Commit graph

816 commits

Author SHA1 Message Date
Livia Scapin
f7360266f0 Fix invalid return value hint 2017-02-08 13:48:22 +01:00
Markus Bauer
9b13381b0a Fix error messages if PHP's mail() function fails 2017-01-17 19:42:57 +01:00
mark_story
304117d228 Fix query string parsing on requestAction()
This also fixes a long standing oddity around string URLs that include
a query string where the query string data would be duplicated.

Refs #9962
2017-01-04 22:34:19 -05:00
mark_story
3837f40394 Autodetect content-types for email attachments (2.x)
This ports the safe parts of #9619 and updates the tests. Because
existing tests had to change and I was concerned about changing people's
email messages in a bugfix release I'm targetting 2.next with this
change.
2016-11-06 21:49:15 -05:00
mark_story
6a201696dd Fix HttpSocket emitting errors when nameless cookies are encountered.
Refs #9698
2016-11-03 19:07:25 -04:00
mark_story
e8d63725d8 Merge branch '2.x' into 2.next 2016-09-04 23:54:22 -04:00
Mark Sch
b096005561 Fix CS 2016-08-21 20:31:45 +02:00
mark_story
bc73e928b6 Restore header() behavior inadvertantely removed.
In eaa2bbbcae I changed the behavior to
now use the TitleCased name as I didn't understand the intended behavior
or how apache was working in the reporter's specific case.

Refs #9229
2016-08-11 21:54:24 -04:00
mark_story
61b3fbd605 Merge branch '2.x' into 2.next 2016-08-09 22:12:26 -04:00
mark_story
20a2af8c16 Fix casing issues with Authorization header.
We need to check the upper case versions of headers in $_SERVER.
Also fix lint issues.
2016-08-09 22:06:49 -04:00
Sebastien Barre
acc32f5c58 Work around Apache handling the Authorization: header differently 2016-08-07 19:50:23 -04:00
Juan I. Benavides
60bd98a593 Consistency with other methods: Type declaration of CakeEmail parameter. 2016-08-02 02:30:43 -05:00
Juan I. Benavides
d37f88b20e Documentation and declaration of object type in method's parameter
This should make pass the phpcs check. #9199
2016-08-01 16:46:25 -05:00
Juan I. Benavides
93db51cf10 Avoiding circular object reference in SmptTransport
This fixes a memory leak while sending multiple emails.

Fixes: #9198
2016-08-01 13:09:45 -05:00
mark_story
4e1b601ed8 Don't split strings headers that lack a ':'.
Refs #9106
2016-07-12 22:46:47 -04:00
mark_story
432eb9c432 Merge branch '2.x' into 2.next 2016-06-27 21:47:47 -04:00
kolorafa
449e5fc9cf Can't override CakeEmail class and use deliver
When using TemplateEmail::deliver it always create new instance of CakeEmail, I assume it should create my extended "TemplateEmail" class insted.

PHP >5.3 compatible
2016-06-13 18:02:26 +02:00
mark_story
7055e82eab Add missing uses() call.
Refs #8929
2016-06-02 22:04:50 -04:00
Mark Story
55e9638044 Merge pull request #8844 from icyrizard/add_http_patch_content_type_check
Add HTTP patch Content-Type check
2016-05-27 15:41:18 +02:00
Richard Torenvliet
e31ce0d58f Add the HTTP Patch to the Content-Type check mechanism
Currently when a request is of type 'patch' it is ignored. This commit makes
sure that the Content-Type is checked when a patch request is provided.
2016-05-18 14:54:52 +02:00
mark_story
39b4cbebb3 Port PHP7 fixes to 2.x
Port the fixes @ADmad did in 8f150dc5 to 2.x so those builds start to
pass once again.
2016-05-08 15:36:28 -04:00
mark_story
12c6fd4e22 Merge branch '2.x' into 2.next 2016-05-02 21:58:41 -04:00
mark_story
cf55767fa0 Backport range parsing resiliancy fixes from 3.x
Refs #8723
2016-04-28 22:27:37 -04:00
Juan Basso
718a7479e2 Fixed doc formatting on CakeResponse::cookie
Fixed doc to show properly in the documentation. This change was already applied on master.
2016-04-10 23:34:01 -04:00
mscherer
dda9e83ab6 Refactor Object to CakeObject for future PHP7 comp. 2016-04-08 14:33:26 +02:00
mark_story
a0ea7a0f2a Fix PHP5.4+ syntax.
2.x must be compatible with PHP 5.3
2016-03-23 21:19:19 -04:00
mark_story
c0a5d2b341 Merge branch '2.x' into 2.next 2016-03-13 23:02:24 -04:00
mark_story
48af49ddde Don't trust CLIENT_IP
The client_ip header can easily be forged. In 'safe' modes we should
only trust the remote_addr which comes from the sapi. Remove support for
http_clientaddress as I can't seem to find where this ever came from in
PHP on the http specs.
2016-03-10 22:04:13 -05:00
Mark Story
18b0334890 Merge pull request #8384 from garas/mailtransport-log-subject
Email log missing Subject and To headers when using MailTransport
2016-03-02 21:29:13 -05:00
mark_story
3ad68db5eb Tweak fix from #8359
This fixes a regression introduced in that change that we didn't
previously have tests for. The issue fixed in #8359 was related to
PHP7.0, whereas PHP5 didn't have an issue. Now both versions will work
the same.
2016-03-02 12:30:48 -05:00
Mark Story
63de5ca4ea Merge pull request #8359 from phlyper/patch-1
verify exists index 0 in $ref
2016-03-02 12:27:49 -05:00
Edgaras Janušauskas
2386a86adc Include Subject and To in email log when using MailTransport 2016-03-01 22:21:14 +02:00
phlyper
7b9ff1c11b verify exists index 0 in $ref
exemple

i have to get the referrer url from any page if exists

```
class AppController extends Controller {
......
    public function beforeRender() {
        parent::beforeRender();
        $this->params['referer'] = $this->referer(null, true);
    }
..........
}
```
2016-02-26 22:39:48 +01:00
mark_story
1a170e1eec Fix parsing empty header values.
Replace the complex and somewhat unfixable regexp based parser for
a parser that handles each line individually. Normalize multi-line
headers to replace multiple spaces with a single one. Section 4.2 of the
HTTP1.1 standard states

> Any LWS that occurs between field-content MAY be replaced with
> a single SP before interpreting the field value or forwarding the
> message downstream.

This makes me somewhat confident that we can safely normalize
multi-line HTTP header values.

Refs #8330
2016-02-24 22:25:58 -05:00
Marc Würth
cd62c89994 Back port mime types from 3.next 2016-02-19 14:26:53 +01:00
Chris Hallgren
bf22e84d65 CS fixes 2016-02-15 20:44:27 -06:00
Chris Hallgren
0c183b9b8e Read content type in a more compatible way.
Not all webservers set CONTENT_TYPE. The built-in PHP webserver for
example sets HTTP_CONTENT_TYPE instead. Add a public method to the
request object to smooth over this difference.

Refs #6051, #8267
2016-02-15 19:31:24 -06:00
Marc Würth
b5655d63ff Remove lighthouse references 2016-02-10 12:27:34 +01:00
Edgaras Janušauskas
6e54a7391c Use more specific datatypes in PHPDoc 2016-01-28 23:10:51 +02:00
Edgaras Janušauskas
fde1d08b43 Fix PHPDoc @return by replacing $this to self 2016-01-28 23:10:42 +02:00
José Lorenzo Rodríguez
3ee9f97826 Trying to fix tests 2016-01-19 11:03:07 -04:30
José Lorenzo Rodríguez
dc83669e9b using the right superglobal 2016-01-19 10:43:12 -04:30
José Lorenzo Rodríguez
93ba85b8b8 Fixed failing test 2016-01-19 08:37:36 -04:30
Jose Lorenzo Rodriguez
bd53ef01a6 Better method overriding emulation for GET 2016-01-18 20:34:32 -04:30
Mark Scherer
d2153ac1eb Fix typo in doc block. 2015-12-19 20:07:13 +01:00
Mark Scherer
479eec4148 Fix doc block instead. 2015-12-19 18:25:30 +01:00
Mark Scherer
4136857278 Fix return value in SmtpTransport 2015-12-19 15:57:53 +01:00
Mark Story
4faf31e60a Merge pull request #7836 from RichieB2B/fix-proxy-auth-via-ssl
Fix proxy authentication when SSL is used
2015-12-15 21:56:40 -05:00
Richard van den Berg
ac50b609ac Added space 2015-12-11 15:01:05 +01:00
Richard van den Berg
e315fb6688 Fix proxy authentication when SSL is used 2015-12-11 14:44:46 +01:00
Richard van den Berg
4a4728b44d Fix SSL via proxy 2015-12-11 10:28:53 +01:00
Qing Wu
48dd778bd0 Fixed issue #7579 on the 2.7 branch 2015-12-02 10:24:16 +11:00
mark_story
079d15d54f Handle enhanced config in a more graceful way.
HttpSocket further munges the host into a nested array. This config
value should be preferred over the top level host config.

Refs #7675
2015-11-11 22:51:17 -05:00
Richard van den Berg
f8e7634131 Use hostname of request instead of hostname of proxy for SNI 2015-11-10 10:54:36 +01:00
ADmad
b9dc89acff Update docblock 2015-10-30 09:24:22 +05:30
mark_story
fea6fd7d30 Fix incorrect doc tag. 2015-10-16 22:09:12 -04:00
mark_story
e0d2c45d9a Fix PHPCS error. 2015-10-12 22:20:15 -04:00
mark_story
3a4facbf8d Remove allowSelfSigned() method.
This method is no longer needed as the low level socket understands the
`ssl_*` options now.

Refs #7496
2015-10-12 21:58:55 -04:00
mark_story
cc3531d288 Move SSL context options into CakeSocket.
Having all the options consolidated in one places enables all the SSL
context options to be used in the SmtpTransport instead of just allowing
self_signed as proposed in #7496
2015-10-12 21:56:20 -04:00
Ian den Hartog
5dfb780970 Change names 2015-10-06 10:10:34 +02:00
Ian den Hartog
bb7e7850ae Add test for Self-signed certificates 2015-10-02 16:17:26 +02:00
Ian den Hartog
5c722c6665 Fix peer verification 2015-10-02 10:18:07 +02:00
Ian den Hartog
e2c303b2b9 Add support for Self Signed certificates with smtp 2015-10-01 23:02:43 +02:00
ADmad
c3e08fde30 Load config file before checking class existence.
Closes #7465
2015-09-28 22:52:51 +05:30
Mark Story
12f5aee5a2 Merge pull request #7447 from ravage84/2.7-lib-improvements
Various improvements to the CakePHP lib files
2015-09-25 12:14:00 -04:00
Marc Würth
e690662f0e Various improvments to the CakePH Plib files
Mostly CS, doc blocks and explicit returning nulls.
2015-09-25 17:11:20 +02:00
Mark Scherer
97b6f8674c Fix CS 2015-09-21 13:45:18 +02:00
ndm2
8fe953548c Fix path traversal check for Windows based systems
On Windows based systems, both, backward as well as forward
slashes are supported as path separators, thus checking for `DS`
only, would allow to slip in `../` fragments.

refs #5905, cad57dcc28
2015-08-19 16:47:53 +02:00
mark_story
58ea40e32c Don't stop reading when only a '0' has been read.
Make tests simpler by using onConsecutiveCalls() instead of trying to
maintain mock method indexes.

Refs #7121
2015-07-27 22:40:27 -04:00
t.gommers
b16d627b36 Disable SNI in HttpSocket 2015-07-27 13:03:21 +02:00
Mark Scherer
52e79987a2 Replacing self with static due to PHP5.3+. Following #7040. 2015-07-21 10:22:53 +02:00
Chris Kim
94fbc6e5f2 Don't map text/plain to csv. Backport from 3.0. Refs #1696
Jquery sets accepts header similar to "text/plain, */*; q=0.01" by
default for xhr requests. Due to this RequestHandler used to set
extension to csv thereby causing View class to look for views under
non-existent csv folders.
2015-07-07 15:19:45 -04:00
mark_story
c47196fe08 Merge branch '2.6' into 2.7 2015-06-07 15:45:26 -04:00
mark_story
6d60e6a4db Backport 7eec48268ebb6a17656df4a059f9e7b43991472f to 2.x
Backport fixes to base path generation that prevent issue when a URL
contains // it can circumvent the base path generation, which results in
unwanted user data in the base/webroot paths. This creates an
opportunity for CSS manipulation in old versions of IE, and newer ones
via iframe inheritance.
2015-06-07 15:45:16 -04:00
mark_story
d7d8b90986 Merge branch '2.6' into 2.7 2015-05-28 19:34:59 -04:00
Igor Padovan da Silva
bf550d13ce preventing error on trying to delete unexiting buffer 2015-05-26 17:46:08 -04:00
Mark Scherer
309aee9fe5 Backport #6431 2015-04-30 15:18:28 +02:00
mark_story
096a2ebb72 Merge branch '2.6' into 2.7
Conflicts:
	lib/Cake/Test/Case/TestSuite/ControllerTestCaseTest.php
	lib/Cake/VERSION.txt
2015-04-20 15:42:54 -04:00
mark_story
f55111bdc1 Allow empty headers to be read.
Allow headers with '' and '0' as their values to be read.

Fixes #6299
2015-04-08 16:33:28 -04:00
mark_story
3151c53255 Merge branch '2.6' into 2.7 2015-03-23 22:50:09 -04:00
mark_story
b80e02c114 Fix coding standards errors.
* Line lengths
* Whitespace.

Refs #2057
2015-03-23 22:31:09 -04:00
Richard van den Berg
1f7b787236 Use $host parameter 2015-03-23 22:31:08 -04:00
Richard van den Berg
9e6b1b6930 Support for SSL Server Name Indication 2015-03-23 22:31:08 -04:00
Richard van den Berg
23d4d1155a Do not use full uri in request line for HTTPS requests via proxy 2015-03-23 22:31:08 -04:00
Richard van den Berg
15c80f7c3d Move proxy code inside if (->connected) 2015-03-23 22:31:05 -04:00
Richard van den Berg
7704efdb28 Use feof() in while loop 2015-03-23 22:31:05 -04:00
Richard van den Berg
3995c70046 Strict === and space 2015-03-23 22:31:04 -04:00
Richard van den Berg
bb8e0ae835 Use enableCrypto() 2015-03-23 22:31:01 -04:00
Richard van den Berg
54a3f8724b Addapted quick hack from issue #2057 for 2.6.3 2015-03-23 22:31:01 -04:00
mark_story
0b916cedbb Merge branch 'master' into 2.7 2015-03-09 21:55:20 -04:00
mark_story
cad57dcc28 Use DS instead of checking both slash styles.
Refs #5905
2015-03-09 21:55:07 -04:00
Mark Story
43f16f38f0 Merge pull request #5905 from davidsteinsland/fix_file_response_dots
Fix file response dots
2015-03-09 21:54:02 -04:00
mark_story
b80a8947d7 Check line length to account for fence post.
When we have exactly 998 bytes CakeEmail should not emit an error.

Refs #5948
2015-02-24 21:52:34 -05:00
ADmad
2a57d9b65f Avoid reloading config file and recreating config instance. 2015-02-20 08:48:25 +05:30
Jan Dorsman
e3b5306521 Fixing issue #5764 2015-02-19 12:19:27 +05:30
David Steinsland
5fd7396e47 Fixed downloading of files with dots 2015-02-15 19:32:33 +01:00
mark_story
eb85a875c0 Merge branch 'master' into 2.7 2015-02-10 23:00:43 -05:00
James Watts
970cb81d03 Typo typo 2015-02-02 02:07:13 +01:00
Mark Story
35e0dc2bbd Merge pull request #5760 from cakephp/master
Merge master into 2.7
2015-01-27 20:48:15 -05:00
Richan Fongdasen
fd47d26f6b Keep the user agent list in alphabetical order 2015-01-21 22:50:46 +07:00