scottix
975937e531
Fix #18006 : Allow SameSite cookie pre PHP 7.3
2020-05-01 13:28:23 +03:00
Alexander Makarov
65e5640810
Fix #17932 : Fix regression in detection of AJAX requests ( #17937 )
2020-03-26 12:30:56 +03:00
Igor Tarasov
7f88acb313
Fix #17878 : Detect CORS AJAX requests without X-Requested-With in Request::getIsAjax()
2020-03-24 19:01:52 +03:00
Alex
4b6d3c0290
Fix #17929 : Actions can now have bool typed params bound
2020-03-24 18:44:43 +03:00
Yusup Hambali
55793471ea
Fix #17875 : Revert move_uploaded_file() function instead of copy() and unlink() for saving uploaded files when POST request
2020-02-20 12:22:01 +03:00
haveyaseen
82b7ecbdf3
Fix #17828 : Fix yii\web\UploadedFile::saveAs() failing when error value in $_FILES entry is a string
2020-02-01 12:56:22 +03:00
Ather Shu
038ce9f77e
Fix #17755 : Fix a bug for web request with trustedHosts set to format ['10.0.0.1' => ['X-Forwarded-For']]
2020-01-15 15:51:57 +03:00
Yusup Hambali
cf0e56907f
Fix #17037 , Fix #17729 : Fix uploaded file saving for multipart forms, add path alias support for UploadFile::saveAs()
2020-01-15 00:57:45 +03:00
Somogyi Márton
5e71b11d8d
#17733 : Additional fixes for #17665 , Forwarded header parsing in Request
...
- Remove header from secure headers
- Regexp and return null fix
- Fix tests, fix in array case sensitivity, rx duplicated group name
- Simplify code
- Add phpdoc
Co-Authored-By: Alexander Makarov <sam@rmcreative.ru >
2019-12-17 21:53:55 +03:00
Mikk Tendermann
83055dcc33
Fix #17665 : Implement RFC 7239 Forwarded header parsing in Request
2019-12-12 23:29:54 +03:00
Bizley
1a8c83ba43
Fix #17694 : Fixed Error Handler to clear registered view tags, scripts, and files when rendering error view through action view
2019-12-03 21:36:48 +03:00
Brandon Kelly
40797c1139
Fix #17701 : Throw BadRequetHttpException when request params can’t be bound to bool, int, and float controller action arguments
2019-12-03 12:40:56 +03:00
Somogyi Márton
6c1b2db9de
Fix #17434 : IE Ajax redirect fix for non 11.0 versions
2019-11-18 12:45:35 +03:00
AlexRas007
9c5cd51a3b
Fix #17632 : Unicode file name was not correctly parsed in multipart forms
2019-11-05 14:42:22 +03:00
Somogyi Márton
6a2777fc6d
Add Request tests for already resolved IP case #17521 ( #17594 )
2019-10-05 23:54:17 +03:00
Somogyi Márton
9054cdfdcc
Fixes #17521 : Request::getUserHost() and request::getUserIp() ( #17593 )
2019-10-05 22:33:29 +03:00
Somogyi Márton
c87855b31c
Fix #17573 : Request::getUserIP() security fix for the case when Request::$trustedHost and Request::$ipHeaders are used
2019-10-03 14:56:20 +03:00
Alexandr Kozhevnikov
96cd8bcb68
Fix #16826 : appendTimestamp support was added to View methods registerCssFile() and registerJsFile()
2019-09-17 14:07:15 +03:00
Somogyi Márton
10a069a3a4
Fix #17434 : Fixed Internet Explorer 11 AJAX redirect bug in case of 301 and 302 response codes (XMLHttpRequest: Network Error 0x800c0008)
2019-09-03 17:54:14 +03:00
Alexander Kartavenko
c5397f8784
Closes #16411 . Fix windows tests ( #17380 )
...
* Fix `\yiiunit\framework\helpers\ConsoleTest::testErrorSummary`
* Fix `\yiiunit\framework\console\controllers\PHPMessageControllerTest::testRemoveUnusedBehavior`
2019-06-19 16:48:20 +03:00
Alexander Kartavenko
3601d512c2
Fixes #17070 : Strip invalid character from fallback file name
2019-06-12 23:41:40 +03:00
lubosdz
8bb334b9ae
Fixes #9438 , #13740 , #15037 : Handle DB session callback custom fields before session closed
2019-03-09 15:54:39 +03:00
Nikolay Poryadin
fc98a95a90
Fixes #17185 : Fixed AssetManager timestamp appending when a file is published manually
2019-03-05 18:11:27 +03:00
Mikk Tendermann
81f7d381e5
Fixes #17180 : Do not populate yii\web\Response::$response when response code is 204
2019-03-05 12:34:40 +03:00
Nikolay
fd3eb699d4
Fixes #17094 : Fixed response on 204 status. Now it is empty
2019-02-04 00:10:47 +03:00
Carsten Brandt
6fe809ea26
added test case for checking BC of #16772 and #14759
2019-01-30 23:59:09 +01:00
SilverFire - Dmitry Naumenko
e4eaccc14d
Merge branch 'security'
2019-01-28 22:50:38 +02:00
Vladimir Votinov
3c091b802a
When uses filter \yii\filters\PageCache, then yii\web\JsonResponseFor… ( #17044 )
...
* When uses filter \yii\filters\PageCache, then yii\web\JsonResponseFormatter sets Response::$content as null, howerer \yii\filter\PageCache has been restore content
2019-01-18 06:06:08 -05:00
SilverFire - Dmitry Naumenko
659b3d4b77
Fixing DB session override problems
...
See #16959
2019-01-15 12:42:13 +02:00
Pavel Ivanov
966f262016
Fixes AssetBundleTest for vagrant ENV ( #17003 )
...
1. There is no need to use setUp/tearDown just for one TestCase method.
2. Previous implementation of testBasePathIsWritableOnPublish() doesn't work in vagrant environment using shared files because of unreliable chmod.
So, this implementation is more versatile and optimized.
2019-01-02 18:45:40 -05:00
Andrew
572e5f6655
Fixes #15850 : check basePath is writable on publish in AssetManager
2018-12-16 01:54:00 +03:00
Andrew
3221ab0769
Fix #15683 : Fix file as array uploading in MultipartFormDataParser ( #16950 )
2018-12-10 11:49:36 +03:00
SilverFire - Dmitry Naumenko
1e13bfd13d
Fixed CSRF token check bypassing in Request::getMethod()
2018-11-23 12:55:16 +02:00
Bizley
ab39246ab5
Fixes #16101 : Fixed Error Handler to clear registered meta tags, link tags, css/js scripts and files in error view
2018-10-27 20:27:58 +03:00
Alexandr Ivanov
0ad5afd387
Fixes #14759 : Fixed yii\web\JsonResponseFormatter output for null data
2018-10-07 16:26:59 +03:00
Carsten Brandt
d0712e4918
added tests to verify issue #16484
...
the case is to match all module names before a catch-all URL rule.
module routes should work with "module name only", "module
name+controller name" and "module/controller/action".
2018-07-24 16:45:46 +02:00
Viktor
0b61f9ba3b
Fixes #16301 : Fixed yii\web\User::setIdentity() to clear access check cache while setting identity object to null
2018-05-21 22:19:49 +05:00
pgaultier
35ac718110
Fixes #16006 : Handle case when X-Forwarded-Host header have multiple hosts separated with a comma
2018-03-31 16:17:16 +03:00
bscheshirwork
7473c422ee
Fixes #15318 : Fixed "session_name(): Cannot change session name when session is active" errors
2018-02-24 01:03:27 +03:00
Benoît
517a5ad93c
Add tests
2018-02-21 14:38:50 +01:00
SilverFire - Dmitry Naumenko
9323817a53
Refactored code, added tests
2018-02-15 23:14:52 +02:00
Aleksandar Belic
b566dd522c
Fixes #15272 : Removed type attribute from script tag
2018-02-14 13:39:48 +03:00
Alexander Makarov
25f8b263e5
Fixes #14811 : Fixed yii\filters\HttpCache to work with PHP 7.2
2018-02-11 12:08:01 +03:00
Alexander Makarov
a23a325ca7
Fixes #15627 : Corrected session freezing/unfreezing not to attempt opening or closing connection if it isn't necessary
2018-02-10 00:06:10 +03:00
Alexander Makarov
64d57043b1
Fixes #11401 : Fixed yii\web\DbSession concurrency issues when writing and regenerating IDs
2018-02-09 03:13:50 +03:00
Brandon Kelly
2e55570e1f
Fixes #15621 : Fixed yii\web\User::getIdentity() returning null if an exception had been thrown when it was called previously
2018-02-09 01:34:33 +03:00
Alexander
24f4e3126a
Bug #15523 : yii\web\Session settings could now be configured after session is started (StalkAlex, rob006, daniel1302, samdark)
...
Co-authored-by: Alexander Makarov <sam@rmcreative.ru >
Co-authored-by: Robert Korulczyk <robert@korulczyk.pl >
Co-authored-by: daniel.1302 <daniel.1302@gmail.com >
2018-02-08 20:11:45 +03:00
Гордиенко Владислав Юрьевич
7cafa65ad2
Fixes #15216 : Added yii\web\ErrorHandler::$traceLine to allow opening file at line clicked in IDE
2018-02-07 22:36:29 +03:00
Alexander Makarov
7bafb7bf09
Fixes #14488 : Added support for X-Forwarded-Host to yii\web\Request, fixed getServerPort() usage
2018-02-07 00:01:50 +03:00
Alexander Makarov
61b47014a2
Fixes #14643 : Added yii\web\ErrorAction::$layout property to conveniently set layout from error action config
...
Co-authored-by: Stas So <etc@swods.ru >
Co-authored-by: Carsten Brandt <mail@cebe.cc >
2018-02-03 21:18:47 +03:00
