Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on Nov 29, 2012
  1. @fabpot

    updated VERSION for 2.0.19

    fabpot authored
  2. @fabpot
  3. @fabpot
  4. @fabpot

    fixed the logic in Request::isSecure() (if the information comes from…

    fabpot authored
    … a source that we trust, don't check other ones)
  5. @fabpot
  6. @fabpot
  7. @fabpot
Commits on Nov 27, 2012
  1. @fabpot
Commits on Nov 24, 2012
  1. @fabpot

    merged branch sterrien/patch-1 (PR #5842)

    fabpot authored
    This PR was merged into the 2.0 branch.
    
    Commits
    -------
    
    2d9a6fc Use Norm Data instead of Data
    
    Discussion
    ----------
    
    [Form] Use Norm Data instead of App Data
    
    This listener is triggered when normalized data are binded.
    
    We have to use $event->getForm()->getNormData() instead of $event->getForm()->getData().
    
    I have made a new FormType having 'entity' as parent and having a NormTransformer. I encountered a problem in MergeCollectionListener when the request is binded.
    
    My commit fix it.
  2. @fabpot

    fixed CS

    fabpot authored
Commits on Nov 21, 2012
  1. @Tobion

    small fix of #5984 when the container param is not set

    Tobion authored
    this can happen when the config for the router is unset, but this method
    does not need to depend on routing. reading an unset config would raise an exception.
Commits on Nov 19, 2012
  1. @fabpot

    fixed CS

    fabpot authored
  2. @fabpot

    merged branch flojon/patch-3 (PR #5984)

    fabpot authored
    This PR was merged into the 2.0 branch.
    
    Commits
    -------
    
    64b54dc Use better default ports in urlRedirectAction
    64216f2 Add tests for urlRedirectAction
    
    Discussion
    ----------
    
    Default to current port in urlRedirectAction
    
    I was a bit surprised when I used urlRedirectAction from a non-standard port (8000) it redirected me to port 80. I would argue that the default should be to use the current port instead. This is a simple patch to change that. This should only break in the case someone is relying on the current default to redirect from a non-standard port to the standard port, which should be a really rare case...
    
    ---------------------------------------------------------------------------
    
    by Tobion at 2012-11-11T20:29:54Z
    
    The idea is right but the implementation not. Seems this patch is not as "simple" as you said.
    When you're on HTTPS and want to redirect to $scheme = HTTP, then it still uses the current HTTPS port which is wrong.
    
    ---------------------------------------------------------------------------
    
    by flojon at 2012-11-11T20:36:47Z
    
    Ah, I see the problem. So I guess the correct behavior would be to use the current port if staying with the same scheme or go to standard port if switching scheme. Unless the user has specified a port which will always override...
    
    ---------------------------------------------------------------------------
    
    by Tobion at 2012-11-11T20:42:18Z
    
    That would be the best solution that is currently possible but not the best solution that should be possible.
    Because if you switch scheme but the other scheme does not use the standard port, it still doesn't work.
    Ideally the Request class had an option that allows to define the ports symfony should use for HTTP and HTTPS.
    This logic is in RequestContext, but it's not used here.
    
    ---------------------------------------------------------------------------
    
    by flojon at 2012-11-11T21:32:55Z
    
    Bummer, I forgot to check if the current port is a standard port...
    
    ---------------------------------------------------------------------------
    
    by Tobion at 2012-11-11T21:35:13Z
    
    add some tests
    
    ---------------------------------------------------------------------------
    
    by flojon at 2012-11-11T23:28:18Z
    
    Added tests and fixed my previous error
    
    ---------------------------------------------------------------------------
    
    by flojon at 2012-11-15T18:25:12Z
    
    @Tobion is there anything else I needed for this?
    
    ---------------------------------------------------------------------------
    
    by fabpot at 2012-11-19T12:56:04Z
    
    To be consistent with how we manage HTTP ports elsewhere, I'd rather use the values of the `request_listener.http_port` and `request_listener.https_port`:
    
    ```php
            if (null === $httpPort) {
                $httpPort = $this->container->getParameter('request_listener.http_port');
            }
    
            if (null === $httpsPort) {
                $httpsPort = $this->container->getParameter('request_listener.https_port');
            }
    ```
    
    This is done in the `security.authentication.retry_entry_point` service and for the `router_listener` listener.
    
    The parameter name is probably not the best one, but that could be changed then in master.
    
    ---------------------------------------------------------------------------
    
    by flojon at 2012-11-19T13:49:18Z
    
    @fabpot But then you would need to set that parameter manually right? It wouldn't automatically redirect you to the same port, which was what I wanted to achieve...
    
    Could this be the right order of preference:
    If a value was specified in the route use that.
    Otherwise use the current port
    unless switching scheme then use the parameter value
    
    ---------------------------------------------------------------------------
    
    by fabpot at 2012-11-19T13:52:17Z
    
    Your order of preference looks good to me.
    
    ---------------------------------------------------------------------------
    
    by flojon at 2012-11-19T19:13:19Z
    
    Man this was more involved than I thought... :)
    Changed the logic to use the parameters when not using the current port. Also tried clean up the tests a little bit... Enjoy!
  3. @flojon
  4. @flojon

    Add tests for urlRedirectAction

    flojon authored
  5. @fabpot

    merged branch sstok/fix_digest_authentication (PR #5874)

    fabpot authored
    This PR was merged into the 2.0 branch.
    
    Commits
    -------
    
    f2cbea3 [Security] remove escape charters from username provided by Digest DigestAuthenticationListener
    80f6992 [Security] added test extra for digest authentication
    d66b03c fixed CS
    694697d [Security] Fixed digest authentication
    c067586 [Security] Fixed digest authentication
    
    Discussion
    ----------
    
    Fix digest authentication
    
    Bug fix: yes
    Feature addition: no
    Backwards compatibility break: no
    Symfony2 tests pass: yes
    Fixes the following tickets:
    Todo: -
    License of the code: MIT
    Documentation PR: -
    Replaces: #5485
    
    This adds the missing fixes.
    
    My only concerns is the ```\"``` removing.
    ```\"``` is only needed for the HTTP transport, but keeping them would require to also store the username with the escapes as well.
    
    ---------------------------------------------------------------------------
    
    by fabpot at 2012-10-30T11:25:28Z
    
    The digest authentication mechanism is not that widespread due to its limitation. And the transport is not HTTP, I think we are talking about very few cases.
    
    ---------------------------------------------------------------------------
    
    by sstok at 2012-10-30T12:49:14Z
    
    Apache seems to remove (ignore) escape characters.
    
    ```c
    if (auth_line[0] == '=') {
                auth_line++;
                while (apr_isspace(auth_line[0])) {
                    auth_line++;
                }
    
                vv = 0;
                if (auth_line[0] == '\"') {         /* quoted string */
                    auth_line++;
                    while (auth_line[0] != '\"' && auth_line[0] != '\0') {
                        if (auth_line[0] == '\\' && auth_line[1] != '\0') {
                            auth_line++;            /* escaped char */
                        }
                        value[vv++] = *auth_line++;
                    }
                    if (auth_line[0] != '\0') {
                        auth_line++;
                    }
                }
                else {                               /* token */
                    while (auth_line[0] != ',' && auth_line[0] != '\0'
                           && !apr_isspace(auth_line[0])) {
                        value[vv++] = *auth_line++;
                    }
                }
                value[vv] = '\0';
            }
    ```
    
    But would this change be a BC break for people already using quotes but without a comma and thus they never hit this bug?
    
    The change it self is minimum, just calling ```str_replace('\\\\', '\\', str_replace('\\"', '"', $value))``` when getting the username.
    
    ---------------------------------------------------------------------------
    
    by fabpot at 2012-11-13T13:00:12Z
    
    @sstok Doing the same as Apache seems the best option here (just document the BC break).
    
    ---------------------------------------------------------------------------
    
    by sstok at 2012-11-15T16:05:00Z
    
    Hopefully I did this correct, but the needed escapes seem correctly removed.
    `\"` is changed to `"` `\\` is changed to `\`
    `\'` it kept as it is, as this needs no correcting.
    
    @Vincent-Simonin Can you verify please.
    
    ---------------------------------------------------------------------------
    
    by Vincent-Simonin at 2012-11-19T09:28:18Z
    
    Authentication didn't work with this configuration :
    
    ```
    providers:
        in_memory:
            name: in_memory
            users:
                te"st: { password: test, roles: [ 'ROLE_USER' ] }
    ```
    
    `te"st` was set in authentication form's user field.
    
    (Must we also escape `"` in configuration file ?)
    
    Tests were performed with nginx.
    
    ---------------------------------------------------------------------------
    
    by sstok at 2012-11-19T09:33:34Z
    
    Yes. YAML escapes using an duplicate quote, like SQL.
    
    ```yaml
    providers:
        in_memory:
            name: in_memory
            users:
                "te""st": { password: test, roles: [ 'ROLE_USER' ] }
    ```
  6. @fabpot

    merged branch vicb/security-config (PR #6017)

    fabpot authored
    This PR was merged into the 2.0 branch.
    
    Commits
    -------
    
    32dc31e [SecurityBundle] Convert Http method to uppercase in the config
    
    Discussion
    ----------
    
    [SecurityBundle] Convert Http method to uppercase in the config
    
    This is not striclty required as method names would be converted to uppercase by the matcher after #5988.
    
    However I think it is better to always use uppercase for http method names.
    
    The config UT has also been improved as part of this PR.
    
    This is good to propagate to 2.1 & 2.2 also.
  7. @fabpot

    Update src/Symfony/Component/DomCrawler/Form.php

    Benoît Bourgeois authored fabpot committed
Commits on Nov 15, 2012
  1. @sstok

    [Security] remove escape charters from username provided by Digest Di…

    sstok authored
    …gestAuthenticationListener
  2. @Vincent-Simonin @sstok

    [Security] Fixed digest authentication

    Vincent-Simonin authored sstok committed
    Digest authentication fail if digest parameters contains `=` character or `, ` string.
    
    * Support escaped characters
  3. @Vincent-Simonin @sstok

    [Security] Fixed digest authentication

    Vincent-Simonin authored sstok committed
    Digest authentication fail if digest parameters contains `=` character or `, ` string.
  4. @vicb
Commits on Nov 13, 2012
  1. @fabpot

    merged branch Jola/comment-fix (PR #5992)

    fabpot authored
    This PR was merged into the 2.0 branch.
    
    Commits
    -------
    
    b3a8efd fixed comment. The parent ACL is not accessed in this method.
    
    Discussion
    ----------
    
    fixed comment. The parent ACL is not accessed in this method.
    
    Just fixed a comment on PermissionGrantingStrategy.
    hasSufficientPermissions() is not accessing the parent ACL. That's done in isGranted().
Commits on Nov 12, 2012
  1. @langj
  2. @vicb

    [HttpFoundation] Make host & methods really case insensitive in the R…

    vicb authored
    …equestMacther
    
    and backport changes from 2.2
Commits on Nov 10, 2012
  1. @fabpot
Commits on Nov 9, 2012
  1. @pborreli

    Fixed case of php function

    pborreli authored
Commits on Nov 8, 2012
  1. @webmozart

    [Form] Fixed NumberToLocalizedStringTransformer to accept both comma …

    webmozart authored
    …and dot as decimal separator, if possible
Commits on Nov 5, 2012
  1. @pgodel
Commits on Nov 4, 2012
  1. @pgodel
Commits on Oct 28, 2012
  1. @mvrhov

    The exception message should say which field is not mapped

    mvrhov authored mvrhov committed
Commits on Oct 27, 2012
  1. @fabpot

    merged branch helios-ag/patch (PR #5496)

    fabpot authored
    This PR was squashed before being merged into the 2.0 branch (closes #5496).
    
    Commits
    -------
    
    9872d26 [HttpFoundation] Fix name sanitization after perfoming move
    
    Discussion
    ----------
    
    [HttpFoundation] Fix name sanitization after perfoming move
    
    Bug fix: yes
    Feature addition: no
    Backwards compatibility break: no
    Symfony2 tests pass: yes
    Fixes the following tickets: #2577
    License of the code: MIT
    
    Further work on #2577, fixes name sanitization, after moving file name with new name with non latin characters in the beginning.
    
    ---------------------------------------------------------------------------
    
    by stloyd at 2012-09-12T09:52:05Z
    
    You must revert chmod changes.
    
    ---------------------------------------------------------------------------
    
    by helios-ag at 2012-09-12T14:30:36Z
    
    @stloyd fixed
    
    ---------------------------------------------------------------------------
    
    by stof at 2012-10-13T21:12:43Z
    
    @fabpot what is the status of this PR ?
  2. @helios-ag @fabpot
  3. @fabpot

    merged branch jonathaningram/issue_5375 (PR #5376)

    fabpot authored
    This PR was merged into the 2.0 branch.
    
    Commits
    -------
    
    a094f7e Add check to Store::unlock to ensure file exists
    
    Discussion
    ----------
    
    [2.0] [HttpKernel] Add check to Store::unlock to ensure file exists
    
    Bug fix: yes
    Feature addition: no
    Backwards compatibility break: no
    Symfony2 tests pass: yes
    
    I was seeing this error in my logs when using an `AppCache`:
    
    ```
    Error 2: /var/www/beta.example.com/shared/vendor/symfony/symfony/src/Symfony/Component/HttpKernel/HttpCache/Store.php line 92: unlink(/var/www/beta.example.com/releases/20120827020525/app/cache/beta/http_cache/md/c2/88/66a911b5266a57bdd55131a47895b8861dfd.lck): No such file or directory
    ```
    
    It was only occurring when the `http_cache` file was being primed (i.e. first load).
    
    I've added a simple check to ensure that the file is a valid file before trying to unlink. I also added a missing `@return` docblock. Note: I've chosen to return `false` if the file does not exist as this seems to be the behaviour of the `purge` method.
    
    ---------------------------------------------------------------------------
    
    by jonathaningram at 2012-08-29T06:46:52Z
    
    @henrikbjorn done and rebased. Thanks.
    
    ---------------------------------------------------------------------------
    
    by jonathaningram at 2012-09-17T22:38:47Z
    
    @henrikbjorn any news on this one? It's currently not possible to use the HTTP Cache without the first request failing.
    
    ---------------------------------------------------------------------------
    
    by jonathaningram at 2012-09-25T01:28:38Z
    
    ping @fabpot sorry to keep pushing this, but any chance you could take a look at this?
  4. @fabpot
Something went wrong with that request. Please try again.