Marc Würth
da8414e13b
Use HTTPS for the opensource.org MIT license URL
2017-06-11 00:23:22 +02:00
Marc Würth
10b89b51a9
Use HTTPS for the cakefoundation.org URL
2017-06-11 00:10:59 +02:00
Marc Würth
17314baa15
Use HTTPS for the cakephp.org URL
2017-06-10 23:40:28 +02:00
Livia Scapin
f7360266f0
Fix invalid return value hint
2017-02-08 13:48:22 +01:00
mark_story
304117d228
Fix query string parsing on requestAction()
...
This also fixes a long standing oddity around string URLs that include
a query string where the query string data would be duplicated.
Refs #9962
2017-01-04 22:34:19 -05:00
Mark Sch
b096005561
Fix CS
2016-08-21 20:31:45 +02:00
mark_story
bc73e928b6
Restore header() behavior inadvertantely removed.
...
In eaa2bbbcae
I changed the behavior to
now use the TitleCased name as I didn't understand the intended behavior
or how apache was working in the reporter's specific case.
Refs #9229
2016-08-11 21:54:24 -04:00
mark_story
20a2af8c16
Fix casing issues with Authorization header.
...
We need to check the upper case versions of headers in $_SERVER.
Also fix lint issues.
2016-08-09 22:06:49 -04:00
Sebastien Barre
acc32f5c58
Work around Apache handling the Authorization: header differently
2016-08-07 19:50:23 -04:00
Mark Story
55e9638044
Merge pull request #8844 from icyrizard/add_http_patch_content_type_check
...
Add HTTP patch Content-Type check
2016-05-27 15:41:18 +02:00
Richard Torenvliet
e31ce0d58f
Add the HTTP Patch to the Content-Type check mechanism
...
Currently when a request is of type 'patch' it is ignored. This commit makes
sure that the Content-Type is checked when a patch request is provided.
2016-05-18 14:54:52 +02:00
mark_story
39b4cbebb3
Port PHP7 fixes to 2.x
...
Port the fixes @ADmad did in 8f150dc5 to 2.x so those builds start to
pass once again.
2016-05-08 15:36:28 -04:00
mark_story
48af49ddde
Don't trust CLIENT_IP
...
The client_ip header can easily be forged. In 'safe' modes we should
only trust the remote_addr which comes from the sapi. Remove support for
http_clientaddress as I can't seem to find where this ever came from in
PHP on the http specs.
2016-03-10 22:04:13 -05:00
mark_story
3ad68db5eb
Tweak fix from #8359
...
This fixes a regression introduced in that change that we didn't
previously have tests for. The issue fixed in #8359 was related to
PHP7.0, whereas PHP5 didn't have an issue. Now both versions will work
the same.
2016-03-02 12:30:48 -05:00
phlyper
7b9ff1c11b
verify exists index 0 in $ref
...
exemple
i have to get the referrer url from any page if exists
```
class AppController extends Controller {
......
public function beforeRender() {
parent::beforeRender();
$this->params['referer'] = $this->referer(null, true);
}
..........
}
```
2016-02-26 22:39:48 +01:00
Chris Hallgren
bf22e84d65
CS fixes
2016-02-15 20:44:27 -06:00
Chris Hallgren
0c183b9b8e
Read content type in a more compatible way.
...
Not all webservers set CONTENT_TYPE. The built-in PHP webserver for
example sets HTTP_CONTENT_TYPE instead. Add a public method to the
request object to smooth over this difference.
Refs #6051 , #8267
2016-02-15 19:31:24 -06:00
Marc Würth
b5655d63ff
Remove lighthouse references
2016-02-10 12:27:34 +01:00
Edgaras Janušauskas
fde1d08b43
Fix PHPDoc @return by replacing $this to self
2016-01-28 23:10:42 +02:00
José Lorenzo Rodríguez
3ee9f97826
Trying to fix tests
2016-01-19 11:03:07 -04:30
José Lorenzo Rodríguez
dc83669e9b
using the right superglobal
2016-01-19 10:43:12 -04:30
José Lorenzo Rodríguez
93ba85b8b8
Fixed failing test
2016-01-19 08:37:36 -04:30
Jose Lorenzo Rodriguez
bd53ef01a6
Better method overriding emulation for GET
2016-01-18 20:34:32 -04:30
Mark Scherer
52e79987a2
Replacing self with static due to PHP5.3+. Following #7040 .
2015-07-21 10:22:53 +02:00
mark_story
c47196fe08
Merge branch '2.6' into 2.7
2015-06-07 15:45:26 -04:00
mark_story
6d60e6a4db
Backport 7eec48268ebb6a17656df4a059f9e7b43991472f to 2.x
...
Backport fixes to base path generation that prevent issue when a URL
contains // it can circumvent the base path generation, which results in
unwanted user data in the base/webroot paths. This creates an
opportunity for CSS manipulation in old versions of IE, and newer ones
via iframe inheritance.
2015-06-07 15:45:16 -04:00
mark_story
096a2ebb72
Merge branch '2.6' into 2.7
...
Conflicts:
lib/Cake/Test/Case/TestSuite/ControllerTestCaseTest.php
lib/Cake/VERSION.txt
2015-04-20 15:42:54 -04:00
mark_story
f55111bdc1
Allow empty headers to be read.
...
Allow headers with '' and '0' as their values to be read.
Fixes #6299
2015-04-08 16:33:28 -04:00
Mark Story
35e0dc2bbd
Merge pull request #5760 from cakephp/master
...
Merge master into 2.7
2015-01-27 20:48:15 -05:00
Richan Fongdasen
fd47d26f6b
Keep the user agent list in alphabetical order
2015-01-21 22:50:46 +07:00
Richan Fongdasen
a7d604bca8
Add mobile agent for Blackberry Z10 and Blackberry Z30, fixes #5706
2015-01-21 13:47:03 +07:00
mark_story
ac9a212d44
Merge branch 'master' into 2.7
...
Conflicts:
lib/Cake/Utility/String.php
2015-01-11 15:25:18 -05:00
antograssiot
c2f298a8b7
Replace our custom code fence with markdown standard fence
2015-01-09 13:47:25 +01:00
mark_story
839ef73d43
Merge branch '2.6' into 2.7
2014-12-17 21:46:54 -05:00
mark_story
4d6611b328
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/VERSION.txt
2014-12-17 21:38:32 -05:00
euromark
e1c128bb99
Consolidate with conditions sniff.
2014-12-09 03:17:35 +01:00
Florian Krämer
e7f554cba7
Changing the direct access of super globals in Cake/Network/CakeRequest.php to use env() and fixed a typo.
2014-11-29 03:04:07 +01:00
Florian Krämer
43f7fcc735
Adding a few more ways to detect HTTP headers, extensions and the accept header.
2014-11-27 01:00:44 +01:00
Florian Krämer
4ff07b745a
Adding a test for the new json and xml detectors that were added to the CakeRequest class.
2014-11-22 17:30:53 +01:00
Florian Krämer
83eb8ce7de
Changes to Cake/Network/CakeRequest.php as discussed on Github for the detector code changes. Fixed the description of a few doc blocks, removed the use of getallheaders(), removed the failsafe (based on extension) for the xml and json detectors.
2014-11-22 12:55:22 +01:00
Florian Krämer
17e5d41e55
Restructuring the CakeRequest::is() code and related code a little.
2014-11-21 18:49:36 +01:00
Florian Krämer
3f5f8cbc15
phpcs fixes in Cake/Network/CakeRequest.php
2014-11-20 22:16:36 +01:00
Florian Krämer
728764c543
Adding a test for the refactored CakeRequest code.
2014-11-20 21:14:17 +01:00
Florian Krämer
88bfa70cad
Refactoring the detector code for CakeRequest::is() and adding default detectors for JSON and XML.
2014-11-20 21:14:07 +01:00
mark_story
734bb9223b
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/Core/App.php
lib/Cake/VERSION.txt
2014-09-06 23:04:20 -04:00
Marc Würth
67ba9cb406
Update all @deprecated annotations
...
to adhere to the @deprecated <version> <description> format, where version and description are mandatory.
2014-09-02 17:03:22 +02:00
mark_story
7c316bbc56
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/basics.php
2014-08-30 21:28:11 -04:00
mark_story
cd7438d33d
Fix 0 index not being properly parsed for files.
2014-08-23 13:05:16 +02:00
ADmad
9e21d048ce
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/VERSION.txt
2014-07-27 12:29:39 +05:30
Rachman Chavik
aad89444d1
Fix: Blackholed request when POSTing to a URL with space
...
Eg:
Actual Posted URL:
/admin/settings/settings/prefix/Access%20Control
$_GET value:
/admin/settings/settings/prefix/Access_Control
Since $unsetUrl differs, the $_GET value will get copied in to
CakeRequest::$query, causing CakeRequest::here() to return:
/admin/settings/settings/prefix/Access%20Control?%2Fadmin%2Fsettings%2Fsettings%2Fprefix%2FAccess_Control=
This confuses SecurityComponent in the following line:
f23d811ff5/lib/Cake/Controller/Component/SecurityComponent.php (L514)
2014-07-24 16:25:03 +07:00