Commit graph

211 commits

Author SHA1 Message Date
Mark Story
55e9638044 Merge pull request #8844 from icyrizard/add_http_patch_content_type_check
Add HTTP patch Content-Type check
2016-05-27 15:41:18 +02:00
Richard Torenvliet
e31ce0d58f Add the HTTP Patch to the Content-Type check mechanism
Currently when a request is of type 'patch' it is ignored. This commit makes
sure that the Content-Type is checked when a patch request is provided.
2016-05-18 14:54:52 +02:00
mark_story
39b4cbebb3 Port PHP7 fixes to 2.x
Port the fixes @ADmad did in 8f150dc5 to 2.x so those builds start to
pass once again.
2016-05-08 15:36:28 -04:00
mark_story
48af49ddde Don't trust CLIENT_IP
The client_ip header can easily be forged. In 'safe' modes we should
only trust the remote_addr which comes from the sapi. Remove support for
http_clientaddress as I can't seem to find where this ever came from in
PHP on the http specs.
2016-03-10 22:04:13 -05:00
mark_story
3ad68db5eb Tweak fix from #8359
This fixes a regression introduced in that change that we didn't
previously have tests for. The issue fixed in #8359 was related to
PHP7.0, whereas PHP5 didn't have an issue. Now both versions will work
the same.
2016-03-02 12:30:48 -05:00
phlyper
7b9ff1c11b verify exists index 0 in $ref
exemple

i have to get the referrer url from any page if exists

```
class AppController extends Controller {
......
    public function beforeRender() {
        parent::beforeRender();
        $this->params['referer'] = $this->referer(null, true);
    }
..........
}
```
2016-02-26 22:39:48 +01:00
Chris Hallgren
bf22e84d65 CS fixes 2016-02-15 20:44:27 -06:00
Chris Hallgren
0c183b9b8e Read content type in a more compatible way.
Not all webservers set CONTENT_TYPE. The built-in PHP webserver for
example sets HTTP_CONTENT_TYPE instead. Add a public method to the
request object to smooth over this difference.

Refs #6051, #8267
2016-02-15 19:31:24 -06:00
Marc Würth
b5655d63ff Remove lighthouse references 2016-02-10 12:27:34 +01:00
Edgaras Janušauskas
fde1d08b43 Fix PHPDoc @return by replacing $this to self 2016-01-28 23:10:42 +02:00
José Lorenzo Rodríguez
3ee9f97826 Trying to fix tests 2016-01-19 11:03:07 -04:30
José Lorenzo Rodríguez
dc83669e9b using the right superglobal 2016-01-19 10:43:12 -04:30
José Lorenzo Rodríguez
93ba85b8b8 Fixed failing test 2016-01-19 08:37:36 -04:30
Jose Lorenzo Rodriguez
bd53ef01a6 Better method overriding emulation for GET 2016-01-18 20:34:32 -04:30
Mark Scherer
52e79987a2 Replacing self with static due to PHP5.3+. Following #7040. 2015-07-21 10:22:53 +02:00
mark_story
c47196fe08 Merge branch '2.6' into 2.7 2015-06-07 15:45:26 -04:00
mark_story
6d60e6a4db Backport 7eec48268ebb6a17656df4a059f9e7b43991472f to 2.x
Backport fixes to base path generation that prevent issue when a URL
contains // it can circumvent the base path generation, which results in
unwanted user data in the base/webroot paths. This creates an
opportunity for CSS manipulation in old versions of IE, and newer ones
via iframe inheritance.
2015-06-07 15:45:16 -04:00
mark_story
096a2ebb72 Merge branch '2.6' into 2.7
Conflicts:
	lib/Cake/Test/Case/TestSuite/ControllerTestCaseTest.php
	lib/Cake/VERSION.txt
2015-04-20 15:42:54 -04:00
mark_story
f55111bdc1 Allow empty headers to be read.
Allow headers with '' and '0' as their values to be read.

Fixes #6299
2015-04-08 16:33:28 -04:00
Mark Story
35e0dc2bbd Merge pull request #5760 from cakephp/master
Merge master into 2.7
2015-01-27 20:48:15 -05:00
Richan Fongdasen
fd47d26f6b Keep the user agent list in alphabetical order 2015-01-21 22:50:46 +07:00
Richan Fongdasen
a7d604bca8 Add mobile agent for Blackberry Z10 and Blackberry Z30, fixes #5706 2015-01-21 13:47:03 +07:00
mark_story
ac9a212d44 Merge branch 'master' into 2.7
Conflicts:
	lib/Cake/Utility/String.php
2015-01-11 15:25:18 -05:00
antograssiot
c2f298a8b7 Replace our custom code fence with markdown standard fence 2015-01-09 13:47:25 +01:00
mark_story
839ef73d43 Merge branch '2.6' into 2.7 2014-12-17 21:46:54 -05:00
mark_story
4d6611b328 Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/VERSION.txt
2014-12-17 21:38:32 -05:00
euromark
e1c128bb99 Consolidate with conditions sniff. 2014-12-09 03:17:35 +01:00
Florian Krämer
e7f554cba7 Changing the direct access of super globals in Cake/Network/CakeRequest.php to use env() and fixed a typo. 2014-11-29 03:04:07 +01:00
Florian Krämer
43f7fcc735 Adding a few more ways to detect HTTP headers, extensions and the accept header. 2014-11-27 01:00:44 +01:00
Florian Krämer
4ff07b745a Adding a test for the new json and xml detectors that were added to the CakeRequest class. 2014-11-22 17:30:53 +01:00
Florian Krämer
83eb8ce7de Changes to Cake/Network/CakeRequest.php as discussed on Github for the detector code changes. Fixed the description of a few doc blocks, removed the use of getallheaders(), removed the failsafe (based on extension) for the xml and json detectors. 2014-11-22 12:55:22 +01:00
Florian Krämer
17e5d41e55 Restructuring the CakeRequest::is() code and related code a little. 2014-11-21 18:49:36 +01:00
Florian Krämer
3f5f8cbc15 phpcs fixes in Cake/Network/CakeRequest.php 2014-11-20 22:16:36 +01:00
Florian Krämer
728764c543 Adding a test for the refactored CakeRequest code. 2014-11-20 21:14:17 +01:00
Florian Krämer
88bfa70cad Refactoring the detector code for CakeRequest::is() and adding default detectors for JSON and XML. 2014-11-20 21:14:07 +01:00
mark_story
734bb9223b Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/Core/App.php
	lib/Cake/VERSION.txt
2014-09-06 23:04:20 -04:00
Marc Würth
67ba9cb406 Update all @deprecated annotations
to adhere to the @deprecated <version> <description> format, where version and description are mandatory.
2014-09-02 17:03:22 +02:00
mark_story
7c316bbc56 Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/basics.php
2014-08-30 21:28:11 -04:00
mark_story
cd7438d33d Fix 0 index not being properly parsed for files. 2014-08-23 13:05:16 +02:00
ADmad
9e21d048ce Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/VERSION.txt
2014-07-27 12:29:39 +05:30
Rachman Chavik
aad89444d1 Fix: Blackholed request when POSTing to a URL with space
Eg:

Actual Posted URL:
    /admin/settings/settings/prefix/Access%20Control
$_GET value:
    /admin/settings/settings/prefix/Access_Control

Since $unsetUrl differs, the $_GET value will get copied in to
CakeRequest::$query, causing CakeRequest::here() to return:

    /admin/settings/settings/prefix/Access%20Control?%2Fadmin%2Fsettings%2Fsettings%2Fprefix%2FAccess_Control=

This confuses SecurityComponent in the following line:

    f23d811ff5/lib/Cake/Controller/Component/SecurityComponent.php (L514)
2014-07-24 16:25:03 +07:00
mark_story
2bcd817367 Merge branch 'master' into 2.6 2014-07-03 11:13:06 -04:00
euromark
974ca851c2 Correct doc blocks according to cs guidelines.
Remove superfluous empty lines.
2014-07-03 15:36:42 +02:00
mark_story
30952f2b64 Merge branch '2.6' of github.com:cakephp/cakephp into 2.6 2014-06-29 22:57:59 -04:00
Derek Perkins
6bf0b22195 Add setInput function to CakeRequest
Modify data originally from `php://input`. Useful for altering json/xml
data in middleware or DispatcherFilters before it gets to
RequestHandlerComponent or other controllers.
2014-06-29 22:55:29 -04:00
mark_story
a2673d8bf0 Merge branch 'master' into 2.6
Conflicts:
	lib/Cake/Core/App.php
2014-06-25 09:22:10 -04:00
euromark
b3507b199a Update doc blocks regarding return $this 2014-06-25 00:06:51 +02:00
mark_story
92eeef8ae0 Merge branch 'master' into 2.6 2014-06-02 22:57:25 -04:00
ADmad
3d9b2b80cb More API docblock fixes. 2014-06-01 03:06:05 +05:30
dogmatic69
bcdc530391 adding support to write values to param like can be done with data(), method returns $this as does ->data() when writing 2014-05-25 00:52:30 +01:00