Carsten Brandt
be658f82bf
release version 2.0.12
7 years ago
Alexander Makarov
b04ff959ce
Fixed misleading docs about encoded URIs [skip ci]
8 years ago
Alexander Makarov
43edf24123
Eliminated else branches in yii\web\Request
8 years ago
Sam Mousa
8ae207c3a1
Fixes #13837 : Refactored masking of CSRF tokens
8 years ago
Carsten Brandt
c19b2f7dc8
release version 2.0.11
8 years ago
Klimov Paul
7da77c3d5a
created `HostControl` filter to prevent Host header attacks
...
fixes #13050
close #13063
8 years ago
Carsten Brandt
a498dedb5c
Added documentation about Host header attack ( #13073 )
...
* Added documentation about Host header attack
Added info about Host header attack (#13050 ) to the guide and the Request class.
When we introduce a filter or property to protect against this, these
sections should be updated to link to that option.
8 years ago
Robert Korulczyk
4aa935e69e
Fixes #12055 : Changed `boolean` to `bool` and `integer` to `int` in phpdoc
8 years ago
Boudewijn Vahrmeijer
32f4dc8997
Fixes #5385 : links created from classes to corresponding guide articles ( #12920 )
8 years ago
Carsten Brandt
11fe407ad0
release version 2.0.10
8 years ago
Robert Korulczyk
63f95fa3ad
Fixes #11309 : Added `yii\web\Request::getHostName()` method that returns hostname of current request
8 years ago
Klimov Paul
ed0603b706
Fixed `yii\web\Request::getBodyParams()` does not pass full 'content-type' value to `yii\web\RequestParserInterface::parse()`
8 years ago
Carsten Brandt
17d08cc0a4
fixed crash on non-string input to CSRF token
...
fixes #11822
also adding proper unit tests for validate CSRF token.
8 years ago
cuiliang
c0df003ac0
merge from master
8 years ago
Nikola Kovacs
9d327baa8b
coding style fixes
8 years ago
Salem Ouerdani
2eb90f82fe
removes nonexistent yii/web/rawCsrfToken from docs ( #11521 )
...
* removes nonexistent yii/web/rawCsrfToken from docs
* maj
9 years ago
Carsten Brandt
731769241b
release version 2.0.8
9 years ago
Carsten Brandt
1f0e24c528
allow resetting autodetected properties in yii\web\Request
...
fixes #11336
9 years ago
Evgeniy Tkachenko
4e59f92829
phpDoc updated
9 years ago
quantum
7b46bd1f7c
Fixes #10451 : Check of existence of `$_SERVER` in `\yii\web\Request` before using it
9 years ago
Carsten Brandt
9b5f6cb188
prepare for 2.0.7 release
...
- adjust version
- build classmap
- build phpdoc @property annotations
- build mime-type file
9 years ago
Evgeniy Tkachenko
8b9514fd5f
Refactoring yii\web\Request::getMethod
9 years ago
SilverFire - Dmitry Naumenko
cd87d67f34
Global DOCS update: ~~~ replaced with ```
9 years ago
Alexander Makarov
5ab4f0f090
Better quotes usage in strings
...
- Use single quote where interpolation isn't necessary
- Use interpolation when it's better than concatenation
9 years ago
jeicd
c2f83da8d8
Fix phpdoc
9 years ago
Boudewijn Vahrmeijer
dd818e17df
Fixes #9754 : Fixed `\yii\web\Request` error when path info is empty
9 years ago
╃巡洋艦㊣
586684b050
2.0.5 bf7edc5
9 years ago
zetamen
df6f270a0e
Fixes #9161 : Fixed `yii\web\Request` ignore `queryParams` when resolve request
9 years ago
Alexander Makarov
9f91a02a86
Fixes #9005 : added note about crossdomain jQuery requests and Request::getIsAjax()
9 years ago
Alexander Mohorev
ae42a054bb
PSR-2 spaces, commas, etc
9 years ago
Alexander Mohorev
e8535eea22
Incorrect property type declared.
9 years ago
Klimov Paul
8609311738
Fixed numeric keys in $_GET transformed to 0-based, if 'pretty URL' enabled
10 years ago
Carsten Brandt
ef662b57be
added missing `@since` annotations
10 years ago
Qiang Xue
92664b4b11
code optimization [skip ci]
10 years ago
Qiang Xue
739f6358cd
Fixes #7637 : Allow `yii\web\Request::validateCsrfToken()` to validate a manually provided token
10 years ago
Qiang Xue
19ca5a1584
Fixes #7637 .
10 years ago
Qiang Xue
ae305bb907
Fixes #7226 : `yii\web\Request::getEtag()` should strip off `-gzip` which may be added by Apache
10 years ago
Qiang Xue
0a6cd6190b
Fixes #7051 : Added support for preventing swapping values between different cookies
10 years ago
Brandon Kelly
7a9f1a0ce7
getQueryParam() and getBodyParam() doc edits
...
- Made yii\web\Request::getQueryParam() and getBodyParam()'s doc blocks more consistent with each other
- getQueryParam() was incorrectly stating that if $name was omitted, all of $_GET would be returned (but $name is required)
10 years ago
╃巡洋艦㊣
1468bd4d3d
version 2.0.1 84b42ab
10 years ago
Alexander Mohorev
f1edafffaf
PHPDoc comment doesn't contain all necessary @throws tag
...
close #5762
10 years ago
Alexander Makarov
c489f8228d
Removed unnecessary token generation. We already have it.
10 years ago
Qiang Xue
d2b864da84
prepare for 2.0.0-rc release.
10 years ago
Qiang Xue
262a77caca
Added `yii\web\Response::enableCsrfCookie` to support storing CSRF tokens in session
10 years ago
Carsten Brandt
92b958cd33
fixed return value of yii\web\Request::getPrefferedLanguage
...
ensure it is one of the input values
fixes #4880
10 years ago
Jin Hu
3a7ed9b1a9
Added yii\web\Request::setRawBody()
10 years ago
RichWeber
92cd13a913
pull origin
10 years ago
Carsten Brandt
3a1e0f3a5c
property codestyle framework
10 years ago
Carsten Brandt
1f31f27787
phpdoc
10 years ago
Carsten Brandt
08a480c6e6
make Request more robust against invalid CSRF data
...
fixes #4514
10 years ago