Mirrors/yii2
2
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2026-03-11 18:01:21 +01:00
Code Issues Packages Projects Releases Wiki Activity
19,691 Commits 10 Branches 80 Tags
97909e01befe94de2f7fb992cf8438c00adce146
Commit Graph

944 Commits

Author SHA1 Message Date
Alexander Makarov
7ec7fd11ee Fix #17878: Added note about fetch() to Request::getIsAjax() phpdoc [skip ci] 2020-02-20 01:10:59 +03:00
schevgeny
15d425a3e3 Fix #17843: Fix yii\web\Session::setCookieParamsInternal check param "samesite" 2020-02-03 13:52:46 +03:00
haveyaseen
82b7ecbdf3 Fix #17828: Fix yii\web\UploadedFile::saveAs() failing when error value in $_FILES entry is a string 2020-02-01 12:56:22 +03:00
Alexander Makarov
fd6ccb615c release version 2.0.32 2020-01-22 01:29:38 +03:00
Alexander Makarov
706890a36e Add "since" tags to UploadedFile [skip ci] 2020-01-22 01:01:16 +03:00
Ather Shu
038ce9f77e Fix #17755: Fix a bug for web request with trustedHosts set to format ['10.0.0.1' => ['X-Forwarded-For']] 2020-01-15 15:51:57 +03:00
Yusup Hambali
cf0e56907f Fix #17037, Fix #17729: Fix uploaded file saving for multipart forms, add path alias support for UploadFile::saveAs() 2020-01-15 00:57:45 +03:00
Somogyi Márton
5e71b11d8d #17733: Additional fixes for #17665, Forwarded header parsing in Request 
- Remove header from secure headers
- Regexp and return null fix
- Fix tests, fix in array case sensitivity, rx duplicated group name
- Simplify code
- Add phpdoc

Co-Authored-By: Alexander Makarov <sam@rmcreative.ru>
 2019-12-17 21:53:55 +03:00
Mikk Tendermann
83055dcc33 Fix #17665: Implement RFC 7239 Forwarded header parsing in Request 2019-12-12 23:29:54 +03:00
Alexander Makarov
69b1966b4a PHP 7.4 fixes 
- Fix `Model::activeAttributes()` to access array offset on value of non-string
- Fix incorrect decoding of default binary value for PostgreSQL
- Fix incorrect type-casting of reflection type to string
 2019-12-10 15:08:45 +03:00
Bizley
1a8c83ba43 Fix #17694: Fixed Error Handler to clear registered view tags, scripts, and files when rendering error view through action view 2019-12-03 21:36:48 +03:00
Brandon Kelly
40797c1139 Fix #17701: Throw BadRequetHttpException when request params can’t be bound to bool, int, and float controller action arguments 2019-12-03 12:40:56 +03:00
Somogyi Márton
6c1b2db9de Fix #17434: IE Ajax redirect fix for non 11.0 versions 2019-11-18 12:45:35 +03:00
AlexRas007
9c5cd51a3b Fix #17632: Unicode file name was not correctly parsed in multipart forms 2019-11-05 14:42:22 +03:00
Alexandr Kozhevnikov
848ab0ce6e Fix #17606: Fix error in AssetBundle when a disabled bundle with custom init() was still published 2019-10-13 19:50:27 +03:00
Somogyi Márton
9054cdfdcc Fixes #17521: Request::getUserHost() and request::getUserIp() (#17593) 2019-10-05 22:33:29 +03:00
Somogyi Márton
c87855b31c Fix #17573: Request::getUserIP() security fix for the case when Request::$trustedHost and Request::$ipHeaders are used 2019-10-03 14:56:20 +03:00
Alexandr Kozhevnikov
96cd8bcb68 Fix #16826: appendTimestamp support was added to View methods registerCssFile() and registerJsFile() 2019-09-17 14:07:15 +03:00
Somogyi Márton
c75ef05539 Fix #17434: Fix regular expression illegal character; Repeated fix for Internet Explorer 11 AJAX redirect bug in case of 301 and 302 response codes (XMLHttpRequest: Network Error 0x800c0008) 2019-09-10 13:52:08 +03:00
Alexander Makarov
aeff8466ff Fix #17544: Removed incorrect statement about default value from Session::$gCProbability and its getter [skip ci] 2019-09-05 21:38:13 +03:00
Brandon Kelly
37df938338 Fix #16531: Fix error in Response::sendContent() when set_time_limit() is disabled 2019-09-03 19:40:44 +03:00
Somogyi Márton
10a069a3a4 Fix #17434: Fixed Internet Explorer 11 AJAX redirect bug in case of 301 and 302 response codes (XMLHttpRequest: Network Error 0x800c0008) 2019-09-03 17:54:14 +03:00
alex-code
378f9ad598 Fix #17424: Subdomain support for User::loginRequired 2019-07-18 11:46:05 +03:00
Konstantin
5c7db1690e Add type null to @return annotation of findIdentityByAccessToken and findIdentity methods (#17430) [skip ci] 2019-07-12 14:15:24 +03:00
Alexander Makarov
f3d1534125 release version 2.0.21 2019-06-18 17:25:08 +03:00
Alexander Kartavenko
3601d512c2 Fixes #17070: Strip invalid character from fallback file name 2019-06-12 23:41:40 +03:00
rhertogh
1ed6ec1e5c Fixes #17353: Added sameSite support for yii\web\Cookie and yii\web\Session::cookieParams 2019-06-11 00:33:36 +03:00
Alexander Makarov
ffe38a920f release version 2.0.17 2019-03-23 00:26:26 +03:00
Brandon Kelly
55418776d4 Fixes #17215: Improved security for servers running PHP 7.0.0+ 2019-03-20 14:38:12 +03:00
lubosdz
8bb334b9ae Fixes #9438, #13740, #15037: Handle DB session callback custom fields before session closed 2019-03-09 15:54:39 +03:00
Nikolay Poryadin
fc98a95a90 Fixes #17185: Fixed AssetManager timestamp appending when a file is published manually 2019-03-05 18:11:27 +03:00
Mikk Tendermann
81f7d381e5 Fixes #17180: Do not populate yii\web\Response::$response when response code is 204 2019-03-05 12:34:40 +03:00
Pavel Dovlatov
bdb7c64910 Update to https protocol for php.net links (#17168) [skip ci] 
* Updated php.net link for some MemCache properties [skip ci]

* Changed protocol to https for links to php.net in comments

* Changed protocol to https for links to php.net in code

* Changed www.php.net (http) to secure.php.net (https) in comments

* Changed www.php.net (http) to secure.php.net (https) in code

* Changed protocol to https for links to php.net in UPGRADE.md

* Changed protocol to https for links to pecl.php.net in comments

* Changed us.php.net to secure.php.net (https) in comments

* Changed protocol to https for links to php.net in docs

* Changed www.php.net (http) to secure.php.net (https) in docs

* Changed protocol to https for links to pecl.php.net in docs

* Changed ru/jp.php.net to secure.php.net (https) in docs

Don't sure about russian guide: is this links meant to be for guide on russian, or not?
 2019-02-28 13:09:27 +03:00
pdynarowski
c776cf6240 Update UrlManager.php (#17102) 
change >>'POST <controller:[\w-]+>s' => '<controller>/create'<< to >>'POST <controller:[\w-]+>' => '<controller>/create'<<
In POST we don't have 's' so  '<controller>/create but not '<controller>s/create
 2019-02-05 23:08:32 +03:00
Nikolay
fd3eb699d4 Fixes #17094: Fixed response on 204 status. Now it is empty 2019-02-04 00:10:47 +03:00
Carsten Brandt
ed64d65886 release version 2.0.16 2019-01-31 00:54:16 +01:00
Carsten Brandt
1128a6d609 added missing documentation 2019-01-31 00:20:44 +01:00
SilverFire - Dmitry Naumenko
e4eaccc14d Merge branch 'security' 2019-01-28 22:50:38 +02:00
Vladimir Votinov
3c091b802a When uses filter \yii\filters\PageCache, then yii\web\JsonResponseFor… (#17044) 
* When uses filter \yii\filters\PageCache, then yii\web\JsonResponseFormatter sets Response::$content as null, howerer \yii\filter\PageCache has been restore content
 2019-01-18 06:06:08 -05:00
SilverFire - Dmitry Naumenko
659b3d4b77 Fixing DB session override problems 
See #16959
 2019-01-15 12:42:13 +02:00
Nikolay
a140b2b468 Fixes #16991: Removed usage of utf8_encode() from Request::resolvePathInfo() 2019-01-03 17:36:16 -05:00
Andrew
572e5f6655 Fixes #15850: check basePath is writable on publish in AssetManager 2018-12-16 01:54:00 +03:00
Andrew
3221ab0769 Fix #15683: Fix file as array uploading in MultipartFormDataParser (#16950) 2018-12-10 11:49:36 +03:00
SilverFire - Dmitry Naumenko
8c72db9b48 Enhanced PHPDocs for IdentityInterface::getAuthKey() 2018-11-25 11:55:49 +02:00
SilverFire - Dmitry Naumenko
1e13bfd13d Fixed CSRF token check bypassing in Request::getMethod() 2018-11-23 12:55:16 +02:00
Carsten Brandt
c82aedb86d add a comment to explain why Url::to() is called in Controller::redirect() 
close #16887
 2018-11-14 15:56:03 +01:00
Bizley
ab39246ab5 Fixes #16101: Fixed Error Handler to clear registered meta tags, link tags, css/js scripts and files in error view 2018-10-27 20:27:58 +03:00
Alexandr Ivanov
0ad5afd387 Fixes #14759: Fixed yii\web\JsonResponseFormatter output for null data 2018-10-07 16:26:59 +03:00
Alexander Makarov
15dfbb0875 Fixes #16322: Fixed strings were not were not compared using timing attack resistant approach while CSRF token validation 2018-05-30 22:48:07 +03:00
Rustam Mamadaminov
0d87c339f2 dropped deprecated exception (#16328) 2018-05-30 00:13:31 +03:00