symfony
diff --git a/‎src/Symfony/Component/Console/Descriptor/ApplicationDescription.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Console/Descriptor/ApplicationDescription.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/Console/Tests/Descriptor/ApplicationDescriptionTest.php
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/Console/Tests/Descriptor/ApplicationDescriptionTest.php
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/deleted_cookie.expected
Lines changed: 11 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/deleted_cookie.expected
Lines changed: 11 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/deleted_cookie.php
Lines changed: 60 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/Tests/Fixtures/response-functional/deleted_cookie.php
Lines changed: 60 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/AbstractSessionHandlerTest.php
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/AbstractSessionHandlerTest.php
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/Fixtures/empty_destroys.expected
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/Fixtures/empty_destroys.expected
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/Fixtures/storage.expected
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/Fixtures/storage.expected
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/Fixtures/with_cookie_and_session.expected
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/Fixtures/with_cookie_and_session.expected
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/composer.json
Lines changed: 2 additions & 0 deletions b/‎src/Symfony/Component/HttpFoundation/composer.json
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
Lines changed: 5 additions & 0 deletions b/‎src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
Lines changed: 5 additions & 0 deletions
diff --git a/‎src/Symfony/Component/Serializer/Normalizer/BackedEnumNormalizer.php
Lines changed: 4 additions & 4 deletions b/‎src/Symfony/Component/Serializer/Normalizer/BackedEnumNormalizer.php
Lines changed: 4 additions & 4 deletions
@@ -127,7 +127,7 @@ private function sortCommands(array $commands): array
         }
 
         if ($namespacedCommands) {
-            ksort($namespacedCommands);
+            ksort($namespacedCommands, \SORT_STRING);
             foreach ($namespacedCommands as $key => $commandsSet) {
                 ksort($commandsSet);
                 $sortedCommands[$key] = $commandsSet;
 
@@ -36,7 +36,7 @@ public function getNamespacesProvider()
         return [
             [['_global'], ['foobar']],
             [['a', 'b'], ['b:foo', 'a:foo', 'b:bar']],
-            [['_global', 'b', 'z', 22, 33], ['z:foo', '1', '33:foo', 'b:foo', '22:foo:bar']],
+            [['_global', 22, 33, 'b', 'z'], ['z:foo', '1', '33:foo', 'b:foo', '22:foo:bar']],
         ];
     }
 }
 
@@ -0,0 +1,11 @@
+
+Array
+(
+    [0] => Content-Type: text/plain; charset=utf-8
+    [1] => Cache-Control: max-age=0, private, must-revalidate
+    [2] => Cache-Control: max-age=0, must-revalidate, private
+    [3] => Date: Sat, 12 Nov 1955 20:04:00 GMT
+    [4] => Expires: %s, %d %s %d %d:%d:%d GMT
+    [5] => Set-Cookie: PHPSESSID=deleted; expires=%s, %d-%s-%d %d:%d:%d GMT; Max-Age=%d; %s
+)
+shutdown
@@ -0,0 +1,60 @@
+<?php
+
+use Symfony\Component\DependencyInjection\Container;
+use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RequestStack;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpFoundation\Session\SessionFactory;
+use Symfony\Component\HttpFoundation\Session\Storage\NativeSessionStorageFactory;
+use Symfony\Component\HttpKernel\Event\RequestEvent;
+use Symfony\Component\HttpKernel\Event\ResponseEvent;
+use Symfony\Component\HttpKernel\EventListener\SessionListener;
+use Symfony\Component\HttpKernel\HttpKernelInterface;
+
+/** @var Response $r */
+$r = require __DIR__.'/common.inc';
+
+$sessionId = 'vqd4dpbtst3af0k4sdl18nebkn';
+session_id($sessionId);
+$sessionName = session_name();
+$_COOKIE[$sessionName] = $sessionId;
+
+$request = new Request();
+$request->cookies->set($sessionName, $sessionId);
+
+$requestStack = new RequestStack();
+$requestStack->push($request);
+
+$sessionFactory = new SessionFactory($requestStack, new NativeSessionStorageFactory());
+
+$container = new Container();
+$container->set('request_stack', $requestStack);
+$container->set('session_factory', $sessionFactory);
+
+$listener = new SessionListener($container);
+
+$kernel = new class($r) implements HttpKernelInterface {
+    /**
+     * @var Response
+     */
+    private $response;
+
+    public function __construct(Response $response)
+    {
+        $this->response = $response;
+    }
+
+    public function handle(Request $request, int $type = self::MAIN_REQUEST, bool $catch = true): Response
+    {
+        return $this->response;
+    }
+};
+
+$listener->onKernelRequest(new RequestEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST));
+$session = $request->getSession();
+$session->set('foo', 'bar');
+$session->invalidate();
+
+$listener->onKernelResponse(new ResponseEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, $r));
+
+$r->sendHeaders();
@@ -46,6 +46,7 @@ public function testSession($fixture)
         $context = ['http' => ['header' => "Cookie: sid=123abc\r\n"]];
         $context = stream_context_create($context);
         $result = file_get_contents(sprintf('http://localhost:8053/%s.php', $fixture), false, $context);
+        $result = preg_replace_callback('/expires=[^;]++/', function ($m) { return str_replace('-', ' ', $m[0]); }, $result);
 
         $this->assertStringEqualsFile(__DIR__.sprintf('/Fixtures/%s.expected', $fixture), $result);
     }
 
@@ -12,6 +12,6 @@ Array
 (
     [0] => Content-Type: text/plain; charset=utf-8
     [1] => Cache-Control: max-age=10800, private, must-revalidate
-    [2] => Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
+    [2] => Set-Cookie: sid=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
 )
 shutdown
@@ -16,6 +16,6 @@ Array
 (
     [0] => Content-Type: text/plain; charset=utf-8
     [1] => Cache-Control: max-age=0, private, must-revalidate
-    [2] => Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
+    [2] => Set-Cookie: sid=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
 )
 shutdown
@@ -20,6 +20,6 @@ Array
     [0] => Content-Type: text/plain; charset=utf-8
     [1] => Cache-Control: max-age=10800, private, must-revalidate
     [2] => Set-Cookie: abc=def
-    [3] => Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
+    [3] => Set-Cookie: sid=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly
 )
 shutdown
@@ -23,6 +23,8 @@
     "require-dev": {
         "predis/predis": "~1.0",
         "symfony/cache": "^5.4|^6.0",
+        "symfony/dependency-injection": "^5.4|^6.0",
+        "symfony/http-kernel": "^5.4.12|^6.0.12|^6.1.4",
         "symfony/mime": "^5.4|^6.0",
         "symfony/expression-language": "^5.4|^6.0"
     },
 
@@ -153,6 +153,11 @@ public function onKernelResponse(ResponseEvent $event)
 
                 $isSessionEmpty = ($session instanceof Session ? $session->isEmpty() : empty($session->all())) && empty($_SESSION); // checking $_SESSION to keep compatibility with native sessions
                 if ($requestSessionCookieId && $isSessionEmpty) {
+                    // PHP internally sets the session cookie value to "deleted" when setcookie() is called with empty string $value argument
+                    // which happens in \Symfony\Component\HttpFoundation\Session\Storage\Handler\AbstractSessionHandler::destroy
+                    // when the session gets invalidated (for example on logout) so we must handle this case here too
+                    // otherwise we would send two Set-Cookie headers back with the response
+                    SessionUtils::popSessionCookie($sessionName, 'deleted');
                     $response->headers->clearCookie(
                         $sessionName,
                         $sessionCookiePath,
 
@@ -25,7 +25,7 @@ final class BackedEnumNormalizer implements NormalizerInterface, DenormalizerInt
     /**
      * {@inheritdoc}
      */
-    public function normalize($object, $format = null, array $context = []): int|string
+    public function normalize(mixed $object, string $format = null, array $context = []): int|string
     {
         if (!$object instanceof \BackedEnum) {
             throw new InvalidArgumentException('The data must belong to a backed enumeration.');
@@ -37,7 +37,7 @@ public function normalize($object, $format = null, array $context = []): int|str
     /**
      * {@inheritdoc}
      */
-    public function supportsNormalization($data, $format = null): bool
+    public function supportsNormalization($data, string $format = null): bool
     {
         return $data instanceof \BackedEnum;
     }
@@ -47,7 +47,7 @@ public function supportsNormalization($data, $format = null): bool
      *
      * @throws NotNormalizableValueException
      */
-    public function denormalize($data, $type, $format = null, array $context = []): mixed
+    public function denormalize(mixed $data, string $type, string $format = null, array $context = []): mixed
     {
         if (!is_subclass_of($type, \BackedEnum::class)) {
             throw new InvalidArgumentException('The data must belong to a backed enumeration.');
@@ -67,7 +67,7 @@ public function denormalize($data, $type, $format = null, array $context = []):
     /**
      * {@inheritdoc}
      */
-    public function supportsDenormalization($data, $type, $format = null): bool
+    public function supportsDenormalization(mixed $data, string $type, string $format = null): bool
     {
         return is_subclass_of($type, \BackedEnum::class);
     }
Original file line number	Diff line number	Diff line change
`@@ -127,7 +127,7 @@ private function sortCommands(array $commands): array`
`127`	`127`	`}`
`128`	`128`
`129`	`129`	`if ($namespacedCommands) {`
`130`		`- ksort($namespacedCommands);`
	`130`	`+ ksort($namespacedCommands, \SORT_STRING);`
`131`	`131`	`foreach ($namespacedCommands as $key => $commandsSet) {`
`132`	`132`	`ksort($commandsSet);`
`133`	`133`	`$sortedCommands[$key] = $commandsSet;`
Original file line number	Diff line number	Diff line change
`@@ -36,7 +36,7 @@ public function getNamespacesProvider()`
`36`	`36`	`return [`
`37`	`37`	`[['_global'], ['foobar']],`
`38`	`38`	`[['a', 'b'], ['b:foo', 'a:foo', 'b:bar']],`
`39`		`- [['_global', 'b', 'z', 22, 33], ['z:foo', '1', '33:foo', 'b:foo', '22:foo:bar']],`
	`39`	`+ [['_global', 22, 33, 'b', 'z'], ['z:foo', '1', '33:foo', 'b:foo', '22:foo:bar']],`
`40`	`40`	`];`
`41`	`41`	`}`
`42`	`42`	`}`
Original file line number	Diff line number	Diff line change
`@@ -46,6 +46,7 @@ public function testSession($fixture)`
`46`	`46`	`$context = ['http' => ['header' => "Cookie: sid=123abc\r\n"]];`
`47`	`47`	`$context = stream_context_create($context);`
`48`	`48`	`$result = file_get_contents(sprintf('http://localhost:8053/%s.php', $fixture), false, $context);`
	`49`	`+ $result = preg_replace_callback('/expires=[^;]++/', function ($m) { return str_replace('-', ' ', $m[0]); }, $result);`
`49`	`50`
`50`	`51`	`$this->assertStringEqualsFile(__DIR__.sprintf('/Fixtures/%s.expected', $fixture), $result);`
`51`	`52`	`}`
Original file line number	Diff line number	Diff line change
`@@ -12,6 +12,6 @@ Array`
`12`	`12`	`(`
`13`	`13`	`[0] => Content-Type: text/plain; charset=utf-8`
`14`	`14`	`[1] => Cache-Control: max-age=10800, private, must-revalidate`
`15`		`- [2] => Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly`
	`15`	`+ [2] => Set-Cookie: sid=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly`
`16`	`16`	`)`
`17`	`17`	`shutdown`
Original file line number	Diff line number	Diff line change
`@@ -16,6 +16,6 @@ Array`
`16`	`16`	`(`
`17`	`17`	`[0] => Content-Type: text/plain; charset=utf-8`
`18`	`18`	`[1] => Cache-Control: max-age=0, private, must-revalidate`
`19`		`- [2] => Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly`
	`19`	`+ [2] => Set-Cookie: sid=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly`
`20`	`20`	`)`
`21`	`21`	`shutdown`
Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,6 @@ Array`
`20`	`20`	`[0] => Content-Type: text/plain; charset=utf-8`
`21`	`21`	`[1] => Cache-Control: max-age=10800, private, must-revalidate`
`22`	`22`	`[2] => Set-Cookie: abc=def`
`23`		`- [3] => Set-Cookie: sid=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly`
	`23`	`+ [3] => Set-Cookie: sid=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly`
`24`	`24`	`)`
`25`	`25`	`shutdown`
Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@ final class BackedEnumNormalizer implements NormalizerInterface, DenormalizerInt`
`25`	`25`	`/**`
`26`	`26`	`* {@inheritdoc}`
`27`	`27`	`*/`
`28`		`- public function normalize($object, $format = null, array $context = []): int\|string`
	`28`	`+ public function normalize(mixed $object, string $format = null, array $context = []): int\|string`
`29`	`29`	`{`
`30`	`30`	`if (!$object instanceof \BackedEnum) {`
`31`	`31`	`throw new InvalidArgumentException('The data must belong to a backed enumeration.');`
`@@ -37,7 +37,7 @@ public function normalize($object, $format = null, array $context = []): int\|str`
`37`	`37`	`/**`
`38`	`38`	`* {@inheritdoc}`
`39`	`39`	`*/`
`40`		`- public function supportsNormalization($data, $format = null): bool`
	`40`	`+ public function supportsNormalization($data, string $format = null): bool`
`41`	`41`	`{`
`42`	`42`	`return $data instanceof \BackedEnum;`
`43`	`43`	`}`
`@@ -47,7 +47,7 @@ public function supportsNormalization($data, $format = null): bool`
`47`	`47`	`*`
`48`	`48`	`* @throws NotNormalizableValueException`
`49`	`49`	`*/`
`50`		`- public function denormalize($data, $type, $format = null, array $context = []): mixed`
	`50`	`+ public function denormalize(mixed $data, string $type, string $format = null, array $context = []): mixed`
`51`	`51`	`{`
`52`	`52`	`if (!is_subclass_of($type, \BackedEnum::class)) {`
`53`	`53`	`throw new InvalidArgumentException('The data must belong to a backed enumeration.');`
`@@ -67,7 +67,7 @@ public function denormalize($data, $type, $format = null, array $context = []):`
`67`	`67`	`/**`
`68`	`68`	`* {@inheritdoc}`
`69`	`69`	`*/`
`70`		`- public function supportsDenormalization($data, $type, $format = null): bool`
	`70`	`+ public function supportsDenormalization(mixed $data, string $type, string $format = null): bool`
`71`	`71`	`{`
`72`	`72`	`return is_subclass_of($type, \BackedEnum::class);`
`73`	`73`	`}`