3b1ff661d8
Fixes #7996 : Short syntax for verb in GroupUrlRule
7 years ago
0b413b0e08
Fixed PHP 5.4 compatibility
7 years ago
4d388f6cd2
Fixes #15317 : Regenerate CSRF token if an empty value is given
7 years ago
185209957e
Fixes #15270 : Resolved potential race conditions when writing generated php-files
7 years ago
48bf8ce048
Fixes #14662 : Added support for custom `Content-Type` specification to `yii\web\JsonResponseFormatter`
7 years ago
2246786483
Fixed jQuery onLoad event handling
...
Fixes #15086
7 years ago
2d672b6722
release version 2.0.13
7 years ago
2faf771118
Fixes #13436 : Fixed migration for MSSQL DbSession
7 years ago
93bbf5b39d
Fixes #15015 : Added `StringHelper::floatToString()` to savely cast float values independent of the locale, also fixes some places in the framework that use it now
7 years ago
64d8af61a6
Fixes for PHP 7.2 compatibility ( #14959 )
7 years ago
8beb36c94f
Use PHP core classes right from root namespace without importing for the sake of clarity
7 years ago
d11bed5340
Minor, added strict comparsion
7 years ago
ea2c475ea7
Moved `HTTP_AUTHORIZATION` header check to `\yii\web\Request`, added docs
...
Closes #13564
7 years ago
66723d0e74
Fixes #9438 : `yii\web\DbSession` now relies on error handler to display errors
7 years ago
d7c93c9503
fix for #6226 , symlinking files/directories during multithreading ( #14905 )
7 years ago
fa1ca1384f
Fixes #14913 : Assset hashing now takes asset linking into account to improve cache busting
7 years ago
3ee7629f13
Fixes #13486 : Use DI container to instantiate cookies in order to be able to set defaults
7 years ago
b75a85d0da
Fixes #14902 : Fixed PHP notice in `yii\web\MultipartFormDataParser`
7 years ago
75e8bfdc58
Fixes #14087 : Added `yii\web\View::registerCsrfMetaTags()` method that registers CSRF tags dynamically ensuring that caching doesn't interfere
7 years ago
1ce796ef0f
Removed ability to define a hostname as trusted because of possible security issues
...
Closes #14691
7 years ago
18689c5ed1
Added missing bracket
7 years ago
3a8feb17a8
Updated `yii\web\View` to register JS in jQuery 3.0 compatible way
7 years ago
1278b018fa
Add IIS specific header to secure headers ( #14715 )
...
See https://github.com/yiisoft/yii2/issues/14400#issuecomment-324233065
for more details.
7 years ago
9e713dba29
break if a matching trusted host is found
...
fix for https://github.com/yiisoft/yii2/pull/13780#discussion_r134186910
thanks to @krukru !
PR #13780
7 years ago
5a8c3d537b
Enable `phpdoc_summary` rule in php-cs-fixer config ( #14675 )
...
* Enable `phpdoc_summary` rule in php-cs-fixer config.
* Fix case in "PHPDoc".
7 years ago
1501c659ac
Add empty lines before return statements. ( #14682 ) [skip ci]
7 years ago
b99e955627
Fix CS ( #14665 )
...
* Run php-cs-fixer.
* Enable phpdoc_types rule.
7 years ago
0017d9c660
Fixes #13780 : Added support for trusted proxies in `yii\web\Request`
7 years ago
368540f8d0
Added tests
7 years ago
b6a5697c00
User can login by cookie only once when `autoRenewCookie` is set to false
7 years ago
648971a82b
Fixes #14542 : Ensured only ASCII characters are in CSRF cookie value since binary data causes issues with ModSecurity and some browsers
7 years ago
f7fb7cdd87
Fixes #14022 : Added posibility to use aliases in yii\web\UrlManager::setBaseUrl() ( #14540 )
7 years ago
578b2caf42
Added `yii\web\MultipartFormDataParser::$force` option allowing to enforce parsing even on 'POST' request
7 years ago
8a6f5829d4
Fix for invalid example in Request phpdoc [skip ci]
7 years ago
1f26db9fb7
Applied code style fixes
7 years ago
6d2e0aff82
Fixes #14406 : Fixed caching rules in `yii\web\UrlManager` with different `ruleConfig` configuration
7 years ago
69673c0c94
Rename Object -> BaseObject for PHP 7.2 compatibility
...
issue #7936
7 years ago
40e242b562
Fixes #14469 : updated RFC links [skip ci]
7 years ago
d38908fc13
Fixed #14469 : updated RFC links
7 years ago
46bf3c410a
Add `yii\web\Request::getOrigin()` method that returns HTTP_ORIGIN of current CORS request
...
>The Origin request header indicates where a fetch originates from. It doesn't include any path information, but only the server name. It is sent with CORS requests, as well as with POST requests. It is similar to the Referer header, but, unlike this header, it doesn't disclose the whole path.
From https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin
Working code samples
```php
<?php
// We'll be granting access to only the arunranga.com domain
// which we think is safe to access this resource as application/xml
if($_SERVER['HTTP_ORIGIN'] == "http://arunranga.com ") {
header('Access-Control-Allow-Origin: http://arunranga.com ');
header('Content-type: application/xml');
readfile('arunerDotNetResource.xml');
} else {
header('Content-Type: text/html');
echo "<html>";
echo "<head>";
echo " <title>Another Resource</title>";
echo "</head>";
echo "<body>",
"<p>This resource behaves two-fold:";
echo "<ul>",
"<li>If accessed from <code>http://arunranga.com </code> it returns an XML document</li>";
echo "<li>If accessed from any other origin including from simply typing in the URL into the browser's address bar,";
echo "you get this HTML document</li>",
"</ul>",
"</body>",
"</html>";
}
?>
```
See https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control for more info.
close #13835
7 years ago
a50d9d8e3e
Enable `include` rule in php-cs-fixer ( #14418 )
7 years ago
fe8a0a6a2e
Enable `no_useless_else` rule in php-cs-fixer ( #14420 )
7 years ago
f67d8d5a79
Fixed broken error page when calling an undefined method
...
fixes #14269
7 years ago
13d35c4e03
add notes to View register JS and CSS file methods
...
explain why assetmanager features are not available in these methods.
close #14382
related to #10297 , #9101
7 years ago
6f03e8b692
Fixes #14298 : The default response formatter configs defined by `yii\web\Response::defaultFormatters()` now use the array syntax
7 years ago
ba0ab403b5
Added php-cs-fixer coding standards validation to Travis CI ( #14100 )
...
* php-cs-fixer: PSR2 rule.
* php-cs-fixer: PSR2 rule - fix views.
* Travis setup refactoring.
* Add php-cs-fixer to travis cs tests.
* Fix tests on hhvm-3.12
* improve travis config
* composer update
* revert composer update
* improve travis config
* Fix CS.
* Extract config to separate classes.
* Extract config to separate classes.
* Add file header.
* Force short array syntax.
* binary_operator_spaces fixer
* Fix broken tests
* cast_spaces fixer
* concat_space fixer
* dir_constant fixer
* ereg_to_preg fixer
* function_typehint_space fixer
* hash_to_slash_comment fixer
* is_null fixer
* linebreak_after_opening_tag fixer
* lowercase_cast fixer
* magic_constant_casing fixer
* modernize_types_casting fixer
* native_function_casing fixer
* new_with_braces fixer
* no_alias_functions fixer
* no_blank_lines_after_class_opening fixer
* no_blank_lines_after_phpdoc fixer
* no_empty_comment fixer
* no_empty_phpdoc fixer
* no_empty_statement fixer
* no_extra_consecutive_blank_lines fixer
* no_leading_import_slash fixer
* no_leading_namespace_whitespace fixer
* no_mixed_echo_print fixer
* no_multiline_whitespace_around_double_arrow fixer
* no_multiline_whitespace_before_semicolons fixer
* no_php4_constructor fixer
* no_short_bool_cast fixer
* no_singleline_whitespace_before_semicolons fixer
* no_spaces_around_offset fixer
* no_trailing_comma_in_list_call fixer
* no_trailing_comma_in_singleline_array fixer
* no_unneeded_control_parentheses fixer
* no_unused_imports fixer
* no_useless_return fixer
* no_whitespace_before_comma_in_array fixer
* no_whitespace_in_blank_line fixer
* not_operator_with_successor_space fixer
* object_operator_without_whitespace fixer
* ordered_imports fixer
* php_unit_construct fixer
* php_unit_dedicate_assert fixer
* php_unit_fqcn_annotation fixer
* phpdoc_indent fixer
* phpdoc_no_access fixer
* phpdoc_no_empty_return fixer
* phpdoc_no_package fixer
* phpdoc_no_useless_inheritdoc fixer
* Fix broken tests
* phpdoc_return_self_reference fixer
* phpdoc_single_line_var_spacing fixer
* phpdoc_single_line_var_spacing fixer
* phpdoc_to_comment fixer
* phpdoc_trim fixer
* phpdoc_var_without_name fixer
* psr4 fixer
* self_accessor fixer
* short_scalar_cast fixer
* single_blank_line_before_namespace fixer
* single_quote fixer
* standardize_not_equals fixer
* ternary_operator_spaces fixer
* trailing_comma_in_multiline_array fixer
* trim_array_spaces fixer
* protected_to_private fixer
* unary_operator_spaces fixer
* whitespace_after_comma_in_array fixer
* `parent::setRules()` -> `$this->setRules()`
* blank_line_after_opening_tag fixer
* Update finder config.
* Revert changes for YiiRequirementChecker.
* Fix array formatting.
* Add missing import.
* Fix CS for new code merged from master.
* Fix some indentation issues.
7 years ago
cb53b2feec
Fixes #14081 : Added `yii\caching\CacheInterface` to make custom cache extensions adoption easier
7 years ago
be658f82bf
release version 2.0.12
7 years ago
c09a03ab8e
fixed version and missing `@since` annotation
7 years ago
4b9e48b8dc
improved docs: link term "path alias" to the guide
7 years ago
Elvira Sheina
Alexander Makarov
Sam
Vladimir Reznichenko
Nikolay Oleynikov
Alex Yashkin
Dmitry Naumenko
Carsten Brandt
bscheshirwork
Boudewijn Vahrmeijer
Tobias Munk
Olim Saidov
Robin Kamps
Robert Korulczyk
shirase
Dmitry Dorogin
Klimov Paul
PowerGamer1
yyxx9988
Brandon Kelly