Commit graph

431 commits

Author SHA1 Message Date
mark_story
cdc67116c5 Handle query string arguments in digest auth data.
Handle &, ? in digest auth data uri.

Refs #4908
2014-10-17 23:12:41 -04:00
Ceeram
fcffe3961f Revert "add test to prove requesthandler works correct with Angular wonky accept headers"
This reverts commit 8507ef83f1.

Incorrect header was used for this test, Cake cannot safely determine correct header.
To get CakePHP to respond with json, you can modify the angular common headers.
2014-10-02 22:12:35 +02:00
Ceeram
8507ef83f1 add test to prove requesthandler works correct with Angular wonky accept headers 2014-10-02 16:07:10 +02:00
chinpei215
f3e1a18740 Fix a fatal error occurs in combination with a scaffold error. 2014-07-31 05:49:23 +09:00
mark_story
f9785042bc Fix indentation.
Refs #4108
2014-07-29 21:53:55 -04:00
Steve Tauber
e6f6ded334 Adding unit test for HTTP DELETE and RequestHandlerComponent::requestedWith 2014-07-29 16:34:11 +02:00
David Steinsland
6e777a54a3 Mocking _sendHeader instead of send() 2014-07-22 15:05:06 +02:00
David Steinsland
d98abc58d1 Added test case for CakeResponse::send() and ajaxLogin 2014-07-22 14:45:18 +02:00
Schlaefer
1e961a8aac increases time window in CSRF token expiry tests to 2 seconds
travis-cs failed with 1 second margin
2014-07-06 13:54:24 +02:00
Schlaefer
9fa7afa354 fixes #3887 CSRF reusable token expires 2014-07-06 10:39:00 +02:00
euromark
974ca851c2 Correct doc blocks according to cs guidelines.
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
b4bcd74e60 Whitelist more URL-y characters in digest parsing.
Android clients include a full URL instead of just the URI. Also handle
situations where URLencoded bytes and document fragments are used.

Refs #3779
2014-06-23 14:39:35 -04:00
mark_story
975e4c3af0 Allow username of 0 in basic authentication.
Refs #3624
2014-06-02 22:02:28 -04:00
mark_story
d1e4dfac47 Add tests for #3624
The username of '0' should be accepted by FormAuthenticate.

Refs #3624
2014-06-02 21:58:50 -04:00
mark_story
66e733f8b1 Fix test I forgot to fix in b8fa7ce134 2014-05-13 22:12:39 -04:00
mark_story
a34d5f733d Fix PaginatorComponent tests.
Because count() queries don't happen in many cases now, the lastQueries
index needs to shift up by one because a query isn't happening anymore.

Refs #3333
2014-05-12 22:10:27 -04:00
mark_story
89cd114e6f Merge branch 'master' into 2.5 2014-05-12 14:30:02 -04:00
José Lorenzo Rodríguez
751d2d8f2d Merge pull request #3448 from dereuromark/master-controller
Controller::referer() and local URL
2014-05-07 22:42:28 +02:00
Renan Gonçalves
87683b10f1 Allowing same Authenticate object to be setup with different settings. 2014-05-06 22:10:41 +02:00
ADmad
d466e00644 Merge branch 'master' into 2.5
Conflicts:
	lib/Cake/Model/Datasource/DboSource.php
	lib/Cake/Test/Case/Model/Datasource/Database/MysqlTest.php
	lib/Cake/Utility/Folder.php
	lib/Cake/VERSION.txt
2014-05-04 14:35:36 +05:30
mark_story
1d1a2f859c Fix coding standards error. 2014-04-28 20:56:06 -04:00
euromark
8679c5cd18 Fix test 2014-04-28 17:33:56 +02:00
mark_story
cf96e9f54f Merge branch 'master' into 2.5 2014-04-26 22:04:19 -04:00
mark_story
a28158d614 Add additional test for f23d811ff5
I neglected to put a negative test to ensure validatePost fails when the
URL differs.
2014-04-26 10:23:27 -04:00
ADmad
68572d8046 Cannot use php 5.4+ array syntax for 2.x. 2014-04-26 17:30:31 +05:30
mark_story
de0062de77 Merge branch 'master' into 2.5 2014-04-25 22:10:02 -04:00
mark_story
f23d811ff5 Use the form action URL in generated form hashes.
By including the URL in generated hash for secured forms we prevent
a class of abuse where a user uses one secured form to post into a
controller action the form was not originally intended for. These cross
action requests could potentially violate developer's mental model of
how SecurityComponent works and produce unexpected/undesirable outcomes.

Thanks to Kurita Takashi for pointing this issue out, and suggesting
a fix.
2014-04-25 22:05:58 -04:00
mark_story
d54fbe6f60 Merge branch 'master' into 2.5 2014-04-18 22:13:56 -04:00
Stephen Young
b55fa98a2d Updated documentation
* Removed references to nonexistent `AclBase` class
* Added references to `AclInterface` requirements
2014-04-11 15:10:56 -04:00
Jose Lorenzo Rodriguez
343d3279b9 Merge branch 'master' into 2.5
Conflicts:
	lib/Cake/Test/Case/Utility/FileTest.php
	lib/Cake/VERSION.txt
2014-04-06 21:50:41 +02:00
euromark
0d09a54033 more missing doc block tags added 2014-04-02 03:02:37 +02:00
ADmad
abacf0d14b Remove setting of Controller::$ext by RequestHandler.
Closes #3022
2014-03-16 20:09:08 +05:30
mark_story
6c3bc48ce0 Merge branch 'master' into 2.5 2014-03-06 17:45:00 -05:00
Mark
3ca338fe26 Merge pull request #2781 from davidsteinsland/2.5
Fixed HTTP Status code when ajaxLogin is set
2014-03-06 12:37:51 +01:00
ndm2
01e1b5ca61 Fix failing tests caused by already existing classes 2014-03-01 20:24:32 +01:00
ndm2
008ad3237c Fix verification of expected invocations #2919 2014-03-01 19:06:17 +01:00
mark_story
2c5d96e916 Merge branch 'master' into 2.5
Conflicts:
	lib/Cake/Model/Datasource/DboSource.php
2014-02-16 14:24:19 -05:00
mark_story
827dc77a11 Fix incorrect assertion. 2014-02-11 22:00:24 -05:00
mark_story
a5d50da040 Remove dead and unused code. 2014-02-11 16:38:24 -05:00
David Steinsland
f2b9aa5ca4 Fixed HTTP Status code when ajaxLogin is set 2014-02-05 16:05:02 +01:00
José Lorenzo Rodríguez
e36c954da7 Merge pull request #2693 from ADmad/2.5-session-start
Don't start a session if it's known to be empty.
2014-02-01 04:08:48 -08:00
Rachman Chavik
b83b59a9d7 Log errors instead of calling trigger_error() 2014-01-29 17:51:07 +07:00
ADmad
84932fcc4a Don't start a session if it's known to be empty.
If an app only reads/checks the session there's no need to start a
session to know that the read/checked session value is empty.

Fixes #1981
2014-01-22 01:17:16 +05:30
euromark
97e43e5806 unify to expected 2014-01-09 16:52:21 +01:00
euromark
29e15386b2 Follow the deprecation note of 2.1 migration guide and switch to fetch(title)
correct assert order for test
2014-01-09 16:45:49 +01:00
ADmad
27979286b2 Revert change done in 11f543f1f2.
The change is unneeded now as Security::encrypt() no longer throws exception
for falsey values.
2013-12-15 20:29:41 +05:30
Mark Story
bf96ea36d9 Merge pull request #2482 from zoghal/2.5-cookie-fix2
fix CookieComponent - when write null or empty string
2013-12-14 16:21:58 -08:00
mark_story
c2b8778ce8 Merge branch 'master' into 2.5 2013-12-14 17:45:49 -05:00
Saleh Souzanchi
11f543f1f2 fix CookieComponent - when write null or empty string 2013-12-15 02:15:36 +03:30
José Lorenzo Rodríguez
6358741944 Merge pull request #2449 from cakephp/fix-session-cyclic-error
Fixed error in CakeSession that would call start() in an infinite loop
2013-12-09 02:18:21 -08:00