chinpei215
0c1fc36b14
Fix an infinite recursion caused by missing plugin
...
When a MissingPluginException has caught when rendering an exception,
we should disable the plugin as needed to prevent an infinite recursion.
2014-07-09 15:55:41 +09:00
mark_story
b3dfad614a
Correct pattern matching.
...
Instead of 10 digits, it should limit at 10 groups.
Refs 1988e89e73
2014-07-06 09:42:20 -04:00
Mark Story
1aa7331b0d
Merge pull request #3888 from Schlaefer/fix-#3887-reusableCsrfExpires
...
fixes #3887 CSRF reusable token expires
2014-07-06 09:05:38 -04:00
Schlaefer
1e961a8aac
increases time window in CSRF token expiry tests to 2 seconds
...
travis-cs failed with 1 second margin
2014-07-06 13:54:24 +02:00
Schlaefer
9fa7afa354
fixes #3887 CSRF reusable token expires
2014-07-06 10:39:00 +02:00
José Lorenzo Rodríguez
396725dc8c
Merge pull request #3880 from markstory/incorrect-validation
...
Fix issues with Validation::inList() and SecurityComponent
2014-07-05 14:41:15 +02:00
euromark
009138b326
Fix CS
2014-07-05 13:49:50 +02:00
Mark Story
eb485f82b8
Merge pull request #3878 from ceeram/optimize
...
minor optimisation, refs comments on 81875cfeb1b8e5c414cf9de3c96dd2dde50...
2014-07-04 13:11:17 -04:00
Ceeram
a266a9493d
minor optimisation, refs comments on 81875cfeb1
2014-07-04 17:25:41 +02:00
ADmad
1eccec02e4
Merge pull request #3872 from CostaC/response-sharable-fix
...
Fix for CakeResponse::sharable() header to include private caches
2014-07-04 10:32:51 +05:30
mark_story
3936cce4b8
Disallow hexadecimal input with inList.
...
Instead of turning on/off strict mode based on the user supplied input,
cast everything to strings and always use a strict check. This avoids
the potential issue of a bad user using hexadecimal when they should not
be allowed to do so. Thanks to 'Kurita Takashi' for pointing this out.
2014-07-03 22:10:49 -04:00
mark_story
1988e89e73
Add an upper bound to the POST data SecurityComponent will consider.
...
'Kurita Takashi' has let us know that the previous patterns could be
abused by an evil doer. One could potentially send a very large deeply
nested POST data structure. Matching that structure could overflow the
PCRE limits causing a segmentation fault. Adding an upper bound will
solve the problem and I doubt anyone is doing POST data structures with
more than 10 levels of nesting.
2014-07-03 22:02:00 -04:00
mark_story
765be87d88
Overwrite the schemaName property if it is not defined in the class.
...
If a model class does not define a schemaName we should use the
datasource's schemaName. We can assume that people using schemaName want
to lock the model onto a specific schema given the changes in #3210
Fixes #3720
2014-07-03 21:53:54 -04:00
Costa Caruso
8bfebd64fb
Fix for failing test "Whitespace found at end of line"
2014-07-03 15:45:03 -04:00
Costa Caruso
4f559f5cc9
Fixed failing test for CakeResponse::sharable + spacing
2014-07-03 15:03:48 -04:00
Mark Story
fb15fb6001
Merge pull request #3866 from dereuromark/master-cs-guidelines
...
Correct doc blocks according to cs guidelines
2014-07-03 11:10:23 -04:00
euromark
974ca851c2
Correct doc blocks according to cs guidelines.
...
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
65d14c7e97
Remove mention of Role/default as it doesn't exist.
...
The default role merging was removed in
3abfaeecf3
and shouldn't be mentioned in
the docs.
Fixes #3871
2014-07-03 09:10:20 -04:00
mark_story
3a06e1f638
Update code examples to be consistent with other docs.
2014-07-03 09:09:25 -04:00
mark_story
cee56eaef7
Make PHPCS build passing again.
2014-07-02 23:38:49 -04:00
mark_story
33a5b6e451
Fix additional missing API doc tags.
2014-07-02 23:38:34 -04:00
Costa Caruso
1164c0bcad
Fix for CakeResponse::sharable() header to include private caches
2014-07-02 17:34:09 -04:00
Mark Story
2c53bc8a1b
Merge pull request #3838 from cakephp/revert-3646-no-truncate-fixture
...
Revert "No truncate when drop table."
Not truncating tables when they are created causes a number of
issues in ControllerTestCases as indicated by the comments in #3646 post merge.
2014-07-01 22:02:57 -04:00
Mark Story
2577ca92a8
Merge pull request #3840 from cakephp/issue-3742-relax-email
...
Relax email validation rules even more.
Fixes #3742
2014-06-30 14:55:15 -04:00
mark_story
adcf9ab723
Fix failing test.
...
CakeEmail now has a default validation pattern.
Refs #3742
2014-06-30 13:29:39 -04:00
mark_story
dc34d80f6f
Relax email validation rules even more.
...
While filter_var() allows a number of email addresses that
Validation::email() does not, it misses out of email address that
contain IDN host names, and unicode mailboxes. Both of these are
generally deliverable, and should be permitted. filter_var() also fails
on local mailboxes like `root@localhost` which is useful in the context
of cron jobs.
Fixes #3742
2014-06-30 10:42:37 -04:00
Mark
1686edf016
Revert "No truncate when drop table."
2014-06-30 14:14:20 +02:00
Mark Story
a966f089d2
Merge pull request #3832 from ADmad/2.5-inflector
...
Add pluralization rule for "stadia" to uninflected list.
2014-06-29 09:34:09 -04:00
ADmad
607200fa7b
Add pluralization rule for "stadia".
...
Refs #3830
2014-06-29 14:51:23 +05:30
ADmad
153f530a01
Merge pull request #3829 from cakephp/api-doc-fixes
...
API doc fixes
2014-06-29 11:51:41 +05:30
mark_story
48c799812e
Tidy up and simplify travis.yml file.
2014-06-28 21:23:23 -04:00
mark_story
91721244a4
Fix more doc block errors in lib/
2014-06-27 22:58:34 -04:00
Bryan Crowe
a1ae31e554
Fix identifier typos
2014-06-26 23:06:08 -04:00
euromark
73dcb2cb91
cs correction
2014-06-26 14:22:34 +02:00
José Lorenzo Rodríguez
8e9c85ef61
Merge pull request #3809 from renan/2.5-non-integer-exception-code
...
Exiting with 1 when Exception::getCode() returns non-integer values.
2014-06-26 14:09:26 +02:00
Renan Gonçalves
1a89a3cb9d
Exiting with 1 when Exception::getCode() returns non-integer values.
...
From php.net/exception.getcode
> Returns the exception code as integer in Exception but possibly as other type in Exception descendants (for example as string in PDOException).
2014-06-26 13:26:20 +02:00
Mark Story
e8ee25f40d
Merge pull request #3792 from dereuromark/master-docblocks
...
Update doc blocks regarding return $this
2014-06-24 23:39:44 -04:00
euromark
b3507b199a
Update doc blocks regarding return $this
2014-06-25 00:06:51 +02:00
José Lorenzo Rodríguez
bf33e1cf57
Merge pull request #3761 from aka-toxa/master
...
improving acl perfomance
2014-06-24 21:58:30 +02:00
José Lorenzo Rodríguez
3df972faa2
Merge pull request #3782 from cakephp/issue-3779
...
Whitelist more URL-y characters in digest parsing.
2014-06-24 21:56:40 +02:00
José Lorenzo Rodríguez
e9e09bf19a
Merge pull request #3788 from dereuromark/master-composer
...
Fix composer app issues with cake.php
2014-06-24 21:56:01 +02:00
euromark
05709908a7
Fix composer app issues with cake.php
2014-06-24 17:49:18 +02:00
Mark
9365913abe
Merge pull request #3789 from suzuki86/fix-typo
...
Fix typo
2014-06-24 17:30:24 +02:00
suzuki86
8f9589f7c8
Fix typo
2014-06-25 00:20:54 +09:00
Mark Story
044065df6f
Merge pull request #3783 from dereuromark/master-cakeplugin-path
...
Mark App::pluginPath as deprecated and don't use it anymore.
2014-06-24 07:38:57 -04:00
euromark
26fe1265ab
Mark App::pluginPath as deprecated and don't use it anymore.
2014-06-24 11:52:29 +02:00
mark_story
b4bcd74e60
Whitelist more URL-y characters in digest parsing.
...
Android clients include a full URL instead of just the URI. Also handle
situations where URLencoded bytes and document fragments are used.
Refs #3779
2014-06-23 14:39:35 -04:00
Anatoliy Petrovskiy
ad678e3988
improving acl perfomance
2014-06-23 13:51:52 +03:00
mark_story
59c3b73f7a
Skip autoloaders for APCIterator
...
We can skip autoloaders for this class as it is provided by
a C extension and will never come from userland code.
2014-06-22 21:22:00 -04:00
mark_story
ffe811935c
Remove else.
...
By returning early we can avoid the else statement entirely.
2014-06-20 16:07:47 -04:00