dc05f31100
Fix #20292 : Fix \yii\web\Session should not set cookie params, when useCookie is false
2024-12-07 10:19:25 +03:00
65e3369e16
Fix #20140 : Fix compatibility with PHP 8.4: calling session_set_save_handler()
2024-12-06 13:34:47 +03:00
36b34b0dc1
fix 'unafe' typo
2024-11-28 12:01:15 +07:00
e6e8311d57
fix phpdoc
2024-11-25 13:58:16 +07:00
9a3797b11f
update phpdoc
2024-11-24 17:42:00 +07:00
717b285115
add CSRF validation by custom HTTP header
2024-11-23 18:58:06 +07:00
f96c2c5ef4
Add accidentally removed phpdoc
2024-07-12 16:29:14 +03:00
3fa2d61e54
Fix #20175 : Fix bad result for pagination when used with GridView
2024-06-08 10:29:40 +03:00
52e4a3e645
release version 2.0.50
2024-05-30 20:23:31 +03:00
f7baab16e7
Merge pull request from GHSA-qg5r-95m4-mjgj
...
* Hotfix: Reflected XSS in Debug mode
* Added entry for the security issue GHSA-qg5r-95m4-mjgj to the CHANGELOG
* Update CHANGELOG.md
* Update CHANGELOG.md
---------
Co-authored-by: Alexander Makarov <sam@rmcreative.ru>
2024-05-30 19:29:52 +03:00
af705d9eb2
Fix ci lint.
2024-05-28 11:54:31 -04:00
7a8b9d63ad
Fix #20165 : Adjust pretty name of closures for PHP 8.4 compatibility
2024-05-27 16:08:59 +03:00
f2ea9be242
Update deprecated isArray() method in Controller.php ( #20156 )
2024-05-16 13:16:33 +03:00
bf3ada13fc
Fix #20087 : Add custom attributes to script tags
2024-04-03 16:18:16 +03:00
e2a167028b
Upgrade to PSR12 coding standard ( #20121 )
2024-03-19 17:21:27 +03:00
e02245f18e
Fix typo in setCookieParams() documentation
2024-03-06 14:34:00 -05:00
c7b4b1dcdd
Get rid of deprecation warnings for trim() [PHP8.3] ( #20090 )
2024-01-03 10:54:59 +03:00
6fdb805da8
Fix #18469 : Fixed Link::serialize(array $links) method in yii\web\Link
2023-11-23 18:09:35 +03:00
73902f0730
Added support for string and DateTimeInterface as Cookie::$expire ( #19920 )
...
* Added support for string as Cookie::$expire
* Updated changelog for #19920 (Broadened the accepted type of `Cookie::$expire` from `int` to `int|string|null`)
* Fixed `\yiiunit\framework\web\ResponseTest::parseHeaderCookies()` to overwrite existing cookie.
* Added support for `\DateTimeInterface` in `\yii\web\Cookie::$expire`
* Fixed `\yiiunit\framework\web\ResponseTest::cookiesTestProvider()` for PHP 5.4 and commited missing code for \DateTimeInterface processing in `\yii\web\Response::sendCookies()`
2023-08-15 18:38:10 +02:00
504a66dae5
Update documentation for setCookieParams ( #19921 )
...
The link for more information about "sameSite" lead to a 404 Not Found.
2023-07-30 11:51:25 +02:00
80a18ad6ba
Fix #18859 : Fix yii\web\Controller::bindInjectedParams() to not throw error when argument of ReflectionUnionType type is passed
2023-05-31 21:30:45 +03:00
c9f491b4f7
release version 2.0.48.1
2023-05-24 23:04:02 +04:00
8228d81b25
release version 2.0.48
2023-05-22 10:32:53 +04:00
87f05afb8a
Prevent redirection with new line character in the route ( #19800 )
...
* Prevent redirection with new line character in the route
* Remove escape
* Remove import
* Changelog
* Remove \
2023-03-31 14:40:31 +02:00
aa1e4432f1
Fix #19794 : Add caching in yii\web\Request for getUserIP() and getSecureForwardedHeaderTrustedParts()
2023-03-30 11:51:09 +03:00
fe46b59361
Change property visibility to allow more flexibility for apps ( #19696 )
...
* Change property visibility to allow more flexibility for apps
* Update framework/web/View.php
Co-authored-by: Alexander Makarov <sam@rmcreative.ru>
* Added changelog
Co-authored-by: Alexander Makarov <sam@rmcreative.ru>
2022-11-29 08:18:03 +01:00
25eed6fe1c
Fix phpdoc for yii\web\Controller ( #19619 )
2022-10-12 08:41:20 +02:00
473ead8e46
Optimize: simplified regexp ( #19541 )
2022-09-06 09:42:58 +03:00
d6dfca1b80
Fix #16658 : Fix file readability check on publishing assets by yii\web\AssetManager
2022-08-29 10:18:59 +03:00
22614a5b1f
release version 2.0.46
2022-08-19 01:18:45 +03:00
161526cd41
HTTPS everywhere ( #19503 )
2022-08-03 12:32:18 +03:00
827db6c90e
Revert "Fix #19290 : Fix Request::getHostInfo() doesn’t return the port if a Host header is used"
...
This reverts commit 8046d3a50f207e1033e1b23ff571da5bced0c822.
2022-07-01 10:28:31 +03:00
34708b4cf4
Fix #19400 : Fix passing null in yii\web\Response::redirect()
2022-06-21 00:15:07 +03:00
45519d3c18
Fix #19437 : Add support to specify request port by trusted proxies in \yii\web\Request::getServerPort()
2022-06-17 20:18:18 +03:00
a98ab994ad
Fix #19403 : Fix types in yii\web\SessionIterator
2022-06-01 11:23:36 +03:00
a345649871
Normalize PhpDoc types in AssetsManager ( #19419 )
2022-06-01 10:30:10 +03:00
e39e744b45
Fix #19384 : Normalize setBodyParams() and getBodyParam() in yii\web\Request
2022-05-23 10:39:33 +04:00
8046d3a50f
Fix #19290 : Fix Request::getHostInfo() doesn’t return the port if a Host header is used
2022-04-16 00:37:55 +04:00
406ec82f94
Fix #19270 : Replace deprecated scss converter in yii\web\AssetConverter::$commands
2022-04-08 01:18:36 +04:00
a87c02c712
Fix more types ( #19333 )
...
* Migration::upsert() returns void
* Unneeded `@property` tags
* Add missing `null` param/return types
* Null types for db\Query + db\ActiveQuery
* Fixed testSelect
* Null types for Validator
* Several more null types
* One more
* Make AccessRule::$allow always a boolean
It doesn't have any special null handling, so it's safe to default to false
* Validator::$skipOnEmpty is always a boolean
* Catch all throwable from Widget::widget()
* Don't limit $previous args to \Exception
The actual \Exception allows $previous to be any throwable in PHP 7+
* Add Throwable catch block to Instance::get()
* Throwable cleanup
Comment changes only.
- Document \Throwable instead of \Exception wherever appropriate
- Removed redundant exception/error classes when \Throwable is referenced
* Yii::setlogger() accepts null
* ArrayHelper::removeValue() can remove any type of value
* Change default $allow value to false
2022-04-03 11:20:21 +02:00
4628b91e73
Fix types ( #19332 )
...
* Migration::upsert() returns void
* Unneeded `@property` tags
* Add missing `null` param/return types
* Null types for db\Query + db\ActiveQuery
* Fixed testSelect
2022-03-30 18:40:10 +02:00
4cfdfc011f
Add yii\web\UploadedFile::$fullPath ( #19308 )
...
* Add `yii\web\UploadedFile::$fullPath`
`$_FILES['userfile']['full_path']` Available as of PHP 8.1.
Updates related methods `loadFilesRecursive()` and `loadFilesRecursive()`
* Update UploadedFile.php
* Update UploadedFile.php
* Update UploadedFile.php
* Update CHANGELOG.md
* Apply suggestions from code review
Co-authored-by: Bizley <pawel@positive.codes>
* Update UploadedFile.php
Co-authored-by: Bizley <pawel@positive.codes>
2022-03-30 09:38:00 +02:00
f6d328335e
GroupUrlRule slash in prefix ( #19330 )
...
* Bring back slash
* changelog
* group url rule test
2022-03-29 21:37:25 +02:00
4d90778861
Fix bug #19235 ( #19247 )
...
* Fix bug #19235
* Update CHANGELOG.md
* Update CHANGELOG.md
* Update CHANGELOG.md
2022-02-18 09:27:18 +01:00
0792736b35
release version 2.0.45
2022-02-11 16:12:40 +03:00
aa61a7b77a
clarification added ( #19220 )
2022-02-10 14:07:39 +01:00
71e810c89d
Fix #19130 : Fix DbSession breaks in some case
2022-02-08 16:45:42 +03:00
60c91eb433
Fix BC introduced in #19188 ( #19194 )
2022-01-27 21:47:37 +03:00
dbb157fd32
Fix #19187 : Fix yii\filters\PageCache to store original headers names instead of normalized ones
2022-01-27 00:52:32 +03:00
0eaa71d46c
Fix #19191 : Change \Exception to \Throwable in BadRequestHttpException and HttpException
2022-01-27 00:51:23 +03:00
