HTTP_X_FORWARDED_HOST is supposed to be used by proxies to indicate the
original HTTP_HOST value. It has nothing to do with referer values.
Since the HTTP_X_FORWARDED_HOST is intended to replace the HOST header
in proxied setups, add a trustProxy parameter to host() and default it
to false. This maintains existing behavior and allows people to access
the proxied value.
Fixes#2537
This statement does not serve a purpose anymore.
In a long forgotten world it indicated the main version number of PHP which the code in the file was compatible to.
http://pear.php.net/manual/en/standards.sample.php
But since PHP 5.1 and later this is only marginally true.
Thus I propose to remove it from CakePHP.
When encoded values are present in header fields, they need to have
newlines removed as leaving the newlines in place and interfere with
delivery on Qmail based SMTP servers.
Fixes#2209
Some browsers have invalid accept headers, we should ignore the invalid
extension data as assuming it will be a qualifier can result in
incorrect results.
Fixes#4105
Having a separate classname for testing allows the testsuite to not
provide a classname that the application would. This allows composer to
generate the correct classmap when CakePHP is installed with composer.
Fixes#4112
This method provides an easy to use interface to get/set the location
header in a response object. This is primarily to facilitate future
development in 3.x
Correctly handle ranges that don't terminate at the end of the file.
Also reject invalid ranges as described in RFC-2616.
Thanks to Kim Biesbjerg for the initial patch.
Fixes#3914
Trim off webroot/index.php when determining base and url.
Trimming off index.php from url and webroot/index.php from base url allows the correct values to be created when a path contains index.php in it.
Fixes#3318
Fixes https://cakephp.lighthouseapp.com/projects/42648-cakephp/tickets/3318
It seems fixing this in the htaccess file(s) isn't going to work even though a url rewriting based solution was more clean. On the plus side this works for any web server.
If a url is called with "index.php" in it then the CakeRequest swallows this part and fixes the path. Any linked url from the requested page will have a clean url. Thus after following one of these urls this problem is gone anyway.
Some code docblock improvements to CakeRequestTest.php
Added test case for fix
Also now you can call just index.php even if you have url rewriting enabled
