From 3f0c7ea41db479383b81d436b836d37168fd5b99 Mon Sep 17 00:00:00 2001
From: Fabien Potencier <fabien@potencier.org>
Date: Sun, 27 Apr 2025 15:26:02 +0200
Subject: [PATCH 1/3] Remove unneeded use statements

---
 Tests/RateLimiter/AbstractRequestRateLimiterTest.php | 1 -
 Tests/Session/Storage/Proxy/AbstractProxyTest.php    | 1 -
 2 files changed, 2 deletions(-)

diff --git a/Tests/RateLimiter/AbstractRequestRateLimiterTest.php b/Tests/RateLimiter/AbstractRequestRateLimiterTest.php
index 26f2fac90..087d7aeae 100644
--- a/Tests/RateLimiter/AbstractRequestRateLimiterTest.php
+++ b/Tests/RateLimiter/AbstractRequestRateLimiterTest.php
@@ -14,7 +14,6 @@
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\RateLimiter\LimiterInterface;
-use Symfony\Component\RateLimiter\Policy\NoLimiter;
 use Symfony\Component\RateLimiter\RateLimit;
 
 class AbstractRequestRateLimiterTest extends TestCase
diff --git a/Tests/Session/Storage/Proxy/AbstractProxyTest.php b/Tests/Session/Storage/Proxy/AbstractProxyTest.php
index bb459bb9f..8d04830a7 100644
--- a/Tests/Session/Storage/Proxy/AbstractProxyTest.php
+++ b/Tests/Session/Storage/Proxy/AbstractProxyTest.php
@@ -11,7 +11,6 @@
 
 namespace Symfony\Component\HttpFoundation\Tests\Session\Storage\Proxy;
 
-use PHPUnit\Framework\MockObject\MockObject;
 use PHPUnit\Framework\TestCase;
 use Symfony\Component\HttpFoundation\Session\Storage\Proxy\AbstractProxy;
 use Symfony\Component\HttpFoundation\Session\Storage\Proxy\SessionHandlerProxy;

From 7965dc6fde8d57a626988a94f5447dcb47e8dca0 Mon Sep 17 00:00:00 2001
From: wkania <wojciech.kania+github@gmail.com>
Date: Sun, 27 Apr 2025 16:24:15 +0200
Subject: [PATCH 2/3] Fix overwriting an array element

---
 Tests/RequestTest.php | 2 --
 1 file changed, 2 deletions(-)

diff --git a/Tests/RequestTest.php b/Tests/RequestTest.php
index 7a4807ecf..f1aa0ebea 100644
--- a/Tests/RequestTest.php
+++ b/Tests/RequestTest.php
@@ -604,7 +604,6 @@ public function testGetUri()
 
         $server['REDIRECT_QUERY_STRING'] = 'query=string';
         $server['REDIRECT_URL'] = '/path/info';
-        $server['SCRIPT_NAME'] = '/index.php';
         $server['QUERY_STRING'] = 'query=string';
         $server['REQUEST_URI'] = '/path/info?toto=test&1=1';
         $server['SCRIPT_NAME'] = '/index.php';
@@ -731,7 +730,6 @@ public function testGetUriForPath()
 
         $server['REDIRECT_QUERY_STRING'] = 'query=string';
         $server['REDIRECT_URL'] = '/path/info';
-        $server['SCRIPT_NAME'] = '/index.php';
         $server['QUERY_STRING'] = 'query=string';
         $server['REQUEST_URI'] = '/path/info?toto=test&1=1';
         $server['SCRIPT_NAME'] = '/index.php';

From 6b7c97fe1ddac8df3cc9ba6410c8abc683e148ae Mon Sep 17 00:00:00 2001
From: Athorcis <Athorcis@users.noreply.github.com>
Date: Mon, 28 Apr 2025 13:34:00 +0200
Subject: [PATCH 3/3] [HttpFoundation] Fix: Encode path in X-Accel-Redirect
 header

we need to encode the path in X-Accel-Redirect header, otherwise nginx fail when certain characters are present in it (like % or ?)

https://github.com/rack/rack/issues/1306
---
 BinaryFileResponse.php           |  2 +-
 Tests/BinaryFileResponseTest.php | 11 ++++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/BinaryFileResponse.php b/BinaryFileResponse.php
index 41a244b81..c22f283cb 100644
--- a/BinaryFileResponse.php
+++ b/BinaryFileResponse.php
@@ -229,7 +229,7 @@ public function prepare(Request $request): static
                         $path = $location.substr($path, \strlen($pathPrefix));
                         // Only set X-Accel-Redirect header if a valid URI can be produced
                         // as nginx does not serve arbitrary file paths.
-                        $this->headers->set($type, $path);
+                        $this->headers->set($type, rawurlencode($path));
                         $this->maxlen = 0;
                         break;
                     }
diff --git a/Tests/BinaryFileResponseTest.php b/Tests/BinaryFileResponseTest.php
index c7d47a4d7..8f298b77f 100644
--- a/Tests/BinaryFileResponseTest.php
+++ b/Tests/BinaryFileResponseTest.php
@@ -314,7 +314,15 @@ public function testXAccelMapping($realpath, $mapping, $virtual)
         $property->setValue($response, $file);
 
         $response->prepare($request);
-        $this->assertEquals($virtual, $response->headers->get('X-Accel-Redirect'));
+        $header = $response->headers->get('X-Accel-Redirect');
+
+        if ($virtual) {
+            // Making sure the path doesn't contain characters unsupported by nginx
+            $this->assertMatchesRegularExpression('/^([^?%]|%[0-9A-F]{2})*$/', $header);
+            $header = rawurldecode($header);
+        }
+
+        $this->assertEquals($virtual, $header);
     }
 
     public function testDeleteFileAfterSend()
@@ -361,6 +369,7 @@ public static function getSampleXAccelMappings()
             ['/home/Foo/bar.txt', '/var/www/=/files/,/home/Foo/=/baz/', '/baz/bar.txt'],
             ['/home/Foo/bar.txt', '"/var/www/"="/files/", "/home/Foo/"="/baz/"', '/baz/bar.txt'],
             ['/tmp/bar.txt', '"/var/www/"="/files/", "/home/Foo/"="/baz/"', null],
+            ['/var/www/var/www/files/foo%.txt', '/var/www/=/files/', '/files/var/www/files/foo%.txt'],
         ];
     }