: session.storage.native_file
+ name: _SYMFONY
+ lifetime: 2012
+ path: /sf2
+ domain: sf2.example.com
+ secure: false
+ httponly: false
+ cookie_lifetime: 86400
+ cookie_path: /
+ cookie_domain: example.com
+ cookie_secure: true
+ cookie_httponly: true
View
14 ...undle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/deprecated_merge_partial.yml
@@ -0,0 +1,14 @@
+framework:
+ secret: s3cr3t
+ session:
+ auto_start: true
+ storage_id: session.storage.native_file
+ name: _SYMFONY
+ lifetime: 2012
+ path: /sf2
+ domain: sf2.example.com
+ secure: false
+ httponly: false
+ cookie_lifetime: 86400
+ cookie_path: /
+ cookie_httponly: true
View
30 src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
@@ -89,6 +89,36 @@ public function testSession()
$this->assertTrue($options['cookie_httponly']);
}
+ public function testSessionDeprecatedMergeFull()
+ {
+ $container = $this->createContainerFromFile('deprecated_merge_full');
+
+ $this->assertTrue($container->hasDefinition('session'), '->registerSessionConfiguration() loads session.xml');
+
+ $options = $container->getParameter('session.storage.options');
+ $this->assertEquals('_SYMFONY', $options['name']);
+ $this->assertEquals(86400, $options['cookie_lifetime']);
+ $this->assertEquals('/', $options['cookie_path']);
+ $this->assertEquals('example.com', $options['cookie_domain']);
+ $this->assertTrue($options['cookie_secure']);
+ $this->assertTrue($options['cookie_httponly']);
+ }
+
+ public function testSessionDeprecatedMergePartial()
+ {
+ $container = $this->createContainerFromFile('deprecated_merge_partial');
+
+ $this->assertTrue($container->hasDefinition('session'), '->registerSessionConfiguration() loads session.xml');
+
+ $options = $container->getParameter('session.storage.options');
+ $this->assertEquals('_SYMFONY', $options['name']);
+ $this->assertEquals(86400, $options['cookie_lifetime']);
+ $this->assertEquals('/', $options['cookie_path']);
+ $this->assertEquals('sf2.example.com', $options['cookie_domain']);
+ $this->assertFalse($options['cookie_secure']);
+ $this->assertTrue($options['cookie_httponly']);
+ }
+
public function testTemplating()
{
$container = $this->createContainerFromFile('full');

0 comments on commit 6e2a7da

Please sign in to comment.
Something went wrong with that request. Please try again.