adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-29 18:27:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
19634 commits 7 branches 0 tags 44 MiB
Commit graph

561 commits

Author SHA1 Message Date
mark_story
f28c21c7a7 Stop testing against SSL ciphers that emit warnings. 
Testing that SSLv3 still works is causing test failures.
 2016-06-27 21:47:37 -04:00
mark_story
12c6fd4e22 Merge branch '2.x' into 2.next 2016-05-02 21:58:41 -04:00
mark_story
af953700b8 Fix short array usage. 
Refs FIVESMX-8723
 2016-04-29 09:28:05 -04:00
mark_story
cf55767fa0 Backport range parsing resiliancy fixes from 3.x 
Refs #8723
 2016-04-28 22:27:37 -04:00
mark_story
f451efa511 Attempt to fix tests in 2.x 
Relying on tv.eurosport.com having a bad peer name is pretty fragile.
However, we can more easily rely on their cert coming from a CA we no
longer trust.
 2016-04-14 15:28:34 -04:00
mscherer
657b1a1029 Fix doc block param types. 2016-04-08 15:02:03 +02:00
mscherer
dda9e83ab6 Refactor Object to CakeObject for future PHP7 comp. 2016-04-08 14:33:26 +02:00
mark_story
48af49ddde Don't trust CLIENT_IP 
The client_ip header can easily be forged. In 'safe' modes we should
only trust the remote_addr which comes from the sapi. Remove support for
http_clientaddress as I can't seem to find where this ever came from in
PHP on the http specs.
 2016-03-10 22:04:13 -05:00
Mark Story
18b0334890 Merge pull request #8384 from garas/mailtransport-log-subject 
Email log missing Subject and To headers when using MailTransport
 2016-03-02 21:29:13 -05:00
mark_story
3ad68db5eb Tweak fix from #8359 
This fixes a regression introduced in that change that we didn't
previously have tests for. The issue fixed in #8359 was related to
PHP7.0, whereas PHP5 didn't have an issue. Now both versions will work
the same.
 2016-03-02 12:30:48 -05:00
Edgaras Janušauskas
2386a86adc Include Subject and To in email log when using MailTransport 2016-03-01 22:21:14 +02:00
mark_story
1a170e1eec Fix parsing empty header values. 
Replace the complex and somewhat unfixable regexp based parser for
a parser that handles each line individually. Normalize multi-line
headers to replace multiple spaces with a single one. Section 4.2 of the
HTTP1.1 standard states

> Any LWS that occurs between field-content MAY be replaced with
> a single SP before interpreting the field value or forwarding the
> message downstream.

This makes me somewhat confident that we can safely normalize
multi-line HTTP header values.

Refs #8330
 2016-02-24 22:25:58 -05:00
Chris Hallgren
bf22e84d65 CS fixes 2016-02-15 20:44:27 -06:00
Chris Hallgren
849abab6a4 Fixing test case 2016-02-15 19:34:05 -06:00
Chris Hallgren
0c183b9b8e Read content type in a more compatible way. 
Not all webservers set CONTENT_TYPE. The built-in PHP webserver for
example sets HTTP_CONTENT_TYPE instead. Add a public method to the
request object to smooth over this difference.

Refs #6051, #8267
 2016-02-15 19:31:24 -06:00
Marc Würth
b5655d63ff Remove lighthouse references 2016-02-10 12:27:34 +01:00
José Lorenzo Rodríguez
835fc9ce01 More CS fixes 2016-01-19 13:52:16 -04:30
José Lorenzo Rodríguez
2962b387d7 Fixed CS error 2016-01-19 11:17:06 -04:30
Jose Lorenzo Rodriguez
bd53ef01a6 Better method overriding emulation for GET 2016-01-18 20:34:32 -04:30
Richard van den Berg
2d178b7e10 PHPCS fixes 2015-12-15 19:58:11 +01:00
Richard van den Berg
e47b26aa6b Do not redefine TestHttpSocket 2015-12-15 16:58:12 +01:00
Richard van den Berg
077f157adf Test case for proxy authentication when request is HTTPS 2015-12-12 11:13:41 +01:00
Qing Wu
48dd778bd0 Fixed issue #7579 on the 2.7 branch 2015-12-02 10:24:16 +11:00
mark_story
3a4facbf8d Remove allowSelfSigned() method. 
This method is no longer needed as the low level socket understands the
`ssl_*` options now.

Refs #7496
 2015-10-12 21:58:55 -04:00
mark_story
cc3531d288 Move SSL context options into CakeSocket. 
Having all the options consolidated in one places enables all the SSL
context options to be used in the SmtpTransport instead of just allowing
self_signed as proposed in #7496
 2015-10-12 21:56:20 -04:00
Ian den Hartog
5dfb780970 Change names 2015-10-06 10:10:34 +02:00
Ian den Hartog
bb7e7850ae Add test for Self-signed certificates 2015-10-02 16:17:26 +02:00
Ian den Hartog
e2c303b2b9 Add support for Self Signed certificates with smtp 2015-10-01 23:02:43 +02:00
Marc Würth
1ede742d92 Various improvements to the CakePHP test files 
Mostly CS, doc blocks and unused variables.
 2015-09-25 17:22:00 +02:00
Mark Scherer
97b6f8674c Fix CS 2015-09-21 13:45:18 +02:00
ndm2
8fe953548c Fix path traversal check for Windows based systems 
On Windows based systems, both, backward as well as forward
slashes are supported as path separators, thus checking for `DS`
only, would allow to slip in `../` fragments.

refs #5905, cad57dcc28
 2015-08-19 16:47:53 +02:00
mark_story
58ea40e32c Don't stop reading when only a '0' has been read. 
Make tests simpler by using onConsecutiveCalls() instead of trying to
maintain mock method indexes.

Refs #7121
 2015-07-27 22:40:27 -04:00
Mark Scherer
a239324a0d use constant PHP_SAPI 2015-07-26 15:35:03 +02:00
mark_story
ae2ea1ea6c Merge branch '2.6' into 2.7 2015-06-25 21:50:47 -04:00
Mark Scherer
fc57e43a5b Adjust tests. 2015-06-21 12:13:09 +02:00
mark_story
97be9b9696 Fix PHPCS errors. 2015-06-15 12:19:20 -04:00
mark_story
947262e754 Fix PHPCS errors. 2015-06-14 21:56:48 -04:00
mark_story
c47196fe08 Merge branch '2.6' into 2.7 2015-06-07 15:45:26 -04:00
mark_story
6d60e6a4db Backport 7eec48268ebb6a17656df4a059f9e7b43991472f to 2.x 
Backport fixes to base path generation that prevent issue when a URL
contains // it can circumvent the base path generation, which results in
unwanted user data in the base/webroot paths. This creates an
opportunity for CSS manipulation in old versions of IE, and newer ones
via iframe inheritance.
 2015-06-07 15:45:16 -04:00
mark_story
d7d8b90986 Merge branch '2.6' into 2.7 2015-05-28 19:34:59 -04:00
Mark Scherer
309aee9fe5 Backport #6431 2015-04-30 15:18:28 +02:00
mark_story
096a2ebb72 Merge branch '2.6' into 2.7 
Conflicts:
	lib/Cake/Test/Case/TestSuite/ControllerTestCaseTest.php
	lib/Cake/VERSION.txt
 2015-04-20 15:42:54 -04:00
mark_story
f55111bdc1 Allow empty headers to be read. 
Allow headers with '' and '0' as their values to be read.

Fixes #6299
 2015-04-08 16:33:28 -04:00
mark_story
3151c53255 Merge branch '2.6' into 2.7 2015-03-23 22:50:09 -04:00
Richard van den Berg
1d0d20e974 Account for SNI changes in HttpSocketTest 2015-03-23 22:31:08 -04:00
mark_story
0b916cedbb Merge branch 'master' into 2.7 2015-03-09 21:55:20 -04:00
Mark Story
43f16f38f0 Merge pull request #5905 from davidsteinsland/fix_file_response_dots 
Fix file response dots
 2015-03-09 21:54:02 -04:00
mark_story
b80a8947d7 Check line length to account for fence post. 
When we have exactly 998 bytes CakeEmail should not emit an error.

Refs #5948
 2015-02-24 21:52:34 -05:00
ADmad
2a57d9b65f Avoid reloading config file and recreating config instance. 2015-02-20 08:48:25 +05:30
David Steinsland
463fa660bc Updated test 2015-02-19 17:28:32 +01:00
Jan Dorsman
e3b5306521 Fixing issue #5764 2015-02-19 12:19:27 +05:30
David Steinsland
960ddd0eb8 Added DocBlock 2015-02-15 19:34:28 +01:00
David Steinsland
5fd7396e47 Fixed downloading of files with dots 2015-02-15 19:32:33 +01:00
mark_story
1c913d29b6 Merge branch '2.6' into 2.7 2014-11-29 22:00:24 -05:00
mark_story
543f05e3d0 Merge branch 'master' into 2.6 2014-11-29 22:00:00 -05:00
Florian Krämer
43f7fcc735 Adding a few more ways to detect HTTP headers, extensions and the accept header. 2014-11-27 01:00:44 +01:00
mark_story
1e6d22b8cb Make the version option function as intended. 
The version option is documented but does not work. While this 'breaks'
behavior, it also fixes what I think is a more important issue.

Refs #5234
 2014-11-24 22:38:00 -05:00
Florian Krämer
4ff07b745a Adding a test for the new json and xml detectors that were added to the CakeRequest class. 2014-11-22 17:30:53 +01:00
Florian Krämer
24c4cab4f3 phpcs fix in Cake/Test/Case/Network/CakeRequestTest.php 2014-11-20 22:50:12 +01:00
Florian Krämer
728764c543 Adding a test for the refactored CakeRequest code. 2014-11-20 21:14:17 +01:00
Mark Story
5dab175aa9 Merge pull request #5196 from cakephp/issue-5140 
Gracefully handle invalid chunks in HttpSocket
 2014-11-18 21:58:41 -05:00
ndm2
bae556e73f Prevent zero only lines from being emptied 2014-11-18 17:26:31 +01:00
mark_story
8cbf975943 Gracefully handle invalid chunks in HttpSocket 
When invalid chunks are detected we should assume the server is
incorrect and handle the remaining content as a single large chunk.

Refs #5140
 2014-11-17 22:23:46 -05:00
euromark
8e18e5a1c7 Correct argument order for assert. 2014-11-11 01:51:46 +01:00
mark_story
3095187952 Merge branch 'master' into 2.6 
Conflicts:
	lib/Cake/VERSION.txt
 2014-11-10 19:38:31 -05:00
ndm2
f0b6657113 Make unsetting the email pattern work as expected. 
When set to `null`, only `filter_var()` should be used. This is a
partial backport of #5111
 2014-11-09 16:33:57 +01:00
mark_story
0e4fb9d648 Merge branch 'master' into 2.6 2014-11-07 15:13:46 -05:00
mark_story
6aaac6b7e2 Fix HttpSocket mishandling encoded URIs 
The HTTP specs seem to indicate that the Location header should contain
an 'absoluteURI' which includes encoded data. In order to avoid
a regression with the issue fixed in b9ee4fc9f1
we'll continue to replace `%2F` and no longer decode the entire URI.

Fixes #5076
 2014-11-05 22:18:48 -05:00
Marek Władysz
65cb186652 Use assertNotSame() instead of assertTrue($result !== false) 2014-10-26 14:19:19 +01:00
Marek Władysz
090e85a5a4 Make CakeResponse::file() accept ranges even when download option is false. 2014-10-25 19:49:56 +02:00
mark_story
af43bc1706 Merge branch 'master' into 2.6 2014-09-25 22:39:51 -04:00
euromark
9c8ab826bf Correct a few more misleading assert orders. 2014-09-24 14:34:24 +02:00
euromark
fce16189d5 Fix tests 2014-09-24 14:25:18 +02:00
mark_story
cf45d3fab8 Merge branch 'master' into 2.6 2014-09-22 20:46:28 -04:00
euromark
4d1a65ede2 Add intl email test. 2014-09-16 10:14:00 +02:00
mark_story
7c316bbc56 Merge branch 'master' into 2.6 
Conflicts:
	lib/Cake/basics.php
 2014-08-30 21:28:11 -04:00
Jeremy Harris
8f420d74fa HttpSocket: not overwriting auth header if it is set in request configuration 2014-08-21 11:24:10 -05:00
mark_story
9c3089796f Merge branch 'master' into 2.6 
Conflicts:
	lib/Cake/Model/Model.php
 2014-08-08 23:28:06 -04:00
euromark
9ef7b5713a CS fixes. 2014-08-04 13:53:52 +02:00
ADmad
9e21d048ce Merge branch 'master' into 2.6 
Conflicts:
	lib/Cake/VERSION.txt
 2014-07-27 12:29:39 +05:30
Mark Story
adf739b893 Merge pull request #4011 from ndm2/stmp-auth-reponse-evaluation-fix 
Make SMTP auth reply code checks work properly.
 2014-07-24 08:42:22 -04:00
Rachman Chavik
aad89444d1 Fix: Blackholed request when POSTing to a URL with space 
Eg:

Actual Posted URL:
    /admin/settings/settings/prefix/Access%20Control
$_GET value:
    /admin/settings/settings/prefix/Access_Control

Since $unsetUrl differs, the $_GET value will get copied in to
CakeRequest::$query, causing CakeRequest::here() to return:

    /admin/settings/settings/prefix/Access%20Control?%2Fadmin%2Fsettings%2Fsettings%2Fprefix%2FAccess_Control=

This confuses SecurityComponent in the following line:

    f23d811ff5/lib/Cake/Controller/Component/SecurityComponent.php (L514)
 2014-07-24 16:25:03 +07:00
mark_story
0d14bf7cc8 Update doc blocks. 
There were a few trailing comments in #3706 that have now been
addressed.
 2014-07-20 22:00:07 -04:00
Mark Story
7ef7ce2dbb Merge pull request #3706 from MelvinRoss/httpsocketheader 
Add support for specifying protocol in Cakesocket/HttpSocket.  Add HEAD function to HttpSocket
 2014-07-20 21:58:37 -04:00
mark_story
0dfce1abf3 Add . to the list of allowed characters. 
This was missed when the email validation rules were relaxed in
dc34d80f6f.

Fixes #4027
 2014-07-19 19:57:33 -04:00
ndm2
f03bf8067c Add some more exception message checks 2014-07-18 14:56:10 +02:00
ndm2
bf7d01ac66 Make SMTP auth reply code checks work properly. 2014-07-18 14:53:22 +02:00
Melvin Ross
09a7020119 Fix spacing to conform to coding standards 2014-07-14 14:54:26 -05:00
Melvin Ross
0eaf650d9f Test for new HEAD function inside HttpSocket 2014-07-14 14:34:27 -05:00
mark_story
3a70d9c033 Merge branch 'master' into 2.6 2014-07-09 10:17:05 -04:00
ADmad
1eccec02e4 Merge pull request #3872 from CostaC/response-sharable-fix 
Fix for CakeResponse::sharable() header to include private caches
 2014-07-04 10:32:51 +05:30
Costa Caruso
4f559f5cc9 Fixed failing test for CakeResponse::sharable + spacing 2014-07-03 15:03:48 -04:00
mark_story
2bcd817367 Merge branch 'master' into 2.6 2014-07-03 11:13:06 -04:00
euromark
974ca851c2 Correct doc blocks according to cs guidelines. 
Remove superfluous empty lines.
 2014-07-03 15:36:42 +02:00
mark_story
b1610c145e Merge branch 'master' into 2.6 2014-07-02 23:39:16 -04:00
mark_story
adcf9ab723 Fix failing test. 
CakeEmail now has a default validation pattern.

Refs #3742
 2014-06-30 13:29:39 -04:00
mark_story
dc34d80f6f Relax email validation rules even more. 
While filter_var() allows a number of email addresses that
Validation::email() does not, it misses out of email address that
contain IDN host names, and unicode mailboxes. Both of these are
generally deliverable, and should be permitted. filter_var() also fails
on local mailboxes like `root@localhost` which is useful in the context
of cron jobs.

Fixes #3742
 2014-06-30 10:42:37 -04:00
Derek Perkins
b1a3ab9e64 Added unit test for CakeRequest::setInput 
Don't use mocks as the tests weren't really testing anything when mocks
were involved.

Refs #3764
 2014-06-29 22:55:38 -04:00
Melvin Ross
ad4dbdcee5 Fix HttpSocket test to actually reset protocols for correct test. Modify HttpSocket so that Https with non-passed in protocol doesn't set it to tcp and fail test. 2014-06-12 09:37:03 -05:00
Melvin Ross
86923e3593 Modify CakeSocket and HttpSocket so that the "protocol" parameter can be used to specify which protocol to use for creating sockets. These are protcols in the php "[a-z]://" wrapper sense. I also modified the test for these two files respectively to accomodate these new changes. 
Unrelated to this bug, I added a "head" function inside of HttpSocket to go along with the GET/POST/PUT/DELETE/PATCH combination that's already present. Came in handy for me for deciding if I wanted to hit a resource with HttpSocket or not.
 2014-06-11 19:04:58 -05:00