35ac718110
Fixes #16006 : Handle case when X-Forwarded-Host header have multiple hosts separated with a comma
2018-03-31 16:17:16 +03:00
7473c422ee
Fixes #15318 : Fixed "session_name(): Cannot change session name when session is active" errors
2018-02-24 01:03:27 +03:00
517a5ad93c
Add tests
2018-02-21 14:38:50 +01:00
9323817a53
Refactored code, added tests
2018-02-15 23:14:52 +02:00
b566dd522c
Fixes #15272 : Removed type attribute from script tag
2018-02-14 13:39:48 +03:00
25f8b263e5
Fixes #14811 : Fixed yii\filters\HttpCache to work with PHP 7.2
2018-02-11 12:08:01 +03:00
a23a325ca7
Fixes #15627 : Corrected session freezing/unfreezing not to attempt opening or closing connection if it isn't necessary
2018-02-10 00:06:10 +03:00
64d57043b1
Fixes #11401 : Fixed yii\web\DbSession concurrency issues when writing and regenerating IDs
2018-02-09 03:13:50 +03:00
2e55570e1f
Fixes #15621 : Fixed yii\web\User::getIdentity() returning null if an exception had been thrown when it was called previously
2018-02-09 01:34:33 +03:00
24f4e3126a
Bug #15523 : yii\web\Session settings could now be configured after session is started (StalkAlex, rob006, daniel1302, samdark)
...
Co-authored-by: Alexander Makarov <sam@rmcreative.ru>
Co-authored-by: Robert Korulczyk <robert@korulczyk.pl>
Co-authored-by: daniel.1302 <daniel.1302@gmail.com>
2018-02-08 20:11:45 +03:00
7cafa65ad2
Fixes #15216 : Added yii\web\ErrorHandler::$traceLine to allow opening file at line clicked in IDE
2018-02-07 22:36:29 +03:00
7bafb7bf09
Fixes #14488 : Added support for X-Forwarded-Host to yii\web\Request, fixed getServerPort() usage
2018-02-07 00:01:50 +03:00
61b47014a2
Fixes #14643 : Added yii\web\ErrorAction::$layout property to conveniently set layout from error action config
...
Co-authored-by: Stas So <etc@swods.ru>
Co-authored-by: Carsten Brandt <mail@cebe.cc>
2018-02-03 21:18:47 +03:00
e07219c812
Fixes #13996 : Added yii\web\View::registerJsVar() method that allows registering JavaScript variables
2018-01-26 15:31:27 +03:00
acce1db53b
Fixes #14135 : Fixed yii\web\Request::getBodyParam() crashes on object type body params
2018-01-18 00:33:41 +03:00
3c017b6b61
Fixes #15462 : Fixed accessChecker configuration error
2018-01-13 20:49:33 +03:00
3b1ff661d8
Fixes #7996 : Short syntax for verb in GroupUrlRule
2017-12-18 00:01:24 +03:00
4d388f6cd2
Fixes #15317 : Regenerate CSRF token if an empty value is given
2017-12-14 12:14:51 +03:00
4270470523
Various test fixes (mostly Windows-specific) ( #15336 )
2017-12-11 22:59:17 +03:00
efac23dde7
Fixes #15335 : Added FileHelper::unlink() that works well under all OSes
2017-12-11 22:29:31 +03:00
2992b9b09d
Refactored tests with PHPUnit assert methods ( #15260 )
2017-11-30 22:10:31 +03:00
ba38edd393
Fix last time driver use if not support any ( #15246 )
2017-11-29 22:38:34 +03:00
48bf8ce048
Fixes #14662 : Added support for custom Content-Type specification to yii\web\JsonResponseFormatter
2017-11-15 00:39:32 +03:00
5c6ba33e55
Disabled only PgSQL tests of DbSession in HHVM
2017-11-01 08:05:02 +02:00
0dede3922d
Disabled DbSession tests for HHVM
2017-11-01 07:39:41 +02:00
fb23b0d0ea
Code style fixes
2017-11-01 02:43:02 +03:00
4831263716
Fixed tests for HHVM and PHP 5.4
2017-10-31 23:23:51 +02:00
2faf771118
Fixes #13436 : Fixed migration for MSSQL DbSession
2017-10-31 12:50:37 +03:00
ea2c475ea7
Moved HTTP_AUTHORIZATION header check to \yii\web\Request, added docs
...
Closes #13564
2017-10-08 23:22:11 +03:00
75e8bfdc58
Fixes #14087 : Added yii\web\View::registerCsrfMetaTags() method that registers CSRF tags dynamically ensuring that caching doesn't interfere
2017-09-29 17:13:04 +03:00
1ce796ef0f
Removed ability to define a hostname as trusted because of possible security issues
...
Closes #14691
2017-09-12 23:28:29 +03:00
5a8c3d537b
Enable phpdoc_summary rule in php-cs-fixer config ( #14675 )
...
* Enable `phpdoc_summary` rule in php-cs-fixer config.
* Fix case in "PHPDoc".
2017-08-21 11:19:35 +02:00
1501c659ac
Add empty lines before return statements. ( #14682 ) [skip ci]
2017-08-21 01:58:49 +03:00
0c0942d6e2
Enable phpdoc_add_missing_param_annotation rule in php-cs-fixer config. ( #14681 ) [skip ci]
2017-08-21 01:57:23 +03:00
b99e955627
Fix CS ( #14665 )
...
* Run php-cs-fixer.
* Enable phpdoc_types rule.
2017-08-18 12:10:42 +02:00
0017d9c660
Fixes #13780 : Added support for trusted proxies in yii\web\Request
2017-08-17 13:14:51 +03:00
368540f8d0
Added tests
2017-08-13 21:15:06 +03:00
648971a82b
Fixes #14542 : Ensured only ASCII characters are in CSRF cookie value since binary data causes issues with ModSecurity and some browsers
2017-08-07 13:55:10 +03:00
f7fb7cdd87
Fixes #14022 : Added posibility to use aliases in yii\web\UrlManager::setBaseUrl() ( #14540 )
2017-07-31 13:32:08 +02:00
578b2caf42
Added yii\web\MultipartFormDataParser::$force option allowing to enforce parsing even on 'POST' request
2017-07-24 15:28:22 +03:00
6d2e0aff82
Fixes #14406 : Fixed caching rules in yii\web\UrlManager with different ruleConfig configuration
2017-07-19 23:45:03 +03:00
69673c0c94
Rename Object -> BaseObject for PHP 7.2 compatibility
...
issue #7936
2017-07-19 10:51:46 +02:00
d38908fc13
Fixed #14469 : updated RFC links
2017-07-17 16:21:49 +03:00
46bf3c410a
Add yii\web\Request::getOrigin() method that returns HTTP_ORIGIN of current CORS request
...
>The Origin request header indicates where a fetch originates from. It doesn't include any path information, but only the server name. It is sent with CORS requests, as well as with POST requests. It is similar to the Referer header, but, unlike this header, it doesn't disclose the whole path.
From https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin
Working code samples
```php
<?php
// We'll be granting access to only the arunranga.com domain
// which we think is safe to access this resource as application/xml
if($_SERVER['HTTP_ORIGIN'] == "http://arunranga.com ") {
header('Access-Control-Allow-Origin: http://arunranga.com ');
header('Content-type: application/xml');
readfile('arunerDotNetResource.xml');
} else {
header('Content-Type: text/html');
echo "<html>";
echo "<head>";
echo " <title>Another Resource</title>";
echo "</head>";
echo "<body>",
"<p>This resource behaves two-fold:";
echo "<ul>",
"<li>If accessed from <code>http://arunranga.com </code> it returns an XML document</li>";
echo "<li>If accessed from any other origin including from simply typing in the URL into the browser's address bar,";
echo "you get this HTML document</li>",
"</ul>",
"</body>",
"</html>";
}
?>
```
See https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control for more info.
close #13835
2017-07-12 11:10:21 +02:00
12eb936083
Enable heredoc_to_nowdoc rule in php-cs-fixer ( #14419 )
2017-07-10 13:18:52 +03:00
ba0ab403b5
Added php-cs-fixer coding standards validation to Travis CI ( #14100 )
...
* php-cs-fixer: PSR2 rule.
* php-cs-fixer: PSR2 rule - fix views.
* Travis setup refactoring.
* Add php-cs-fixer to travis cs tests.
* Fix tests on hhvm-3.12
* improve travis config
* composer update
* revert composer update
* improve travis config
* Fix CS.
* Extract config to separate classes.
* Extract config to separate classes.
* Add file header.
* Force short array syntax.
* binary_operator_spaces fixer
* Fix broken tests
* cast_spaces fixer
* concat_space fixer
* dir_constant fixer
* ereg_to_preg fixer
* function_typehint_space fixer
* hash_to_slash_comment fixer
* is_null fixer
* linebreak_after_opening_tag fixer
* lowercase_cast fixer
* magic_constant_casing fixer
* modernize_types_casting fixer
* native_function_casing fixer
* new_with_braces fixer
* no_alias_functions fixer
* no_blank_lines_after_class_opening fixer
* no_blank_lines_after_phpdoc fixer
* no_empty_comment fixer
* no_empty_phpdoc fixer
* no_empty_statement fixer
* no_extra_consecutive_blank_lines fixer
* no_leading_import_slash fixer
* no_leading_namespace_whitespace fixer
* no_mixed_echo_print fixer
* no_multiline_whitespace_around_double_arrow fixer
* no_multiline_whitespace_before_semicolons fixer
* no_php4_constructor fixer
* no_short_bool_cast fixer
* no_singleline_whitespace_before_semicolons fixer
* no_spaces_around_offset fixer
* no_trailing_comma_in_list_call fixer
* no_trailing_comma_in_singleline_array fixer
* no_unneeded_control_parentheses fixer
* no_unused_imports fixer
* no_useless_return fixer
* no_whitespace_before_comma_in_array fixer
* no_whitespace_in_blank_line fixer
* not_operator_with_successor_space fixer
* object_operator_without_whitespace fixer
* ordered_imports fixer
* php_unit_construct fixer
* php_unit_dedicate_assert fixer
* php_unit_fqcn_annotation fixer
* phpdoc_indent fixer
* phpdoc_no_access fixer
* phpdoc_no_empty_return fixer
* phpdoc_no_package fixer
* phpdoc_no_useless_inheritdoc fixer
* Fix broken tests
* phpdoc_return_self_reference fixer
* phpdoc_single_line_var_spacing fixer
* phpdoc_single_line_var_spacing fixer
* phpdoc_to_comment fixer
* phpdoc_trim fixer
* phpdoc_var_without_name fixer
* psr4 fixer
* self_accessor fixer
* short_scalar_cast fixer
* single_blank_line_before_namespace fixer
* single_quote fixer
* standardize_not_equals fixer
* ternary_operator_spaces fixer
* trailing_comma_in_multiline_array fixer
* trim_array_spaces fixer
* protected_to_private fixer
* unary_operator_spaces fixer
* whitespace_after_comma_in_array fixer
* `parent::setRules()` -> `$this->setRules()`
* blank_line_after_opening_tag fixer
* Update finder config.
* Revert changes for YiiRequirementChecker.
* Fix array formatting.
* Add missing import.
* Fix CS for new code merged from master.
* Fix some indentation issues.
2017-06-12 12:25:45 +03:00
daa8b67c7b
Fixes #13350 , #14094 , #11288
...
- Bug #13350 : Fixed bug with incorrect caching of `yii\web\UrlRule::createUrl()` results in `yii\web\UrlManager`.
- Bug #14094 : Fixed bug when single `yii\web\UrlManager::createUrl()` call my result multiple calls of `yii\web\UrlRule::createUrl()` for the same rule.
- Enh #11288 : Added support for caching of `yii\web\UrlRule::createUrl()` results in `yii\web\UrlManager` for rules with defaults.
2017-05-10 12:30:43 +03:00
3e79d56447
made AssetBundle tests less cryptic
...
cleanup step was added in setUp() so this will still work.
split test functions filehelper test
2017-05-08 10:56:56 +02:00
5e8e6840b6
Added copyEmptyDirectories option to FileHelper
...
also set it to false in AssetManager to avoid creating a lot of empty
directories.
fixes #9669
2017-05-08 00:21:53 +02:00
583a2bcb9f
failing test for asset bundle publishing empty directories
2017-05-08 00:17:34 +02:00
