|
Chris@0
|
1 CHANGELOG
|
|
Chris@0
|
2 =========
|
|
Chris@0
|
3
|
|
Chris@17
|
4 3.4.14
|
|
Chris@17
|
5 ------
|
|
Chris@17
|
6
|
|
Chris@17
|
7 * [BC BREAK] Support for the IIS-only `X_ORIGINAL_URL` and `X_REWRITE_URL`
|
|
Chris@17
|
8 HTTP headers has been dropped for security reasons.
|
|
Chris@17
|
9
|
|
Chris@14
|
10 3.4.0
|
|
Chris@14
|
11 -----
|
|
Chris@14
|
12
|
|
Chris@14
|
13 * implemented PHP 7.0's `SessionUpdateTimestampHandlerInterface` with a new
|
|
Chris@14
|
14 `AbstractSessionHandler` base class and a new `StrictSessionHandler` wrapper
|
|
Chris@14
|
15 * deprecated the `WriteCheckSessionHandler`, `NativeSessionHandler` and `NativeProxy` classes
|
|
Chris@14
|
16 * deprecated setting session save handlers that do not implement `\SessionHandlerInterface` in `NativeSessionStorage::setSaveHandler()`
|
|
Chris@14
|
17 * deprecated using `MongoDbSessionHandler` with the legacy mongo extension; use it with the mongodb/mongodb package and ext-mongodb instead
|
|
Chris@14
|
18 * deprecated `MemcacheSessionHandler`; use `MemcachedSessionHandler` instead
|
|
Chris@14
|
19
|
|
Chris@14
|
20 3.3.0
|
|
Chris@14
|
21 -----
|
|
Chris@14
|
22
|
|
Chris@14
|
23 * the `Request::setTrustedProxies()` method takes a new `$trustedHeaderSet` argument,
|
|
Chris@14
|
24 see http://symfony.com/doc/current/components/http_foundation/trusting_proxies.html for more info,
|
|
Chris@14
|
25 * deprecated the `Request::setTrustedHeaderName()` and `Request::getTrustedHeaderName()` methods,
|
|
Chris@14
|
26 * added `File\Stream`, to be passed to `BinaryFileResponse` when the size of the served file is unknown,
|
|
Chris@14
|
27 disabling `Range` and `Content-Length` handling, switching to chunked encoding instead
|
|
Chris@14
|
28 * added the `Cookie::fromString()` method that allows to create a cookie from a
|
|
Chris@14
|
29 raw header string
|
|
Chris@14
|
30
|
|
Chris@0
|
31 3.1.0
|
|
Chris@0
|
32 -----
|
|
Chris@0
|
33
|
|
Chris@0
|
34 * Added support for creating `JsonResponse` with a string of JSON data
|
|
Chris@0
|
35
|
|
Chris@0
|
36 3.0.0
|
|
Chris@0
|
37 -----
|
|
Chris@0
|
38
|
|
Chris@0
|
39 * The precedence of parameters returned from `Request::get()` changed from "GET, PATH, BODY" to "PATH, GET, BODY"
|
|
Chris@0
|
40
|
|
Chris@0
|
41 2.8.0
|
|
Chris@0
|
42 -----
|
|
Chris@0
|
43
|
|
Chris@0
|
44 * Finding deep items in `ParameterBag::get()` is deprecated since version 2.8 and
|
|
Chris@0
|
45 will be removed in 3.0.
|
|
Chris@0
|
46
|
|
Chris@0
|
47 2.6.0
|
|
Chris@0
|
48 -----
|
|
Chris@0
|
49
|
|
Chris@0
|
50 * PdoSessionHandler changes
|
|
Chris@0
|
51 - implemented different session locking strategies to prevent loss of data by concurrent access to the same session
|
|
Chris@0
|
52 - [BC BREAK] save session data in a binary column without base64_encode
|
|
Chris@0
|
53 - [BC BREAK] added lifetime column to the session table which allows to have different lifetimes for each session
|
|
Chris@0
|
54 - implemented lazy connections that are only opened when a session is used by either passing a dsn string
|
|
Chris@0
|
55 explicitly or falling back to session.save_path ini setting
|
|
Chris@0
|
56 - added a createTable method that initializes a correctly defined table depending on the database vendor
|
|
Chris@0
|
57
|
|
Chris@0
|
58 2.5.0
|
|
Chris@0
|
59 -----
|
|
Chris@0
|
60
|
|
Chris@0
|
61 * added `JsonResponse::setEncodingOptions()` & `JsonResponse::getEncodingOptions()` for easier manipulation
|
|
Chris@0
|
62 of the options used while encoding data to JSON format.
|
|
Chris@0
|
63
|
|
Chris@0
|
64 2.4.0
|
|
Chris@0
|
65 -----
|
|
Chris@0
|
66
|
|
Chris@0
|
67 * added RequestStack
|
|
Chris@0
|
68 * added Request::getEncodings()
|
|
Chris@0
|
69 * added accessors methods to session handlers
|
|
Chris@0
|
70
|
|
Chris@0
|
71 2.3.0
|
|
Chris@0
|
72 -----
|
|
Chris@0
|
73
|
|
Chris@0
|
74 * added support for ranges of IPs in trusted proxies
|
|
Chris@0
|
75 * `UploadedFile::isValid` now returns false if the file was not uploaded via HTTP (in a non-test mode)
|
|
Chris@0
|
76 * Improved error-handling of `\Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler`
|
|
Chris@0
|
77 to ensure the supplied PDO handler throws Exceptions on error (as the class expects). Added related test cases
|
|
Chris@0
|
78 to verify that Exceptions are properly thrown when the PDO queries fail.
|
|
Chris@0
|
79
|
|
Chris@0
|
80 2.2.0
|
|
Chris@0
|
81 -----
|
|
Chris@0
|
82
|
|
Chris@0
|
83 * fixed the Request::create() precedence (URI information always take precedence now)
|
|
Chris@0
|
84 * added Request::getTrustedProxies()
|
|
Chris@0
|
85 * deprecated Request::isProxyTrusted()
|
|
Chris@0
|
86 * [BC BREAK] JsonResponse does not turn a top level empty array to an object anymore, use an ArrayObject to enforce objects
|
|
Chris@0
|
87 * added a IpUtils class to check if an IP belongs to a CIDR
|
|
Chris@0
|
88 * added Request::getRealMethod() to get the "real" HTTP method (getMethod() returns the "intended" HTTP method)
|
|
Chris@0
|
89 * disabled _method request parameter support by default (call Request::enableHttpMethodParameterOverride() to
|
|
Chris@0
|
90 enable it, and Request::getHttpMethodParameterOverride() to check if it is supported)
|
|
Chris@0
|
91 * Request::splitHttpAcceptHeader() method is deprecated and will be removed in 2.3
|
|
Chris@0
|
92 * Deprecated Flashbag::count() and \Countable interface, will be removed in 2.3
|
|
Chris@0
|
93
|
|
Chris@0
|
94 2.1.0
|
|
Chris@0
|
95 -----
|
|
Chris@0
|
96
|
|
Chris@0
|
97 * added Request::getSchemeAndHttpHost() and Request::getUserInfo()
|
|
Chris@0
|
98 * added a fluent interface to the Response class
|
|
Chris@0
|
99 * added Request::isProxyTrusted()
|
|
Chris@0
|
100 * added JsonResponse
|
|
Chris@0
|
101 * added a getTargetUrl method to RedirectResponse
|
|
Chris@0
|
102 * added support for streamed responses
|
|
Chris@0
|
103 * made Response::prepare() method the place to enforce HTTP specification
|
|
Chris@0
|
104 * [BC BREAK] moved management of the locale from the Session class to the Request class
|
|
Chris@0
|
105 * added a generic access to the PHP built-in filter mechanism: ParameterBag::filter()
|
|
Chris@0
|
106 * made FileBinaryMimeTypeGuesser command configurable
|
|
Chris@0
|
107 * added Request::getUser() and Request::getPassword()
|
|
Chris@0
|
108 * added support for the PATCH method in Request
|
|
Chris@0
|
109 * removed the ContentTypeMimeTypeGuesser class as it is deprecated and never used on PHP 5.3
|
|
Chris@0
|
110 * added ResponseHeaderBag::makeDisposition() (implements RFC 6266)
|
|
Chris@0
|
111 * made mimetype to extension conversion configurable
|
|
Chris@0
|
112 * [BC BREAK] Moved all session related classes and interfaces into own namespace, as
|
|
Chris@0
|
113 `Symfony\Component\HttpFoundation\Session` and renamed classes accordingly.
|
|
Chris@0
|
114 Session handlers are located in the subnamespace `Symfony\Component\HttpFoundation\Session\Handler`.
|
|
Chris@0
|
115 * SessionHandlers must implement `\SessionHandlerInterface` or extend from the
|
|
Chris@0
|
116 `Symfony\Component\HttpFoundation\Storage\Handler\NativeSessionHandler` base class.
|
|
Chris@0
|
117 * Added internal storage driver proxy mechanism for forward compatibility with
|
|
Chris@0
|
118 PHP 5.4 `\SessionHandler` class.
|
|
Chris@0
|
119 * Added session handlers for custom Memcache, Memcached and Null session save handlers.
|
|
Chris@0
|
120 * [BC BREAK] Removed `NativeSessionStorage` and replaced with `NativeFileSessionHandler`.
|
|
Chris@0
|
121 * [BC BREAK] `SessionStorageInterface` methods removed: `write()`, `read()` and
|
|
Chris@0
|
122 `remove()`. Added `getBag()`, `registerBag()`. The `NativeSessionStorage` class
|
|
Chris@0
|
123 is a mediator for the session storage internals including the session handlers
|
|
Chris@0
|
124 which do the real work of participating in the internal PHP session workflow.
|
|
Chris@0
|
125 * [BC BREAK] Introduced mock implementations of `SessionStorage` to enable unit
|
|
Chris@0
|
126 and functional testing without starting real PHP sessions. Removed
|
|
Chris@0
|
127 `ArraySessionStorage`, and replaced with `MockArraySessionStorage` for unit
|
|
Chris@0
|
128 tests; removed `FilesystemSessionStorage`, and replaced with`MockFileSessionStorage`
|
|
Chris@0
|
129 for functional tests. These do not interact with global session ini
|
|
Chris@0
|
130 configuration values, session functions or `$_SESSION` superglobal. This means
|
|
Chris@0
|
131 they can be configured directly allowing multiple instances to work without
|
|
Chris@0
|
132 conflicting in the same PHP process.
|
|
Chris@0
|
133 * [BC BREAK] Removed the `close()` method from the `Session` class, as this is
|
|
Chris@0
|
134 now redundant.
|
|
Chris@0
|
135 * Deprecated the following methods from the Session class: `setFlash()`, `setFlashes()`
|
|
Chris@0
|
136 `getFlash()`, `hasFlash()`, and `removeFlash()`. Use `getFlashBag()` instead
|
|
Chris@0
|
137 which returns a `FlashBagInterface`.
|
|
Chris@0
|
138 * `Session->clear()` now only clears session attributes as before it cleared
|
|
Chris@0
|
139 flash messages and attributes. `Session->getFlashBag()->all()` clears flashes now.
|
|
Chris@0
|
140 * Session data is now managed by `SessionBagInterface` to better encapsulate
|
|
Chris@0
|
141 session data.
|
|
Chris@0
|
142 * Refactored session attribute and flash messages system to their own
|
|
Chris@0
|
143 `SessionBagInterface` implementations.
|
|
Chris@0
|
144 * Added `FlashBag`. Flashes expire when retrieved by `get()` or `all()`. This
|
|
Chris@0
|
145 implementation is ESI compatible.
|
|
Chris@0
|
146 * Added `AutoExpireFlashBag` (default) to replicate Symfony 2.0.x auto expire
|
|
Chris@18
|
147 behavior of messages auto expiring after one page page load. Messages must
|
|
Chris@0
|
148 be retrieved by `get()` or `all()`.
|
|
Chris@0
|
149 * Added `Symfony\Component\HttpFoundation\Attribute\AttributeBag` to replicate
|
|
Chris@18
|
150 attributes storage behavior from 2.0.x (default).
|
|
Chris@0
|
151 * Added `Symfony\Component\HttpFoundation\Attribute\NamespacedAttributeBag` for
|
|
Chris@0
|
152 namespace session attributes.
|
|
Chris@0
|
153 * Flash API can stores messages in an array so there may be multiple messages
|
|
Chris@0
|
154 per flash type. The old `Session` class API remains without BC break as it
|
|
Chris@0
|
155 will allow single messages as before.
|
|
Chris@0
|
156 * Added basic session meta-data to the session to record session create time,
|
|
Chris@0
|
157 last updated time, and the lifetime of the session cookie that was provided
|
|
Chris@0
|
158 to the client.
|
|
Chris@0
|
159 * Request::getClientIp() method doesn't take a parameter anymore but bases
|
|
Chris@0
|
160 itself on the trustProxy parameter.
|
|
Chris@0
|
161 * Added isMethod() to Request object.
|
|
Chris@0
|
162 * [BC BREAK] The methods `getPathInfo()`, `getBaseUrl()` and `getBasePath()` of
|
|
Chris@0
|
163 a `Request` now all return a raw value (vs a urldecoded value before). Any call
|
|
Chris@0
|
164 to one of these methods must be checked and wrapped in a `rawurldecode()` if
|
|
Chris@0
|
165 needed.
|
