Tree: 4391ca7f7b

19238-remove-casting

3.0

9899-cache-bug

ar-bug

batch-query-test

bizley-patch-1

master

upd

2.0.0

2.0.0-alpha

2.0.0-beta

2.0.0-rc

2.0.1

2.0.10

2.0.11

2.0.11.1

2.0.11.2

2.0.12

2.0.12.1

2.0.12.2

2.0.13

2.0.13.1

2.0.13.2

2.0.13.3

2.0.14

2.0.14.1

2.0.14.2

2.0.15

2.0.15.1

2.0.16

2.0.16.1

2.0.17

2.0.18

2.0.19

2.0.2

2.0.20

2.0.21

2.0.22

2.0.23

2.0.24

2.0.25

2.0.26

2.0.27

2.0.28

2.0.29

2.0.3

2.0.30

2.0.31

2.0.32

2.0.33

2.0.34

2.0.35

2.0.36

2.0.37

2.0.38

2.0.39

2.0.39.1

2.0.39.2

2.0.39.3

2.0.4

2.0.40

2.0.41

2.0.41.1

2.0.42

2.0.42.1

2.0.43

2.0.44

2.0.45

2.0.5

2.0.6

2.0.7

2.0.8

2.0.9

3.0.0-alpha1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from '4391ca7f7b'

${ noResults }

Commit Graph

22 Commits (4391ca7f7b8b8d2aef3d5ca77408902db8f2e860)

Author	SHA1	Message	Date
Alexander Makarov	7bafb7bf09	Fixes #14488: Added support for X-Forwarded-Host to `yii\web\Request`, fixed `getServerPort()` usage	7 years ago
Paul Klimov	acce1db53b	Fixes #14135: Fixed `yii\web\Request::getBodyParam()` crashes on object type body params	7 years ago
Sam	4d388f6cd2	Fixes #15317: Regenerate CSRF token if an empty value is given	7 years ago
Gabriel Caruso	2992b9b09d	Refactored tests with PHPUnit assert methods (#15260)	7 years ago
SilverFire - Dmitry Naumenko	ea2c475ea7	Moved `HTTP_AUTHORIZATION` header check to `\yii\web\Request`, added docs ... Closes #13564	7 years ago
SilverFire - Dmitry Naumenko	1ce796ef0f	Removed ability to define a hostname as trusted because of possible security issues ... Closes #14691	7 years ago
Robert Korulczyk	5a8c3d537b	Enable `phpdoc_summary` rule in php-cs-fixer config (#14675) ... * Enable `phpdoc_summary` rule in php-cs-fixer config. * Fix case in "PHPDoc".	7 years ago
Robert Korulczyk	0c0942d6e2	Enable `phpdoc_add_missing_param_annotation` rule in php-cs-fixer config. (#14681) [skip ci]	7 years ago
Robert Korulczyk	b99e955627	Fix CS (#14665) ... * Run php-cs-fixer. * Enable phpdoc_types rule.	7 years ago
Sam	0017d9c660	Fixes #13780: Added support for trusted proxies in `yii\web\Request`	7 years ago
Alexander Makarov	648971a82b	Fixes #14542: Ensured only ASCII characters are in CSRF cookie value since binary data causes issues with ModSecurity and some browsers	7 years ago
yyxx9988	46bf3c410a	Add `yii\web\Request::getOrigin()` method that returns HTTP_ORIGIN of current CORS request ... >The Origin request header indicates where a fetch originates from. It doesn't include any path information, but only the server name. It is sent with CORS requests, as well as with POST requests. It is similar to the Referer header, but, unlike this header, it doesn't disclose the whole path. From https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin Working code samples ```php <?php // We'll be granting access to only the arunranga.com domain // which we think is safe to access this resource as application/xml if($_SERVER['HTTP_ORIGIN'] == "http://arunranga.com") { header('Access-Control-Allow-Origin: http://arunranga.com'); header('Content-type: application/xml'); readfile('arunerDotNetResource.xml'); } else { header('Content-Type: text/html'); echo "<html>"; echo "<head>"; echo " <title>Another Resource</title>"; echo "</head>"; echo "<body>", "<p>This resource behaves two-fold:"; echo "<ul>", "<li>If accessed from <code>http://arunranga.com</code> it returns an XML document</li>"; echo "<li>If accessed from any other origin including from simply typing in the URL into the browser's address bar,"; echo "you get this HTML document</li>", "</ul>", "</body>", "</html>"; } ?> ``` See https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control for more info. close #13835	7 years ago
Robert Korulczyk	ba0ab403b5	Added php-cs-fixer coding standards validation to Travis CI (#14100) ... * php-cs-fixer: PSR2 rule. * php-cs-fixer: PSR2 rule - fix views. * Travis setup refactoring. * Add php-cs-fixer to travis cs tests. * Fix tests on hhvm-3.12 * improve travis config * composer update * revert composer update * improve travis config * Fix CS. * Extract config to separate classes. * Extract config to separate classes. * Add file header. * Force short array syntax. * binary_operator_spaces fixer * Fix broken tests * cast_spaces fixer * concat_space fixer * dir_constant fixer * ereg_to_preg fixer * function_typehint_space fixer * hash_to_slash_comment fixer * is_null fixer * linebreak_after_opening_tag fixer * lowercase_cast fixer * magic_constant_casing fixer * modernize_types_casting fixer * native_function_casing fixer * new_with_braces fixer * no_alias_functions fixer * no_blank_lines_after_class_opening fixer * no_blank_lines_after_phpdoc fixer * no_empty_comment fixer * no_empty_phpdoc fixer * no_empty_statement fixer * no_extra_consecutive_blank_lines fixer * no_leading_import_slash fixer * no_leading_namespace_whitespace fixer * no_mixed_echo_print fixer * no_multiline_whitespace_around_double_arrow fixer * no_multiline_whitespace_before_semicolons fixer * no_php4_constructor fixer * no_short_bool_cast fixer * no_singleline_whitespace_before_semicolons fixer * no_spaces_around_offset fixer * no_trailing_comma_in_list_call fixer * no_trailing_comma_in_singleline_array fixer * no_unneeded_control_parentheses fixer * no_unused_imports fixer * no_useless_return fixer * no_whitespace_before_comma_in_array fixer * no_whitespace_in_blank_line fixer * not_operator_with_successor_space fixer * object_operator_without_whitespace fixer * ordered_imports fixer * php_unit_construct fixer * php_unit_dedicate_assert fixer * php_unit_fqcn_annotation fixer * phpdoc_indent fixer * phpdoc_no_access fixer * phpdoc_no_empty_return fixer * phpdoc_no_package fixer * phpdoc_no_useless_inheritdoc fixer * Fix broken tests * phpdoc_return_self_reference fixer * phpdoc_single_line_var_spacing fixer * phpdoc_single_line_var_spacing fixer * phpdoc_to_comment fixer * phpdoc_trim fixer * phpdoc_var_without_name fixer * psr4 fixer * self_accessor fixer * short_scalar_cast fixer * single_blank_line_before_namespace fixer * single_quote fixer * standardize_not_equals fixer * ternary_operator_spaces fixer * trailing_comma_in_multiline_array fixer * trim_array_spaces fixer * protected_to_private fixer * unary_operator_spaces fixer * whitespace_after_comma_in_array fixer * `parent::setRules()` -> `$this->setRules()` * blank_line_after_opening_tag fixer * Update finder config. * Revert changes for YiiRequirementChecker. * Fix array formatting. * Add missing import. * Fix CS for new code merged from master. * Fix some indentation issues.	7 years ago
Sam Mousa	8ae207c3a1	Fixes #13837: Refactored masking of CSRF tokens	8 years ago
Alexander Makarov	3f8e8a89eb	Used more specific unit test assertions in framework tests	8 years ago
gagatust	6397791513	Fixed whitespaces to match code style [skip ci]	8 years ago
Robert Korulczyk	63f95fa3ad	Fixes #11309: Added `yii\web\Request::getHostName()` method that returns hostname of current request	8 years ago
Carsten Brandt	17d08cc0a4	fixed crash on non-string input to CSRF token ... fixes #11822 also adding proper unit tests for validate CSRF token.	8 years ago
quantum	7b46bd1f7c	Fixes #10451: Check of existence of `$_SERVER` in `\yii\web\Request` before using it	9 years ago
zetamen	df6f270a0e	Fixes #9161: Fixed `yii\web\Request` ignore `queryParams` when resolve request	9 years ago
Alexander Makarov	372ff87ee4	Test for #8228	9 years ago
Alexander Makarov	6949992246	Simplified tests directory structure a bit	10 years ago
Carsten Brandt	92b958cd33	fixed return value of yii\web\Request::getPrefferedLanguage ... ensure it is one of the input values fixes #4880	10 years ago
SonicGD	b5f8a4dc22	Reformat code te be PSR-2 compatible	11 years ago
Qiang Xue	ad06b80e6e	Enhanced parsing the accept header.	11 years ago