ndm2
8fe953548c
Fix path traversal check for Windows based systems
...
On Windows based systems, both, backward as well as forward
slashes are supported as path separators, thus checking for `DS`
only, would allow to slip in `../` fragments.
refs #5905 , cad57dcc28
2015-08-19 16:47:53 +02:00
mark_story
58ea40e32c
Don't stop reading when only a '0' has been read.
...
Make tests simpler by using onConsecutiveCalls() instead of trying to
maintain mock method indexes.
Refs #7121
2015-07-27 22:40:27 -04:00
Mark Scherer
a239324a0d
use constant PHP_SAPI
2015-07-26 15:35:03 +02:00
mark_story
ae2ea1ea6c
Merge branch '2.6' into 2.7
2015-06-25 21:50:47 -04:00
Mark Scherer
fc57e43a5b
Adjust tests.
2015-06-21 12:13:09 +02:00
mark_story
97be9b9696
Fix PHPCS errors.
2015-06-15 12:19:20 -04:00
mark_story
947262e754
Fix PHPCS errors.
2015-06-14 21:56:48 -04:00
mark_story
c47196fe08
Merge branch '2.6' into 2.7
2015-06-07 15:45:26 -04:00
mark_story
6d60e6a4db
Backport 7eec48268ebb6a17656df4a059f9e7b43991472f to 2.x
...
Backport fixes to base path generation that prevent issue when a URL
contains // it can circumvent the base path generation, which results in
unwanted user data in the base/webroot paths. This creates an
opportunity for CSS manipulation in old versions of IE, and newer ones
via iframe inheritance.
2015-06-07 15:45:16 -04:00
mark_story
d7d8b90986
Merge branch '2.6' into 2.7
2015-05-28 19:34:59 -04:00
Mark Scherer
309aee9fe5
Backport #6431
2015-04-30 15:18:28 +02:00
mark_story
096a2ebb72
Merge branch '2.6' into 2.7
...
Conflicts:
lib/Cake/Test/Case/TestSuite/ControllerTestCaseTest.php
lib/Cake/VERSION.txt
2015-04-20 15:42:54 -04:00
mark_story
f55111bdc1
Allow empty headers to be read.
...
Allow headers with '' and '0' as their values to be read.
Fixes #6299
2015-04-08 16:33:28 -04:00
mark_story
3151c53255
Merge branch '2.6' into 2.7
2015-03-23 22:50:09 -04:00
Richard van den Berg
1d0d20e974
Account for SNI changes in HttpSocketTest
2015-03-23 22:31:08 -04:00
mark_story
0b916cedbb
Merge branch 'master' into 2.7
2015-03-09 21:55:20 -04:00
Mark Story
43f16f38f0
Merge pull request #5905 from davidsteinsland/fix_file_response_dots
...
Fix file response dots
2015-03-09 21:54:02 -04:00
mark_story
b80a8947d7
Check line length to account for fence post.
...
When we have exactly 998 bytes CakeEmail should not emit an error.
Refs #5948
2015-02-24 21:52:34 -05:00
ADmad
2a57d9b65f
Avoid reloading config file and recreating config instance.
2015-02-20 08:48:25 +05:30
David Steinsland
463fa660bc
Updated test
2015-02-19 17:28:32 +01:00
Jan Dorsman
e3b5306521
Fixing issue #5764
2015-02-19 12:19:27 +05:30
David Steinsland
960ddd0eb8
Added DocBlock
2015-02-15 19:34:28 +01:00
David Steinsland
5fd7396e47
Fixed downloading of files with dots
2015-02-15 19:32:33 +01:00
mark_story
1c913d29b6
Merge branch '2.6' into 2.7
2014-11-29 22:00:24 -05:00
mark_story
543f05e3d0
Merge branch 'master' into 2.6
2014-11-29 22:00:00 -05:00
Florian Krämer
43f7fcc735
Adding a few more ways to detect HTTP headers, extensions and the accept header.
2014-11-27 01:00:44 +01:00
mark_story
1e6d22b8cb
Make the version option function as intended.
...
The version option is documented but does not work. While this 'breaks'
behavior, it also fixes what I think is a more important issue.
Refs #5234
2014-11-24 22:38:00 -05:00
Florian Krämer
4ff07b745a
Adding a test for the new json and xml detectors that were added to the CakeRequest class.
2014-11-22 17:30:53 +01:00
Florian Krämer
24c4cab4f3
phpcs fix in Cake/Test/Case/Network/CakeRequestTest.php
2014-11-20 22:50:12 +01:00
Florian Krämer
728764c543
Adding a test for the refactored CakeRequest code.
2014-11-20 21:14:17 +01:00
Mark Story
5dab175aa9
Merge pull request #5196 from cakephp/issue-5140
...
Gracefully handle invalid chunks in HttpSocket
2014-11-18 21:58:41 -05:00
ndm2
bae556e73f
Prevent zero only lines from being emptied
2014-11-18 17:26:31 +01:00
mark_story
8cbf975943
Gracefully handle invalid chunks in HttpSocket
...
When invalid chunks are detected we should assume the server is
incorrect and handle the remaining content as a single large chunk.
Refs #5140
2014-11-17 22:23:46 -05:00
euromark
8e18e5a1c7
Correct argument order for assert.
2014-11-11 01:51:46 +01:00
mark_story
3095187952
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/VERSION.txt
2014-11-10 19:38:31 -05:00
ndm2
f0b6657113
Make unsetting the email pattern work as expected.
...
When set to `null`, only `filter_var()` should be used. This is a
partial backport of #5111
2014-11-09 16:33:57 +01:00
mark_story
0e4fb9d648
Merge branch 'master' into 2.6
2014-11-07 15:13:46 -05:00
mark_story
6aaac6b7e2
Fix HttpSocket mishandling encoded URIs
...
The HTTP specs seem to indicate that the Location header should contain
an 'absoluteURI' which includes encoded data. In order to avoid
a regression with the issue fixed in b9ee4fc9f1
we'll continue to replace `%2F` and no longer decode the entire URI.
Fixes #5076
2014-11-05 22:18:48 -05:00
Marek Władysz
65cb186652
Use assertNotSame() instead of assertTrue($result !== false)
2014-10-26 14:19:19 +01:00
Marek Władysz
090e85a5a4
Make CakeResponse::file() accept ranges even when download option is false.
2014-10-25 19:49:56 +02:00
mark_story
af43bc1706
Merge branch 'master' into 2.6
2014-09-25 22:39:51 -04:00
euromark
9c8ab826bf
Correct a few more misleading assert orders.
2014-09-24 14:34:24 +02:00
euromark
fce16189d5
Fix tests
2014-09-24 14:25:18 +02:00
mark_story
cf45d3fab8
Merge branch 'master' into 2.6
2014-09-22 20:46:28 -04:00
euromark
4d1a65ede2
Add intl email test.
2014-09-16 10:14:00 +02:00
mark_story
7c316bbc56
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/basics.php
2014-08-30 21:28:11 -04:00
Jeremy Harris
8f420d74fa
HttpSocket: not overwriting auth header if it is set in request configuration
2014-08-21 11:24:10 -05:00
mark_story
9c3089796f
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/Model/Model.php
2014-08-08 23:28:06 -04:00
euromark
9ef7b5713a
CS fixes.
2014-08-04 13:53:52 +02:00
ADmad
9e21d048ce
Merge branch 'master' into 2.6
...
Conflicts:
lib/Cake/VERSION.txt
2014-07-27 12:29:39 +05:30