Mirrors/yii2
2
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2026-03-20 22:27:57 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,942 Commits 10 Branches 80 Tags
5ccbe85ffa18cd438e8f8008b2f736e41693fb7a
Commit Graph

776 Commits

Author SHA1 Message Date
Carsten Brandt
1278b018fa Add IIS specific header to secure headers (#14715) 
See https://github.com/yiisoft/yii2/issues/14400#issuecomment-324233065
for more details.
 2017-08-25 13:31:27 +03:00
Carsten Brandt
9e713dba29 break if a matching trusted host is found 
fix for https://github.com/yiisoft/yii2/pull/13780#discussion_r134186910
thanks to @krukru !

PR #13780
 2017-08-21 16:37:01 +02:00
Robert Korulczyk
5a8c3d537b Enable phpdoc_summary rule in php-cs-fixer config (#14675) 
* Enable `phpdoc_summary` rule in php-cs-fixer config.

* Fix case in "PHPDoc".
 2017-08-21 11:19:35 +02:00
Robert Korulczyk
1501c659ac Add empty lines before return statements. (#14682) [skip ci] 2017-08-21 01:58:49 +03:00
Robert Korulczyk
b99e955627 Fix CS (#14665) 
* Run php-cs-fixer.

* Enable phpdoc_types rule.
 2017-08-18 12:10:42 +02:00
Sam
0017d9c660 Fixes #13780: Added support for trusted proxies in yii\web\Request 2017-08-17 13:14:51 +03:00
SilverFire - Dmitry Naumenko
368540f8d0 Added tests 2017-08-13 21:15:06 +03:00
shirase
b6a5697c00 User can login by cookie only once when autoRenewCookie is set to false 2017-08-13 21:15:02 +03:00
Alexander Makarov
648971a82b Fixes #14542: Ensured only ASCII characters are in CSRF cookie value since binary data causes issues with ModSecurity and some browsers 2017-08-07 13:55:10 +03:00
Dmitry Dorogin
f7fb7cdd87 Fixes #14022: Added posibility to use aliases in yii\web\UrlManager::setBaseUrl() (#14540) 2017-07-31 13:32:08 +02:00
Klimov Paul
578b2caf42 Added yii\web\MultipartFormDataParser::$force option allowing to enforce parsing even on 'POST' request 2017-07-24 15:28:22 +03:00
PowerGamer1
8a6f5829d4 Fix for invalid example in Request phpdoc [skip ci] 2017-07-23 23:28:54 +03:00
Alexander Makarov
1f26db9fb7 Applied code style fixes 2017-07-21 15:42:06 +03:00
Dmitry Dorogin
6d2e0aff82 Fixes #14406: Fixed caching rules in yii\web\UrlManager with different ruleConfig configuration 2017-07-19 23:45:03 +03:00
Carsten Brandt
69673c0c94 Rename Object -> BaseObject for PHP 7.2 compatibility 
issue #7936
 2017-07-19 10:51:46 +02:00
PowerGamer1
40e242b562 Fixes #14469: updated RFC links [skip ci] 2017-07-18 22:59:25 +03:00
Alexander Makarov
d38908fc13 Fixed #14469: updated RFC links 2017-07-17 16:21:49 +03:00
yyxx9988
46bf3c410a Add yii\web\Request::getOrigin() method that returns HTTP_ORIGIN of current CORS request 
>The Origin request header indicates where a fetch originates from. It doesn't include any path information, but only the server name. It is sent with CORS requests, as well as with POST requests. It is similar to the Referer header, but, unlike this header, it doesn't disclose the whole path.

From https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin

Working code samples

```php
<?php

// We'll be granting access to only the arunranga.com domain
// which we think is safe to access this resource as application/xml

if($_SERVER['HTTP_ORIGIN'] == "http://arunranga.com") {
    header('Access-Control-Allow-Origin: http://arunranga.com');
    header('Content-type: application/xml');
    readfile('arunerDotNetResource.xml');
} else {
  header('Content-Type: text/html');
  echo "<html>";
  echo "<head>";
  echo "   <title>Another Resource</title>";
  echo "</head>";
  echo "<body>",
       "<p>This resource behaves two-fold:";
  echo "<ul>",
         "<li>If accessed from <code>http://arunranga.com</code> it returns an XML document</li>";
  echo   "<li>If accessed from any other origin including from simply typing in the URL into the browser's address bar,";
  echo   "you get this HTML document</li>",
       "</ul>",
     "</body>",
   "</html>";
}
?>
```
See https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control for more info.

close #13835
 2017-07-12 11:10:21 +02:00
Robert Korulczyk
a50d9d8e3e Enable include rule in php-cs-fixer (#14418) 2017-07-10 13:19:57 +03:00
Robert Korulczyk
fe8a0a6a2e Enable no_useless_else rule in php-cs-fixer (#14420) 2017-07-10 11:26:21 +03:00
Carsten Brandt
f67d8d5a79 Fixed broken error page when calling an undefined method 
fixes #14269
 2017-07-06 13:51:36 +02:00
Carsten Brandt
13d35c4e03 add notes to View register JS and CSS file methods 
explain why assetmanager features are not available in these methods.

close #14382
related to #10297, #9101
 2017-07-04 11:58:20 +02:00
Brandon Kelly
6f03e8b692 Fixes #14298: The default response formatter configs defined by yii\web\Response::defaultFormatters() now use the array syntax 2017-06-21 02:04:39 +03:00
Robert Korulczyk
ba0ab403b5 Added php-cs-fixer coding standards validation to Travis CI (#14100) 
* php-cs-fixer: PSR2 rule.

* php-cs-fixer: PSR2 rule - fix views.

* Travis setup refactoring.

* Add php-cs-fixer to travis cs tests.

* Fix tests on hhvm-3.12

* improve travis config

* composer update

* revert composer update

* improve travis config

* Fix CS.

* Extract config to separate classes.

* Extract config to separate classes.

* Add file header.

* Force short array syntax.

* binary_operator_spaces fixer

* Fix broken tests

* cast_spaces fixer

* concat_space fixer

* dir_constant fixer

* ereg_to_preg fixer

* function_typehint_space fixer

* hash_to_slash_comment fixer

* is_null fixer

* linebreak_after_opening_tag fixer

* lowercase_cast fixer

* magic_constant_casing fixer

* modernize_types_casting fixer

* native_function_casing fixer

* new_with_braces fixer

* no_alias_functions fixer

* no_blank_lines_after_class_opening fixer

* no_blank_lines_after_phpdoc fixer

* no_empty_comment fixer

* no_empty_phpdoc fixer

* no_empty_statement fixer

* no_extra_consecutive_blank_lines fixer

* no_leading_import_slash fixer

* no_leading_namespace_whitespace fixer

* no_mixed_echo_print fixer

* no_multiline_whitespace_around_double_arrow fixer

* no_multiline_whitespace_before_semicolons fixer

* no_php4_constructor fixer

* no_short_bool_cast fixer

* no_singleline_whitespace_before_semicolons fixer

* no_spaces_around_offset fixer

* no_trailing_comma_in_list_call fixer

* no_trailing_comma_in_singleline_array fixer

* no_unneeded_control_parentheses fixer

* no_unused_imports fixer

* no_useless_return fixer

* no_whitespace_before_comma_in_array fixer

* no_whitespace_in_blank_line fixer

* not_operator_with_successor_space fixer

* object_operator_without_whitespace fixer

* ordered_imports fixer

* php_unit_construct fixer

* php_unit_dedicate_assert fixer

* php_unit_fqcn_annotation fixer

* phpdoc_indent fixer

* phpdoc_no_access fixer

* phpdoc_no_empty_return fixer

* phpdoc_no_package fixer

* phpdoc_no_useless_inheritdoc fixer

* Fix broken tests

* phpdoc_return_self_reference fixer

* phpdoc_single_line_var_spacing fixer

* phpdoc_single_line_var_spacing fixer

* phpdoc_to_comment fixer

* phpdoc_trim fixer

* phpdoc_var_without_name fixer

* psr4 fixer

* self_accessor fixer

* short_scalar_cast fixer

* single_blank_line_before_namespace fixer

* single_quote fixer

* standardize_not_equals fixer

* ternary_operator_spaces fixer

* trailing_comma_in_multiline_array fixer

* trim_array_spaces fixer

* protected_to_private fixer

* unary_operator_spaces fixer

* whitespace_after_comma_in_array fixer

* `parent::setRules()` -> `$this->setRules()`

* blank_line_after_opening_tag fixer

* Update finder config.

* Revert changes for YiiRequirementChecker.

* Fix array formatting.

* Add missing import.

* Fix CS for new code merged from master.

* Fix some indentation issues.
 2017-06-12 12:25:45 +03:00
SilverFire - Dmitry Naumenko
cb53b2feec Fixes #14081: Added yii\caching\CacheInterface to make custom cache extensions adoption easier 2017-06-11 19:18:33 +03:00
Carsten Brandt
be658f82bf release version 2.0.12 2017-06-05 16:33:41 +02:00
Carsten Brandt
c09a03ab8e fixed version and missing @since annotation 2017-06-05 16:26:51 +02:00
Carsten Brandt
4b9e48b8dc improved docs: link term "path alias" to the guide 2017-06-02 10:45:20 +02:00
ejsoft
e5799da1c0 Remove unnecessary variable from UrlRule.php (#13948) 2017-05-10 12:31:05 +03:00
Robert Korulczyk
daa8b67c7b Fixes #13350, #14094, #11288 
- Bug #13350: Fixed bug with incorrect caching of `yii\web\UrlRule::createUrl()` results in `yii\web\UrlManager`.
- Bug #14094: Fixed bug when single `yii\web\UrlManager::createUrl()` call my result multiple calls of `yii\web\UrlRule::createUrl()` for the same rule.
- Enh #11288: Added support for caching of `yii\web\UrlRule::createUrl()` results in `yii\web\UrlManager` for rules with defaults.
 2017-05-10 12:30:43 +03:00
Craig London
e360457091 function clear() -- Set populated arrays to empty arrays (#14067) 
`yii\web\View::clear()` sets populated arrays to empty arrays
 2017-05-09 17:31:13 +03:00
Carsten Brandt
5e8e6840b6 Added copyEmptyDirectories option to FileHelper 
also set it to false in AssetManager to avoid creating a lot of empty
directories.

fixes #9669
 2017-05-08 00:21:53 +02:00
Robert Korulczyk
2d28b585a0 Merge branch 'master' into 13614-add-a-failing-test-for-url-rule 2017-04-27 22:07:55 +02:00
Robert Korulczyk
94eda9bd52 Add phpdoc. [skip ci] 2017-04-26 20:24:07 +02:00
Alexander Makarov
705dae9964 Fixes #14052: Fixed processing parse errors on PHP 7 since these are instances of \ParseError 2017-04-26 12:56:54 +03:00
Michael Härtl
6792099bcc Fixes #13689: Fixed handling of errors in closures 2017-04-26 03:34:25 +03:00
sasha-ch
339c7663eb Fixes #10346: Fixed "DOMException: Invalid Character Error" in yii\web\XmlResponseFormatter::buildXml() 2017-04-26 02:06:36 +03:00
Carsten Brandt
4af62a6bd7 improve session PHPdoc 2017-04-25 23:02:19 +02:00
micro-maureen
8eabff0698 #13975: make documentation of current behaviour more clear [skip ci] 2017-04-16 00:55:35 +03:00
Alexander Makarov
b04ff959ce Fixed misleading docs about encoded URIs [skip ci] 2017-04-07 15:59:59 +03:00
Carsten Brandt
5bbf372f85 cleanup some phpdoc 2017-04-04 10:33:30 +02:00
Alexander Makarov
43edf24123 Eliminated else branches in yii\web\Request 2017-04-02 02:15:39 +03:00
Sam Mousa
8ae207c3a1 Fixes #13837: Refactored masking of CSRF tokens 2017-04-02 02:10:16 +03:00
Alexander Makarov
a626440761 Reverted #13822, clarified exception descriptions 2017-03-30 16:50:18 +03:00
Vladimir Reznichenko
6da1ec6fb2 Fixes #13845: mt_rand() is not used instead of rand() in yii\captcha\CaptchaAction + minor code improvements 2017-03-24 13:50:13 +03:00
Nikolay Oleynikov
ea75068a92 Fixes #13813: Fixed PHP 7 compatibiltiy by adding support for passing instances of Error to the yii\web\Response::setStatusCodeByException() 2017-03-23 01:20:42 +03:00
Nikolay Oleynikov
7a2f04ae32 Fixes #13822: Fixed yii\web\User::loginRequired() to throw an UnauthorizedHttpException instead of a ForbiddenHttpException 2017-03-23 00:18:39 +03:00
yyxx9988
0770863209 Fixes #13820: Add new HTTP status code 451 2017-03-22 13:29:40 +03:00
Alexander Makarov
bc59d5da85 Fixes #13707: Fixed \yii\web\ErrorHandler and \yii\web\ErrorAction not setting correct response code to response object before rendering error view 2017-03-16 12:03:23 +03:00
Alexander Makarov
a6d266405d Fixes #13671: Fixed error handler trace to work correctly with XDebug 2017-03-06 15:24:18 +03:00