From 52885f0ade390e2a657f3c5707b5aa467dcf4c71 Mon Sep 17 00:00:00 2001 From: Joseph Bielawski Date: Tue, 31 Mar 2015 10:41:35 +0200 Subject: [PATCH 01/10] [DoctrineBridge] Add missing variable declaration in testcase --- .../Bridge/Doctrine/Tests/ContainerAwareEventManagerTest.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/Symfony/Bridge/Doctrine/Tests/ContainerAwareEventManagerTest.php b/src/Symfony/Bridge/Doctrine/Tests/ContainerAwareEventManagerTest.php index 5185a75998d66..55991dbf4f653 100644 --- a/src/Symfony/Bridge/Doctrine/Tests/ContainerAwareEventManagerTest.php +++ b/src/Symfony/Bridge/Doctrine/Tests/ContainerAwareEventManagerTest.php @@ -16,6 +16,9 @@ class ContainerAwareEventManagerTest extends \PHPUnit_Framework_TestCase { + private $container; + private $evm; + protected function setUp() { $this->container = new Container(); From 195c57e1f50765aff33137689b16e126a689056a Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Mon, 16 Mar 2015 15:12:02 +0100 Subject: [PATCH 02/10] Safe escaping of fragments for eval() --- .../Component/HttpKernel/HttpCache/Esi.php | 62 +++++++++---------- .../HttpKernel/Tests/HttpCache/EsiTest.php | 4 +- 2 files changed, 33 insertions(+), 33 deletions(-) diff --git a/src/Symfony/Component/HttpKernel/HttpCache/Esi.php b/src/Symfony/Component/HttpKernel/HttpCache/Esi.php index 54e841530f916..58b6265656f5b 100644 --- a/src/Symfony/Component/HttpKernel/HttpCache/Esi.php +++ b/src/Symfony/Component/HttpKernel/HttpCache/Esi.php @@ -29,6 +29,10 @@ class Esi { private $contentTypes; + private $phpEscapeMap = array( + array('', '', '', ''), + ); /** * Constructor. @@ -158,10 +162,34 @@ public function process(Request $request, Response $response) // we don't use a proper XML parser here as we can have ESI tags in a plain text response $content = $response->getContent(); - $content = str_replace(array('', ''), $content); - $content = preg_replace_callback('##', array($this, 'handleEsiIncludeTag'), $content); - $content = preg_replace('#]*(?:/|#', '', $content); $content = preg_replace('#.*?#', '', $content); + $content = preg_replace('#]*(?:/|#', '', $content); + + $chunks = preg_split('##', $content, -1, PREG_SPLIT_DELIM_CAPTURE); + $chunks[0] = str_replace($this->phpEscapeMap[0], $this->phpEscapeMap[1], $chunks[0]); + + $i = 1; + while (isset($chunks[$i])) { + $options = array(); + preg_match_all('/(src|onerror|alt)="([^"]*?)"/', $chunks[$i], $matches, PREG_SET_ORDER); + foreach ($matches as $set) { + $options[$set[1]] = $set[2]; + } + + if (!isset($options['src'])) { + throw new \RuntimeException('Unable to process an ESI tag without a "src" attribute.'); + } + + $chunks[$i] = sprintf('esi->handle($this, %s, %s, %s) ?>'."\n", + var_export($options['src'], true), + var_export(isset($options['alt']) ? $options['alt'] : '', true), + isset($options['onerror']) && 'continue' == $options['onerror'] ? 'true' : 'false' + ); + ++$i; + $chunks[$i] = str_replace($this->phpEscapeMap[0], $this->phpEscapeMap[1], $chunks[$i]); + ++$i; + } + $content = implode('', $chunks); $response->setContent($content); $response->headers->set('X-Body-Eval', 'ESI'); @@ -214,32 +242,4 @@ public function handle(HttpCache $cache, $uri, $alt, $ignoreErrors) } } } - - /** - * Handles an ESI include tag (called internally). - * - * @param array $attributes An array containing the attributes. - * - * @return string The response content for the include. - * - * @throws \RuntimeException - */ - private function handleEsiIncludeTag($attributes) - { - $options = array(); - preg_match_all('/(src|onerror|alt)="([^"]*?)"/', $attributes[1], $matches, PREG_SET_ORDER); - foreach ($matches as $set) { - $options[$set[1]] = $set[2]; - } - - if (!isset($options['src'])) { - throw new \RuntimeException('Unable to process an ESI tag without a "src" attribute.'); - } - - return sprintf('esi->handle($this, %s, %s, %s) ?>'."\n", - var_export($options['src'], true), - var_export(isset($options['alt']) ? $options['alt'] : '', true), - isset($options['onerror']) && 'continue' == $options['onerror'] ? 'true' : 'false' - ); - } } diff --git a/src/Symfony/Component/HttpKernel/Tests/HttpCache/EsiTest.php b/src/Symfony/Component/HttpKernel/Tests/HttpCache/EsiTest.php index ad400c69ae3e3..d1411f016ba20 100644 --- a/src/Symfony/Component/HttpKernel/Tests/HttpCache/EsiTest.php +++ b/src/Symfony/Component/HttpKernel/Tests/HttpCache/EsiTest.php @@ -124,10 +124,10 @@ public function testProcessEscapesPhpTags() $esi = new Esi(); $request = Request::create('/'); - $response = new Response('foo <%= "lala" %>'); + $response = new Response(''); $esi->process($request, $response); - $this->assertEquals('foo php die("foo"); ?>= "lala" %>', $response->getContent()); + $this->assertEquals('php cript language=php>', $response->getContent()); } /** From 6c73f0ce9302a0091bbfbb96f317e400ce16ef84 Mon Sep 17 00:00:00 2001 From: James Gilliland Date: Tue, 17 Feb 2015 11:56:59 -0600 Subject: [PATCH 03/10] isFromTrustedProxy to confirm request came from a trusted proxy. --- .../Component/HttpFoundation/Request.php | 13 +++++-- .../HttpFoundation/Tests/RequestTest.php | 38 ++++++++++++------- 2 files changed, 34 insertions(+), 17 deletions(-) diff --git a/src/Symfony/Component/HttpFoundation/Request.php b/src/Symfony/Component/HttpFoundation/Request.php index de798de27a720..75ef72d0c7505 100644 --- a/src/Symfony/Component/HttpFoundation/Request.php +++ b/src/Symfony/Component/HttpFoundation/Request.php @@ -791,7 +791,7 @@ public function getClientIps() { $ip = $this->server->get('REMOTE_ADDR'); - if (!self::$trustedProxies) { + if (!$this->isFromTrustedProxy()) { return array($ip); } @@ -957,7 +957,7 @@ public function getScheme() */ public function getPort() { - if (self::$trustedProxies) { + if ($this->isFromTrustedProxy()) { if (self::$trustedHeaders[self::HEADER_CLIENT_PORT] && $port = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_PORT])) { return $port; } @@ -1138,7 +1138,7 @@ public function getQueryString() */ public function isSecure() { - if (self::$trustedProxies && self::$trustedHeaders[self::HEADER_CLIENT_PROTO] && $proto = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_PROTO])) { + if ($this->isFromTrustedProxy() && self::$trustedHeaders[self::HEADER_CLIENT_PROTO] && $proto = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_PROTO])) { return in_array(strtolower(current(explode(',', $proto))), array('https', 'on', 'ssl', '1')); } @@ -1166,7 +1166,7 @@ public function isSecure() */ public function getHost() { - if (self::$trustedProxies && self::$trustedHeaders[self::HEADER_CLIENT_HOST] && $host = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_HOST])) { + if ($this->isFromTrustedProxy() && self::$trustedHeaders[self::HEADER_CLIENT_HOST] && $host = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_HOST])) { $elements = explode(',', $host); $host = $elements[count($elements) - 1]; @@ -1853,4 +1853,9 @@ private function getUrlencodedPrefix($string, $prefix) return false; } + + private function isFromTrustedProxy() + { + return self::$trustedProxies && IpUtils::checkIp($this->server->get('REMOTE_ADDR'), self::$trustedProxies); + } } diff --git a/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php b/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php index e8639d7be050c..a1a123426b145 100644 --- a/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php +++ b/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php @@ -722,35 +722,37 @@ public function testGetPort() 'HTTP_X_FORWARDED_PROTO' => 'https', 'HTTP_X_FORWARDED_PORT' => '8443', )); - $port = $request->getPort(); - - $this->assertEquals(8443, $port, 'With PROTO and PORT set PORT takes precedence.'); + $this->assertEquals(80, $request->getPort(), 'With PROTO and PORT on untrusted connection server value takes precedence.'); + $request->server->set('REMOTE_ADDR', '1.1.1.1'); + $this->assertEquals(8443, $request->getPort(), 'With PROTO and PORT set PORT takes precedence.'); $request = Request::create('http://example.com', 'GET', array(), array(), array(), array( 'HTTP_X_FORWARDED_PROTO' => 'https', )); - $port = $request->getPort(); - - $this->assertEquals(443, $port, 'With only PROTO set getPort() defaults to 443.'); + $this->assertEquals(80, $request->getPort(), 'With only PROTO set getPort() ignores trusted headers on untrusted connection.'); + $request->server->set('REMOTE_ADDR', '1.1.1.1'); + $this->assertEquals(443, $request->getPort(), 'With only PROTO set getPort() defaults to 443.'); $request = Request::create('http://example.com', 'GET', array(), array(), array(), array( 'HTTP_X_FORWARDED_PROTO' => 'http', )); - $port = $request->getPort(); - - $this->assertEquals(80, $port, 'If X_FORWARDED_PROTO is set to HTTP return 80.'); + $this->assertEquals(80, $request->getPort(), 'If X_FORWARDED_PROTO is set to HTTP getPort() ignores trusted headers on untrusted connection.'); + $request->server->set('REMOTE_ADDR', '1.1.1.1'); + $this->assertEquals(80, $request->getPort(), 'If X_FORWARDED_PROTO is set to HTTP getPort() returns port of the original request.'); $request = Request::create('http://example.com', 'GET', array(), array(), array(), array( 'HTTP_X_FORWARDED_PROTO' => 'On', )); - $port = $request->getPort(); - $this->assertEquals(443, $port, 'With only PROTO set and value is On, getPort() defaults to 443.'); + $this->assertEquals(80, $request->getPort(), 'With only PROTO set and value is On, getPort() ignores trusted headers on untrusted connection.'); + $request->server->set('REMOTE_ADDR', '1.1.1.1'); + $this->assertEquals(443, $request->getPort(), 'With only PROTO set and value is On, getPort() defaults to 443.'); $request = Request::create('http://example.com', 'GET', array(), array(), array(), array( 'HTTP_X_FORWARDED_PROTO' => '1', )); - $port = $request->getPort(); - $this->assertEquals(443, $port, 'With only PROTO set and value is 1, getPort() defaults to 443.'); + $this->assertEquals(80, $request->getPort(), 'With only PROTO set and value is 1, getPort() ignores trusted headers on untrusted connection.'); + $request->server->set('REMOTE_ADDR', '1.1.1.1'); + $this->assertEquals(443, $request->getPort(), 'With only PROTO set and value is 1, getPort() defaults to 443.'); $request = Request::create('http://example.com', 'GET', array(), array(), array(), array( 'HTTP_X_FORWARDED_PROTO' => 'something-else', @@ -1020,6 +1022,8 @@ public function testOverrideGlobals() $request->headers->set('X_FORWARDED_PROTO', 'https'); Request::setTrustedProxies(array('1.1.1.1')); + $this->assertFalse($request->isSecure()); + $request->server->set('REMOTE_ADDR', '1.1.1.1'); $this->assertTrue($request->isSecure()); Request::setTrustedProxies(array()); @@ -1455,7 +1459,15 @@ public function testTrustedProxies() $this->assertEquals(443, $request->getPort()); $this->assertTrue($request->isSecure()); + // trusted proxy via setTrustedProxies() + Request::setTrustedProxies(array('3.3.3.4', '2.2.2.2')); + $this->assertEquals('3.3.3.3', $request->getClientIp()); + $this->assertEquals('example.com', $request->getHost()); + $this->assertEquals(80, $request->getPort()); + $this->assertFalse($request->isSecure()); + // check various X_FORWARDED_PROTO header values + Request::setTrustedProxies(array('3.3.3.3', '2.2.2.2')); $request->headers->set('X_FORWARDED_PROTO', 'ssl'); $this->assertTrue($request->isSecure()); From dcd79710330d126216f324855689cdbe3e4275f0 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Wed, 1 Apr 2015 16:26:15 +0200 Subject: [PATCH 04/10] updated CHANGELOG for 2.3.27 --- CHANGELOG-2.3.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/CHANGELOG-2.3.md b/CHANGELOG-2.3.md index 12b4efd248e0d..675302718a39f 100644 --- a/CHANGELOG-2.3.md +++ b/CHANGELOG-2.3.md @@ -7,6 +7,16 @@ in 2.3 minor versions. To get the diff for a specific change, go to https://github.com/symfony/symfony/commit/XXX where XXX is the change hash To get the diff between two versions, go to https://github.com/symfony/symfony/compare/v2.3.0...v2.3.1 +* 2.3.27 (2015-04-01) + + * security #14167 CVE-2015-2308 (nicolas-grekas) + * security #14166 CVE-2015-2309 (neclimdul) + * bug #14010 Replace GET parameters when changed in form (WouterJ) + * bug #13991 [Dependency Injection] Improve PhpDumper Performance for huge Containers (BattleRattle) + * bug #13997 [2.3+][Form][DoctrineBridge] Improved loading of entities and documents (guilhermeblanco) + * bug #13953 [Translation][MoFileLoader] fixed load empty translation. (aitboudad) + * bug #13912 [DependencyInjection] Highest precedence for user parameters (lyrixx) + * 2.3.26 (2015-03-17) * bug #13927 Fixing wrong variable name from #13519 (weaverryan) From a7dcf0c15f9e3bdc112a25b6e40b7d3a1105299f Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Wed, 1 Apr 2015 16:28:11 +0200 Subject: [PATCH 05/10] update CONTRIBUTORS for 2.3.27 --- CONTRIBUTORS.md | 55 ++++++++++++++++++++++++++++++------------------- 1 file changed, 34 insertions(+), 21 deletions(-) diff --git a/CONTRIBUTORS.md b/CONTRIBUTORS.md index 09feceb7b66ed..d773ad7ebbab2 100644 --- a/CONTRIBUTORS.md +++ b/CONTRIBUTORS.md @@ -11,8 +11,8 @@ Symfony is the result of the work of many people who made the code better - Jordi Boggiano (seldaek) - Johannes S (johannes) - Kris Wallsmith (kriswallsmith) - - Christophe Coevoet (stof) - Nicolas Grekas (nicolas-grekas) + - Christophe Coevoet (stof) - Jakub Zalas (jakubzalas) - Pascal Borreli (pborreli) - Hugo Hamon (hhamon) @@ -21,9 +21,9 @@ Symfony is the result of the work of many people who made the code better - Ryan Weaver (weaverryan) - Lukas Kahwe Smith (lsmith) - Romain Neutron (romain) + - Christian Flothmann (xabbuh) - Jeremy Mikola (jmikola) - Jean-François Simon (jfsimon) - - Christian Flothmann (xabbuh) - Benjamin Eberlei (beberlei) - Igor Wiedler (igorw) - Martin Hasoň (hason) @@ -37,16 +37,16 @@ Symfony is the result of the work of many people who made the code better - stealth35 ‏ (stealth35) - Alexander Mols (asm89) - Bulat Shakirzyanov (avalanche123) + - Abdellatif Ait boudad (aitboudad) - Francis Besset (francisbesset) - Saša Stamenković (umpirsky) - Henrik Bjørnskov (henrikbjorn) - Miha Vrhovnik + - Kévin Dunglas (dunglas) + - Sarah Khalil (saro0h) - Konstantin Kudryashov (everzet) - Bilal Amarni (bamarni) - - Kévin Dunglas (dunglas) - Florin Patan (florinpatan) - - Abdellatif Ait Boudad (aitboudad) - - Sarah Khalil (saro0h) - Eric Clemmons (ericclemmons) - Andrej Hudec (pulzarraider) - Deni @@ -61,13 +61,14 @@ Symfony is the result of the work of many people who made the code better - Daniel Holmes (dholmes) - Bart van den Burg (burgov) - Jordan Alliot (jalliot) + - Kevin Bond (kbond) - John Wards (johnwards) - Fran Moreno (franmomu) + - Luis Cordova (cordoval) - Antoine Hérault (herzult) - - Kevin Bond (kbond) - Toni Uebernickel (havvg) - - Luis Cordova (cordoval) - Arnaud Le Blanc (arnaud-lb) + - Gábor Egyed (1ed) - Tim Nagel (merk) - Brice BERNARD (brikou) - marc.weistroff @@ -78,7 +79,6 @@ Symfony is the result of the work of many people who made the code better - Colin Frei - Jérôme Tamarelle (gromnan) - Adrien Brault (adrienbrault) - - Gábor Egyed (1ed) - excelwebzone - Jacob Dreesen (jdreesen) - Fabien Pennequin (fabienpennequin) @@ -93,26 +93,29 @@ Symfony is the result of the work of many people who made the code better - Daniel Gomes (danielcsgomes) - Hidenori Goto (hidenorigoto) - David Buchmann (dbu) + - Guilherme Blanco (guilhermeblanco) - Jérémy DERUSSÉ (jderusse) - Pablo Godel (pgodel) - Eric GELOEN (gelo) - Jérémie Augustin (jaugustin) - Rafael Dohms (rdohms) - - Guilherme Blanco (guilhermeblanco) - Tigran Azatyan (tigranazatyan) - Javier Eguiluz (javier.eguiluz) - Arnaud Kleinpeter (nanocom) - Richard Shank (iampersistent) + - Dariusz Ruminski - Clemens Tolboom - Helmer Aaviksoo - Sebastiaan Stok (sstok) - Hiromi Hishida (77web) - Matthieu Ouellette-Vachon (maoueh) - Michał Pipa (michal.pipa) + - Issei Murasawa (issei_m) - Amal Raghav (kertz) - Jonathan Ingram (jonathaningram) - Artur Kotyrba - Rouven Weßling (realityking) + - Andréia Bohner (andreia) - Dmitrii Chekaliuk (lazyhammer) - Clément JOBEILI (dator) - Dorian Villet (gnutix) @@ -123,14 +126,12 @@ Symfony is the result of the work of many people who made the code better - Benjamin Dulau (dbenjamin) - Matthias Pigulla (mpdude) - Andreas Hucks (meandmymonkey) - - Andréia Bohner (andreia) - Noel Guilbert (noel) - Joel Wurtz (brouznouf) - Charles Sarrazin (csarrazi) - bronze1man - sun (sun) - Larry Garfield (crell) - - Issei Murasawa (issei_m) - Martin Schuhfuß (usefulthink) - Thomas Rabaix (rande) - Matthieu Bontemps (mbontemps) @@ -163,6 +164,7 @@ Symfony is the result of the work of many people who made the code better - Xavier Montaña Carreras (xmontana) - Michele Orselli (orso) - Chris Wilkinson (thewilkybarkid) + - Joshua Thijssen - Xavier Perez - Arjen Brouwer (arjenjb) - Katsuhiro OGAWA @@ -181,16 +183,18 @@ Symfony is the result of the work of many people who made the code better - Jeremy Livingston (jeremylivingston) - Nikita Konstantinov - Wodor Wodorski + - Matthieu Auger (matthieuauger) - julien pauli (jpauli) - Beau Simensen (simensen) - Robert Kiss (kepten) + - John Kary (johnkary) - Ruben Gonzalez (rubenrua) - Kim Hemsø Rasmussen (kimhemsoe) - Florian Lonqueu-Brochard (florianlb) - Tom Van Looy (tvlooy) - Wouter Van Hecke - - Joshua Thijssen - Peter Kruithof (pkruithof) + - Vladimir Reznichenko (kalessil) - Michael Holm (hollo) - Warnar Boekkooi (boekkooi) - Marc Weistroff (futurecat) @@ -222,7 +226,6 @@ Symfony is the result of the work of many people who made the code better - Marco Pivetta (ocramius) - Ricard Clau (ricardclau) - Erin Millard - - John Kary (johnkary) - Matthew Lewinski (lewinski) - alquerci - Francesco Levorato @@ -232,7 +235,6 @@ Symfony is the result of the work of many people who made the code better - Inal DJAFAR (inalgnu) - Christian Gärtner (dagardner) - Felix Labrecque - - Vladimir Reznichenko (kalessil) - Yaroslav Kiliba - Sébastien Lavoie (lavoiesl) - Terje Bråten @@ -283,7 +285,6 @@ Symfony is the result of the work of many people who made the code better - Brian King - Michel Salib (michelsalib) - geoffrey - - Matthieu Auger (matthieuauger) - Lorenz Schori - Jeanmonod David (jeanmonod) - Jan Schumann @@ -309,7 +310,6 @@ Symfony is the result of the work of many people who made the code better - Christian Schmidt - Marcin Sikoń (marphi) - franek (franek) - - Dariusz Ruminski - Adam Harvey - Diego Saint Esteben (dii3g0) - Alex Bakhturin @@ -336,6 +336,7 @@ Symfony is the result of the work of many people who made the code better - mmoreram - Markus Lanthaler (lanthaler) - Vicent Soria Durá (vicentgodella) + - Anthony Ferrara - Ioan Negulescu - Jakub Škvára (jskvara) - Daniel Beyer @@ -343,9 +344,11 @@ Symfony is the result of the work of many people who made the code better - alexpods - Erik Trapman (eriktrapman) - De Cock Xavier (xdecock) + - Scott Arciszewski - Norbert Orzechowicz (norzechowicz) - Tobias Nyholm (tobias) - Matthijs van den Bos (matthijs) + - Loick Piera (pyrech) - Lenard Palko - Nils Adermann (naderman) - Gábor Fási @@ -371,9 +374,11 @@ Symfony is the result of the work of many people who made the code better - Zach Badgett (zachbadgett) - Aurélien Fredouelle - Pavel Campr (pcampr) + - Maxime Steinhausser (ogizanagi) - Disquedur - Geoffrey Tran (geoff) - Jan Behrens + - Mantas Var (mvar) - Sebastian Krebs - Christopher Davis (chrisguitarguy) - Thomas Lallement (raziel057) @@ -387,6 +392,7 @@ Symfony is the result of the work of many people who made the code better - Max Rath (drak3) - Stéphane Escandell (sescandell) - Sinan Eldem + - Alexandre Dupuy (satchette) - Nahuel Cuesta (ncuesta) - Chris Boden (cboden) - Asmir Mustafic (goetas) @@ -484,7 +490,6 @@ Symfony is the result of the work of many people who made the code better - Xavier Lacot (xavier) - Olivier Maisonneuve (olineuve) - Francis Turmel (fturmel) - - Loick Piera (pyrech) - cgonzalez - Ben - Jayson Xu (superjavason) @@ -506,6 +511,7 @@ Symfony is the result of the work of many people who made the code better - Fabian Vogler (fabian) - Korvin Szanto - Maksim Kotlyar (makasim) + - Ivan Kurnosov - Neil Ferreira - Dmitry Parnas (parnas) - DQNEO @@ -516,6 +522,7 @@ Symfony is the result of the work of many people who made the code better - David Romaní - Patrick Allaert - Gustavo Falco (gfalco) + - Matt Robinson (inanimatt) - Aleksey Podskrebyshev - David Marín Carreño (davefx) - Jörn Lang (j.lang) @@ -580,6 +587,7 @@ Symfony is the result of the work of many people who made the code better - Michael Tibben - Sander Marechal - Radosław Benkel + - Marcos Sánchez - ttomor - Mei Gwilym (meigwilym) - Michael H. Arieli (excelwebzone) @@ -622,6 +630,7 @@ Symfony is the result of the work of many people who made the code better - nacho - Piotr Antosik (antek88) - Artem Lopata + - Samuel ROZE (sroze) - Marcos Quesada (marcos_quesada) - Matthew Vickery (mattvick) - Dan Finnie @@ -675,6 +684,7 @@ Symfony is the result of the work of many people who made the code better - Yannick - Eduardo García Sanz (coma) - Sebastian Grodzicki (sgrodzicki) + - Michael Lee (zerustech) - Roy Van Ginneken - David de Boer (ddeboer) - Gilles Doge (gido) @@ -721,6 +731,7 @@ Symfony is the result of the work of many people who made the code better - Malaney J. Hill - Christian Flach (cmfcmf) - Cédric Girard (enk_) + - Lars Ambrosius Wallenborn (larsborn) - Oriol Mangas Abellan (oriolman) - Sebastian Göttschkes (sgoettschkes) - Tatsuya Tsuruoka @@ -847,6 +858,7 @@ Symfony is the result of the work of many people who made the code better - Gunnar Lium (gunnarlium) - Tiago Garcia (tiagojsag) - Artiom + - Jakub Simon - Bouke Haarsma - Martin Eckhardt - Denis Zunke @@ -876,7 +888,6 @@ Symfony is the result of the work of many people who made the code better - Vasily Khayrulin (sirian) - Stefan Koopmanschap (skoop) - Stefan Hüsges (tronsha) - - Ivan Kurnosov - stloyd - Chris Tickner - Andrew Coulton @@ -905,7 +916,6 @@ Symfony is the result of the work of many people who made the code better - Julius Beckmann - Romain Dorgueil - Grayson Koonce (breerly) - - Matt Robinson (inanimatt) - Karim Cassam Chenaï (ka) - Nicolas Bastien (nicolas_bastien) - Andy Stanberry @@ -992,6 +1002,7 @@ Symfony is the result of the work of many people who made the code better - grifx - Robert Campbell - Matt Lehner + - Hidde Wieringa - Hein Zaw Htet™ - Ruben Kruiswijk - Michael J @@ -1048,9 +1059,7 @@ Symfony is the result of the work of many people who made the code better - Muriel (metalmumu) - Michaël Perrin (michael.perrin) - Michael Pohlers (mick_the_big) - - Mantas Var (mvar) - Cayetano Soriano Gallego (neoshadybeat) - - Maxime Steinhausser (ogizanagi) - Pablo Monterde Perez (plebs) - Jimmy Leger (redpanda) - Cyrille Jouineau (tuxosaurus) @@ -1128,6 +1137,7 @@ Symfony is the result of the work of many people who made the code better - Brian Freytag - Skorney - mieszko4 + - Neophy7e - Arrilot - Markus Staab - Pierre-Louis LAUNAY @@ -1140,6 +1150,8 @@ Symfony is the result of the work of many people who made the code better - Sema - Thorsten Hallwas - Michael Squires + - Norman Soetbeer + - Benjamin Long - Matt Janssen - Peter Gribanov - kwiateusz @@ -1235,6 +1247,7 @@ Symfony is the result of the work of many people who made the code better - Vincent (vincent1870) - Eugene Babushkin (warl) - Xavier Amado (xamado) + - Jesper Søndergaard Pedersen (zerrvox) - Florent Cailhol - szymek - craigmarvelley From ce4aab1508dd9642906fc9a120e0d8763e689896 Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Wed, 1 Apr 2015 16:28:26 +0200 Subject: [PATCH 06/10] updated VERSION for 2.3.27 --- src/Symfony/Component/HttpKernel/Kernel.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/Symfony/Component/HttpKernel/Kernel.php b/src/Symfony/Component/HttpKernel/Kernel.php index 5e4fac51cde14..e6363872e825e 100644 --- a/src/Symfony/Component/HttpKernel/Kernel.php +++ b/src/Symfony/Component/HttpKernel/Kernel.php @@ -60,12 +60,12 @@ abstract class Kernel implements KernelInterface, TerminableInterface protected $startTime; protected $loadClassCache; - const VERSION = '2.3.27-DEV'; + const VERSION = '2.3.27'; const VERSION_ID = '20327'; const MAJOR_VERSION = '2'; const MINOR_VERSION = '3'; const RELEASE_VERSION = '27'; - const EXTRA_VERSION = 'DEV'; + const EXTRA_VERSION = ''; /** * Constructor. From feb48c26b3e4294294e0f12cc21b022fd636551a Mon Sep 17 00:00:00 2001 From: Fabien Potencier Date: Wed, 1 Apr 2015 17:29:10 +0200 Subject: [PATCH 07/10] bumped Symfony version to 2.3.28 --- src/Symfony/Component/HttpKernel/Kernel.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Symfony/Component/HttpKernel/Kernel.php b/src/Symfony/Component/HttpKernel/Kernel.php index e6363872e825e..42a3f3b3f6010 100644 --- a/src/Symfony/Component/HttpKernel/Kernel.php +++ b/src/Symfony/Component/HttpKernel/Kernel.php @@ -60,12 +60,12 @@ abstract class Kernel implements KernelInterface, TerminableInterface protected $startTime; protected $loadClassCache; - const VERSION = '2.3.27'; - const VERSION_ID = '20327'; + const VERSION = '2.3.28-DEV'; + const VERSION_ID = '20328'; const MAJOR_VERSION = '2'; const MINOR_VERSION = '3'; - const RELEASE_VERSION = '27'; - const EXTRA_VERSION = ''; + const RELEASE_VERSION = '28'; + const EXTRA_VERSION = 'DEV'; /** * Constructor. From dbd02b087175c7817a39d047c6f6e237b8adeca5 Mon Sep 17 00:00:00 2001 From: Javier Eguiluz Date: Thu, 2 Apr 2015 13:05:24 +0200 Subject: [PATCH 08/10] Use specialized config methods instead of the generic ifTrue() method --- .../FrameworkBundle/DependencyInjection/Configuration.php | 7 ++----- .../TwigBundle/DependencyInjection/Configuration.php | 2 +- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php index 2de60489a8b69..08bcc1c19db7c 100644 --- a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php +++ b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php @@ -69,10 +69,7 @@ public function getConfigTreeBuilder() ->booleanNode('test')->end() ->scalarNode('default_locale')->defaultValue('en')->end() ->arrayNode('trusted_hosts') - ->beforeNormalization() - ->ifTrue(function ($v) { return is_string($v); }) - ->then(function ($v) { return array($v); }) - ->end() + ->beforeNormalization()->ifString()->then(function ($v) { return array($v); })->end() ->prototype('scalar')->end() ->end() ->end() @@ -263,7 +260,7 @@ private function addTemplatingSection(ArrayNodeDefinition $rootNode) ->addDefaultChildrenIfNoneSet() ->prototype('scalar')->defaultValue('FrameworkBundle:Form')->end() ->validate() - ->ifTrue(function ($v) {return !in_array('FrameworkBundle:Form', $v); }) + ->ifNotInArray(array('FrameworkBundle:Form')) ->then(function ($v) { return array_merge(array('FrameworkBundle:Form'), $v); }) diff --git a/src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php b/src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php index a20ca8c1a86db..8cc114ab2922f 100644 --- a/src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php +++ b/src/Symfony/Bundle/TwigBundle/DependencyInjection/Configuration.php @@ -58,7 +58,7 @@ private function addFormSection(ArrayNodeDefinition $rootNode) ->prototype('scalar')->defaultValue('form_div_layout.html.twig')->end() ->example(array('MyBundle::form.html.twig')) ->validate() - ->ifTrue(function ($v) { return !in_array('form_div_layout.html.twig', $v); }) + ->ifNotInArray(array('form_div_layout.html.twig')) ->then(function ($v) { return array_merge(array('form_div_layout.html.twig'), $v); }) From a95f7f38af2c7c6ce8266cf162a6eaff9bbcc45b Mon Sep 17 00:00:00 2001 From: stloyd Date: Tue, 31 Mar 2015 15:09:45 +0200 Subject: [PATCH 09/10] Fix some phpdocs for Twig extensions & templating helpers --- src/Symfony/Bridge/Twig/Extension/CodeExtension.php | 3 +++ src/Symfony/Bridge/Twig/Extension/HttpKernelExtension.php | 3 +++ src/Symfony/Bridge/Twig/Extension/RoutingExtension.php | 4 +--- src/Symfony/Bridge/Twig/Extension/SecurityExtension.php | 4 +--- src/Symfony/Bridge/Twig/Extension/TranslationExtension.php | 4 +--- src/Symfony/Bridge/Twig/Extension/YamlExtension.php | 4 +--- .../FrameworkBundle/Templating/Helper/ActionsHelper.php | 4 +--- .../Bundle/FrameworkBundle/Templating/Helper/CodeHelper.php | 4 +--- .../FrameworkBundle/Templating/Helper/RequestHelper.php | 4 +--- .../Bundle/FrameworkBundle/Templating/Helper/RouterHelper.php | 4 +--- .../FrameworkBundle/Templating/Helper/SessionHelper.php | 4 +--- .../FrameworkBundle/Templating/Helper/TranslatorHelper.php | 4 +--- .../SecurityBundle/Templating/Helper/LogoutUrlHelper.php | 4 +--- .../SecurityBundle/Templating/Helper/SecurityHelper.php | 4 +--- src/Symfony/Bundle/TwigBundle/Extension/ActionsExtension.php | 3 +++ src/Symfony/Bundle/TwigBundle/Extension/AssetsExtension.php | 4 +--- 16 files changed, 22 insertions(+), 39 deletions(-) diff --git a/src/Symfony/Bridge/Twig/Extension/CodeExtension.php b/src/Symfony/Bridge/Twig/Extension/CodeExtension.php index 4a0c1e9c768a5..b5f619d327a0d 100644 --- a/src/Symfony/Bridge/Twig/Extension/CodeExtension.php +++ b/src/Symfony/Bridge/Twig/Extension/CodeExtension.php @@ -210,6 +210,9 @@ public function formatFileFromText($text) }, $text); } + /** + * {@inheritdoc} + */ public function getName() { return 'code'; diff --git a/src/Symfony/Bridge/Twig/Extension/HttpKernelExtension.php b/src/Symfony/Bridge/Twig/Extension/HttpKernelExtension.php index 4d9919d16c171..1da12aaf5eb10 100644 --- a/src/Symfony/Bridge/Twig/Extension/HttpKernelExtension.php +++ b/src/Symfony/Bridge/Twig/Extension/HttpKernelExtension.php @@ -81,6 +81,9 @@ public function controller($controller, $attributes = array(), $query = array()) return new ControllerReference($controller, $attributes, $query); } + /** + * {@inheritdoc} + */ public function getName() { return 'http_kernel'; diff --git a/src/Symfony/Bridge/Twig/Extension/RoutingExtension.php b/src/Symfony/Bridge/Twig/Extension/RoutingExtension.php index 237c36c190c22..7469183e75de1 100644 --- a/src/Symfony/Bridge/Twig/Extension/RoutingExtension.php +++ b/src/Symfony/Bridge/Twig/Extension/RoutingExtension.php @@ -89,9 +89,7 @@ public function isUrlGenerationSafe(\Twig_Node $argsNode) } /** - * Returns the name of the extension. - * - * @return string The extension name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bridge/Twig/Extension/SecurityExtension.php b/src/Symfony/Bridge/Twig/Extension/SecurityExtension.php index edba0e7b8bd9d..49863a4e3f1cf 100644 --- a/src/Symfony/Bridge/Twig/Extension/SecurityExtension.php +++ b/src/Symfony/Bridge/Twig/Extension/SecurityExtension.php @@ -52,9 +52,7 @@ public function getFunctions() } /** - * Returns the name of the extension. - * - * @return string The extension name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bridge/Twig/Extension/TranslationExtension.php b/src/Symfony/Bridge/Twig/Extension/TranslationExtension.php index 0fde3a675d9bf..f1f2fbd20b82e 100644 --- a/src/Symfony/Bridge/Twig/Extension/TranslationExtension.php +++ b/src/Symfony/Bridge/Twig/Extension/TranslationExtension.php @@ -99,9 +99,7 @@ public function transchoice($message, $count, array $arguments = array(), $domai } /** - * Returns the name of the extension. - * - * @return string The extension name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bridge/Twig/Extension/YamlExtension.php b/src/Symfony/Bridge/Twig/Extension/YamlExtension.php index 63d658da3b6ed..fc9bf0e9e3308 100644 --- a/src/Symfony/Bridge/Twig/Extension/YamlExtension.php +++ b/src/Symfony/Bridge/Twig/Extension/YamlExtension.php @@ -56,9 +56,7 @@ public function dump($value, $inline = 0, $dumpObjects = false) } /** - * Returns the name of the extension. - * - * @return string The extension name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/ActionsHelper.php b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/ActionsHelper.php index d4a855d53ba3d..8f0d54eada32c 100644 --- a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/ActionsHelper.php +++ b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/ActionsHelper.php @@ -58,9 +58,7 @@ public function controller($controller, $attributes = array(), $query = array()) } /** - * Returns the canonical name of this helper. - * - * @return string The canonical name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/CodeHelper.php b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/CodeHelper.php index 94a9af0cc000b..e7042e0dc3534 100644 --- a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/CodeHelper.php +++ b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/CodeHelper.php @@ -205,9 +205,7 @@ public function formatFileFromText($text) } /** - * Returns the canonical name of this helper. - * - * @return string The canonical name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/RequestHelper.php b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/RequestHelper.php index 9f001f7f3fc0d..b7fbfcdca7ecb 100644 --- a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/RequestHelper.php +++ b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/RequestHelper.php @@ -59,9 +59,7 @@ public function getLocale() } /** - * Returns the canonical name of this helper. - * - * @return string The canonical name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/RouterHelper.php b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/RouterHelper.php index 830e5c90193f2..d54caaf395509 100644 --- a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/RouterHelper.php +++ b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/RouterHelper.php @@ -50,9 +50,7 @@ public function generate($name, $parameters = array(), $referenceType = UrlGener } /** - * Returns the canonical name of this helper. - * - * @return string The canonical name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/SessionHelper.php b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/SessionHelper.php index c4362df1dbd51..675fe9dc90940 100644 --- a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/SessionHelper.php +++ b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/SessionHelper.php @@ -62,9 +62,7 @@ public function hasFlash($name) } /** - * Returns the canonical name of this helper. - * - * @return string The canonical name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/TranslatorHelper.php b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/TranslatorHelper.php index 30816d736fb42..2c2641a885b13 100644 --- a/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/TranslatorHelper.php +++ b/src/Symfony/Bundle/FrameworkBundle/Templating/Helper/TranslatorHelper.php @@ -50,9 +50,7 @@ public function transChoice($id, $number, array $parameters = array(), $domain = } /** - * Returns the canonical name of this helper. - * - * @return string The canonical name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bundle/SecurityBundle/Templating/Helper/LogoutUrlHelper.php b/src/Symfony/Bundle/SecurityBundle/Templating/Helper/LogoutUrlHelper.php index 1fef75ca09c22..9514ebf616fc4 100644 --- a/src/Symfony/Bundle/SecurityBundle/Templating/Helper/LogoutUrlHelper.php +++ b/src/Symfony/Bundle/SecurityBundle/Templating/Helper/LogoutUrlHelper.php @@ -114,9 +114,7 @@ private function generateLogoutUrl($key, $referenceType) } /** - * Returns the canonical name of this helper. - * - * @return string The canonical name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bundle/SecurityBundle/Templating/Helper/SecurityHelper.php b/src/Symfony/Bundle/SecurityBundle/Templating/Helper/SecurityHelper.php index 7ca0e7bb669d1..a43f2b446d6a8 100644 --- a/src/Symfony/Bundle/SecurityBundle/Templating/Helper/SecurityHelper.php +++ b/src/Symfony/Bundle/SecurityBundle/Templating/Helper/SecurityHelper.php @@ -48,9 +48,7 @@ public function isGranted($role, $object = null, $field = null) } /** - * Returns the canonical name of this helper. - * - * @return string The canonical name + * {@inheritdoc} */ public function getName() { diff --git a/src/Symfony/Bundle/TwigBundle/Extension/ActionsExtension.php b/src/Symfony/Bundle/TwigBundle/Extension/ActionsExtension.php index 3b08bd6859078..76f4dff5c3a2f 100644 --- a/src/Symfony/Bundle/TwigBundle/Extension/ActionsExtension.php +++ b/src/Symfony/Bundle/TwigBundle/Extension/ActionsExtension.php @@ -62,6 +62,9 @@ public function getTokenParsers() ); } + /** + * {@inheritdoc} + */ public function getName() { return 'actions'; diff --git a/src/Symfony/Bundle/TwigBundle/Extension/AssetsExtension.php b/src/Symfony/Bundle/TwigBundle/Extension/AssetsExtension.php index 929680597cc1f..4f40c7a0d8a21 100644 --- a/src/Symfony/Bundle/TwigBundle/Extension/AssetsExtension.php +++ b/src/Symfony/Bundle/TwigBundle/Extension/AssetsExtension.php @@ -68,9 +68,7 @@ public function getAssetsVersion($packageName = null) } /** - * Returns the name of the extension. - * - * @return string The extension name + * {@inheritdoc} */ public function getName() { From 6f5e95b762ae0c00585a814efbec7cc6b46b47ce Mon Sep 17 00:00:00 2001 From: Gerben Wijnja Date: Fri, 3 Apr 2015 01:10:26 +0200 Subject: [PATCH 10/10] [StringUtil] Fixed singularification of 'movies' The word 'movies' was singularified to 'movy'. There seem to be only two words ending in 'ovies', which are 'movies' and 'anchovies'. The singular of the latter is 'anchovy'. All other words ending in 'vies' singularify to 'vy', so the word 'movies' is an exception to the general rule. --- src/Symfony/Component/PropertyAccess/StringUtil.php | 3 +++ src/Symfony/Component/PropertyAccess/Tests/StringUtilTest.php | 1 + 2 files changed, 4 insertions(+) diff --git a/src/Symfony/Component/PropertyAccess/StringUtil.php b/src/Symfony/Component/PropertyAccess/StringUtil.php index 5fa1b1734f8bc..2160f0f422b4e 100644 --- a/src/Symfony/Component/PropertyAccess/StringUtil.php +++ b/src/Symfony/Component/PropertyAccess/StringUtil.php @@ -60,6 +60,9 @@ class StringUtil // indices (index), appendices (appendix), prices (price) array('seci', 4, false, true, array('ex', 'ix', 'ice')), + // movies (movie) + array('seivom', 6, true, true, 'movie'), + // babies (baby) array('sei', 3, false, true, 'y'), diff --git a/src/Symfony/Component/PropertyAccess/Tests/StringUtilTest.php b/src/Symfony/Component/PropertyAccess/Tests/StringUtilTest.php index 7c6376dbd6a13..73922cd72aeae 100644 --- a/src/Symfony/Component/PropertyAccess/Tests/StringUtilTest.php +++ b/src/Symfony/Component/PropertyAccess/Tests/StringUtilTest.php @@ -99,6 +99,7 @@ public function singularifyProvider() array('men', 'man'), array('mice', 'mouse'), array('moves', 'move'), + array('movies', 'movie'), array('nebulae', 'nebula'), array('neuroses', array('neuros', 'neurose', 'neurosis')), array('oases', array('oas', 'oase', 'oasis')),