composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-23 18:48:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8637 - Alerts from dependabot, vulnerable libraries

Browse Source 
* Update twig/twig from 3.16.0 to 3.21.1

* Update tecnickcom/tcpdf from 6.7.5 to 6.10.0

* Correct font folder case failing on linux server

* Suppress documentation generator from project in favor of the online version

* Update symfony/http-foundation from 6.4.2 to 6.4.14
Update symfony/runtime from 6.4.0 to 6.4.24
This commit is contained in:
Benjamin Dalsass
2025-09-09 16:15:21 +02:00
committed by GitHub
parent 901f8f2a7b
commit bb8a09d8e2
300 changed files with 5958 additions and 10353 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
lib/symfony/http-foundation/Request.php
View File

@@ -11,6 +11,7 @@
namespace Symfony\Component\HttpFoundation;
use Symfony\Component\HttpFoundation\Exception\BadRequestException;
use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
use Symfony\Component\HttpFoundation\Exception\JsonException;
use Symfony\Component\HttpFoundation\Exception\SessionNotFoundException;
@@ -326,6 +327,8 @@ class Request
* @param array $files The request files ($_FILES)
* @param array $server The server parameters ($_SERVER)
* @param string|resource|null $content The raw body data
*
* @throws BadRequestException When the URI is invalid
*/
public static function create(string $uri, string $method = 'GET', array $parameters = [], array $cookies = [], array $files = [], array $server = [], $content = null): static
{
@@ -348,11 +351,26 @@ class Request
$server['PATH_INFO'] = '';
$server['REQUEST_METHOD'] = strtoupper($method);
$components = parse_url($uri);
if (false === $components) {
if (false === ($components = parse_url($uri)) && '/' === ($uri[0] ?? '')) {
trigger_deprecation('symfony/http-foundation', '6.3', 'Calling "%s()" with an invalid URI is deprecated.', __METHOD__);
$components = [];
$components = parse_url($uri.'#');
unset($components['fragment']);
}
if (false === $components) {
throw new BadRequestException('Invalid URI.');
}
if (false !== ($i = strpos($uri, '\\')) && $i < strcspn($uri, '?#')) {
throw new BadRequestException('Invalid URI: A URI cannot contain a backslash.');
}
if (\strlen($uri) !== strcspn($uri, "\r\n\t")) {
throw new BadRequestException('Invalid URI: A URI cannot contain CR/LF/TAB characters.');
}
if ('' !== $uri && (\ord($uri[0]) <= 32 || \ord($uri[-1]) <= 32)) {
throw new BadRequestException('Invalid URI: A URI must not start nor end with ASCII control characters or spaces.');
}
if (isset($components['host'])) {
$server['SERVER_NAME'] = $components['host'];
$server['HTTP_HOST'] = $components['host'];
@@ -448,7 +466,7 @@ class Request
* @param array|null $files The FILES parameters
* @param array|null $server The SERVER parameters
*/
public function duplicate(array $query = null, array $request = null, array $attributes = null, array $cookies = null, array $files = null, array $server = null): static
public function duplicate(?array $query = null, ?array $request = null, ?array $attributes = null, ?array $cookies = null, ?array $files = null, ?array $server = null): static
{
$dup = clone $this;
if (null !== $query) {
@@ -1230,7 +1248,7 @@ class Request
}
if (!preg_match('/^[A-Z]++$/D', $method)) {
throw new SuspiciousOperationException(sprintf('Invalid method override "%s".', $method));
throw new SuspiciousOperationException('Invalid HTTP method override.');
}
return $this->method = $method;
@@ -1606,7 +1624,7 @@ class Request
*
* @param string[] $locales An array of ordered available locales
*/
public function getPreferredLanguage(array $locales = null): ?string
public function getPreferredLanguage(?array $locales = null): ?string
{
$preferredLanguages = $this->getLanguages();
@@ -2004,7 +2022,7 @@ class Request
* getPort(), isSecure(), getHost(), getClientIps(), getBaseUrl() etc. Thus, we try to cache the results for
* best performance.
*/
private function getTrustedValues(int $type, string $ip = null): array
private function getTrustedValues(int $type, ?string $ip = null): array
{
$cacheKey = $type."\0".((self::$trustedHeaderSet & $type) ? $this->headers->get(self::TRUSTED_HEADERS[$type]) : '');
$cacheKey .= "\0".$ip."\0".$this->headers->get(self::TRUSTED_HEADERS[self::HEADER_FORWARDED]);