php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-09 01:27:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
15,313 Commits 10 Branches 79 Tags
Commit Graph

121 Commits

Author SHA1 Message Date
Carsten Brandt
17d08cc0a4 fixed crash on non-string input to CSRF token 
fixes #11822

also adding proper unit tests for validate CSRF token.
 2016-06-25 18:22:27 +02:00
Nikola Kovacs
9d327baa8b coding style fixes 2016-05-26 11:19:32 +02:00
Salem Ouerdani
2eb90f82fe removes nonexistent yii/web/rawCsrfToken from docs (#11521) 
* removes nonexistent yii/web/rawCsrfToken from docs

* maj
 2016-05-07 18:38:07 +02:00
Carsten Brandt
731769241b release version 2.0.8 2016-04-28 16:50:20 +02:00
Carsten Brandt
1f0e24c528 allow resetting autodetected properties in yii\web\Request 
fixes #11336
 2016-04-21 12:54:59 +02:00
Evgeniy Tkachenko
4e59f92829 phpDoc updated 2016-03-28 10:24:53 +03:00
quantum
7b46bd1f7c Fixes #10451: Check of existence of $_SERVER in \yii\web\Request before using it 2016-02-15 23:22:45 +03:00
Carsten Brandt
9b5f6cb188 prepare for 2.0.7 release 
- adjust version
- build classmap
- build phpdoc @property annotations
- build mime-type file
 2016-02-14 15:45:55 +01:00
Evgeniy Tkachenko
8b9514fd5f Refactoring yii\web\Request::getMethod 2016-01-28 23:15:10 +03:00
SilverFire - Dmitry Naumenko
cd87d67f34 Global DOCS update: ~~~ replaced with ``` 2015-12-02 23:15:28 +02:00
Alexander Makarov
5ab4f0f090 Better quotes usage in strings 
- Use single quote where interpolation isn't necessary
- Use interpolation when it's better than concatenation
 2015-10-10 00:23:52 +03:00
jeicd
c2f83da8d8 Fix phpdoc 2015-10-05 15:00:13 +06:00
Boudewijn Vahrmeijer
dd818e17df Fixes #9754: Fixed \yii\web\Request error when path info is empty 2015-09-23 15:06:23 +03:00
zetamen
df6f270a0e Fixes #9161: Fixed yii\web\Request ignore queryParams when resolve request 2015-07-21 10:40:31 +03:00
Alexander Makarov
9f91a02a86 Fixes #9005: added note about crossdomain jQuery requests and Request::getIsAjax() 2015-07-06 16:34:02 +03:00
Alexander Mohorev
ae42a054bb PSR-2 spaces, commas, etc 2015-06-09 00:05:06 +03:00
Alexander Mohorev
e8535eea22 Incorrect property type declared. 2015-06-07 23:55:34 +03:00
Klimov Paul
8609311738 Fixed numeric keys in $_GET transformed to 0-based, if 'pretty URL' enabled 2015-05-06 17:09:31 +03:00
Carsten Brandt
ef662b57be added missing @since annotations 2015-04-24 12:09:40 +02:00
Qiang Xue
92664b4b11 code optimization [skip ci] 2015-04-06 08:14:01 -04:00
Qiang Xue
739f6358cd Fixes #7637: Allow yii\web\Request::validateCsrfToken() to validate a manually provided token 2015-04-05 17:34:29 -04:00
Qiang Xue
19ca5a1584 Fixes #7637. 2015-03-30 22:36:45 -04:00
Qiang Xue
ae305bb907 Fixes #7226: yii\web\Request::getEtag() should strip off -gzip which may be added by Apache 2015-02-10 13:36:05 -05:00
Qiang Xue
0a6cd6190b Fixes #7051: Added support for preventing swapping values between different cookies 2015-01-28 22:29:37 -05:00
Brandon Kelly
7a9f1a0ce7 getQueryParam() and getBodyParam() doc edits 
- Made yii\web\Request::getQueryParam() and getBodyParam()'s doc blocks more consistent with each other
- getQueryParam() was incorrectly stating that if $name was omitted, all of $_GET would be returned (but $name is required)
 2015-01-12 17:12:57 -08:00
Alexander Mohorev
f1edafffaf PHPDoc comment doesn't contain all necessary @throws tag 
close #5762
 2014-10-25 12:47:08 +02:00
Alexander Makarov
c489f8228d Removed unnecessary token generation. We already have it. 2014-10-09 14:53:59 +04:00
Qiang Xue
d2b864da84 prepare for 2.0.0-rc release. 2014-09-27 21:59:54 -04:00
Qiang Xue
262a77caca Added yii\web\Response::enableCsrfCookie to support storing CSRF tokens in session 2014-09-04 12:20:09 -04:00
Carsten Brandt
92b958cd33 fixed return value of yii\web\Request::getPrefferedLanguage 
ensure it is one of the input values

fixes #4880
 2014-09-01 12:46:38 +02:00
Jin Hu
3a7ed9b1a9 Added yii\web\Request::setRawBody() 2014-08-20 23:14:48 +08:00
Carsten Brandt
3a1e0f3a5c property codestyle framework 2014-07-30 00:21:31 +02:00
Carsten Brandt
1f31f27787 phpdoc 2014-07-29 22:19:14 +02:00
Carsten Brandt
08a480c6e6 make Request more robust against invalid CSRF data 
fixes #4514
 2014-07-29 20:13:57 +02:00
tom--
2c5c2c101b Fixes #4131: Security adjustments 2014-07-26 03:29:30 +04:00
Alexander Makarov
0edd8bc65a Fixed missing and incorrect phpdoc 2014-07-25 17:26:35 +04:00
Qiang Xue
4e4e76e883 Request::cookieValidationKey must be explicitly specified now. 2014-07-19 15:39:03 -04:00
Qiang Xue
acaa4f8194 Fixes #4204: yii\web\Request::getUserIP() will return null if it cannot detect user IP address 2014-07-04 09:14:01 -04:00
Qiang Xue
399b6b18e3 Fixes #4103 2014-06-28 21:58:07 -04:00
Klimov Paul
2bab6259d1 'Security' helper usage switched to 'security' application component. 2014-06-27 14:31:08 +03:00
Carsten Brandt
6578cfbdab updated phpdoc and classmap 2014-06-25 18:24:23 +02:00
Qiang Xue
6b799d392d Fixes #3358: Removed automatic CSRF meta tag generation by View. Added Html::csrfMetaTags() and its call to main layout files 2014-06-13 10:04:48 -04:00
SonicGD
b2246d19ce fix align 2014-06-04 09:36:55 +06:00
SonicGD
bf73fd81c1 Set expire to null so CookieCollection::has work 2014-06-04 09:33:39 +06:00
Qiang Xue
313437f3c0 Fixes #3284: Added support for checking multiple ETags by yii\filters\HttpCache. 2014-05-23 15:53:49 -04:00
Carsten Brandt
76d8e2b5b3 code style, fixes #3140 2014-04-17 13:24:16 +02:00
Qiang Xue
0b29c9607d fixed broken API links [skip ci] 2014-04-09 22:22:49 -04:00
Carsten Brandt
27659d1776 fixed FileHelper private method static call 2014-03-26 17:51:52 +01:00
Carsten Brandt
1e75427393 updated classmap and phpdoc 2014-03-24 23:26:30 +01:00
Qiang Xue
4c939eee3e reverted back change to parsing body params. 2014-03-23 16:52:43 -04:00