matchPort()
in RequestMatcherX_ORIGINAL_URL
and X_REWRITE_URL
HTTP headers has been dropped for security reasons.parse_str()
instead of custom parsing logic.UploadedFile
class is deprecated.getClientSize()
method of the UploadedFile
class is deprecated. Use getSize()
instead.RedisSessionHandler
to use Redis as a session storageget()
method of the AcceptHeader
class now takes into account the
*
and */*
default values (if they are present in the Accept HTTP header)
when looking for items.Request::getSession()
when no session has been set. Use Request::hasSession()
instead.CannotWriteFileException
, ExtensionFileException
, FormSizeFileException
,
IniSizeFileException
, NoFileException
, NoTmpDirFileException
, PartialFileException
to
handle failed UploadedFile
.MigratingSessionHandler
for migrating between two session handlers without losing sessionsHeaderUtils
.Request::setTrustedHeaderName()
and Request::getTrustedHeaderName()
methods have been removedRequest::HEADER_CLIENT_IP
constant has been removed, use
Request::HEADER_X_FORWARDED_FOR
insteadRequest::HEADER_CLIENT_HOST
constant has been removed, use
Request::HEADER_X_FORWARDED_HOST
insteadRequest::HEADER_CLIENT_PROTO
constant has been removed, use
Request::HEADER_X_FORWARDED_PROTO
insteadRequest::HEADER_CLIENT_PORT
constant has been removed, use
Request::HEADER_X_FORWARDED_PORT
insteadRequest::isMethodSafe()
method (by not passing false
as its argument) is not supported anymore and
throws a \BadMethodCallException
WriteCheckSessionHandler
, NativeSessionHandler
and NativeProxy
classes have been removed\SessionHandlerInterface
in
NativeSessionStorage::setSaveHandler()
is not supported anymore and throws a
\TypeError
SessionUpdateTimestampHandlerInterface
with a new
AbstractSessionHandler
base class and a new StrictSessionHandler
wrapperWriteCheckSessionHandler
, NativeSessionHandler
and NativeProxy
classes\SessionHandlerInterface
in NativeSessionStorage::setSaveHandler()
MongoDbSessionHandler
with the legacy mongo extension; use it with the mongodb/mongodb package and ext-mongodb insteadMemcacheSessionHandler
; use MemcachedSessionHandler
insteadRequest::setTrustedProxies()
method takes a new $trustedHeaderSet
argument,
see http://symfony.com/doc/current/components/http_foundation/trusting_proxies.html for more info,Request::setTrustedHeaderName()
and Request::getTrustedHeaderName()
methods,File\Stream
, to be passed to BinaryFileResponse
when the size of the served file is unknown,
disabling Range
and Content-Length
handling, switching to chunked encoding insteadCookie::fromString()
method that allows to create a cookie from a
raw header stringJsonResponse
with a string of JSON dataRequest::get()
changed from "GET, PATH, BODY" to "PATH, GET, BODY"ParameterBag::get()
is deprecated since version 2.8 and
will be removed in 3.0.JsonResponse::setEncodingOptions()
& JsonResponse::getEncodingOptions()
for easier manipulation
of the options used while encoding data to JSON format.UploadedFile::isValid
now returns false if the file was not uploaded via HTTP (in a non-test mode)\Symfony\Component\HttpFoundation\Session\Storage\Handler\PdoSessionHandler
to ensure the supplied PDO handler throws Exceptions on error (as the class expects). Added related test cases
to verify that Exceptions are properly thrown when the PDO queries fail.Symfony\Component\HttpFoundation\Session
and renamed classes accordingly.
Session handlers are located in the subnamespace Symfony\Component\HttpFoundation\Session\Handler
.\SessionHandlerInterface
or extend from the
Symfony\Component\HttpFoundation\Storage\Handler\NativeSessionHandler
base class.\SessionHandler
class.NativeSessionStorage
and replaced with NativeFileSessionHandler
.SessionStorageInterface
methods removed: write()
, read()
and
remove()
. Added getBag()
, registerBag()
. The NativeSessionStorage
class
is a mediator for the session storage internals including the session handlers
which do the real work of participating in the internal PHP session workflow.SessionStorage
to enable unit
and functional testing without starting real PHP sessions. Removed
ArraySessionStorage
, and replaced with MockArraySessionStorage
for unit
tests; removed FilesystemSessionStorage
, and replaced withMockFileSessionStorage
for functional tests. These do not interact with global session ini
configuration values, session functions or $_SESSION
superglobal. This means
they can be configured directly allowing multiple instances to work without
conflicting in the same PHP process.close()
method from the Session
class, as this is
now redundant.setFlash()
, setFlashes()
getFlash()
, hasFlash()
, and removeFlash()
. Use getFlashBag()
instead
which returns a FlashBagInterface
.Session->clear()
now only clears session attributes as before it cleared
flash messages and attributes. Session->getFlashBag()->all()
clears flashes now.SessionBagInterface
to better encapsulate
session data.SessionBagInterface
implementations.FlashBag
. Flashes expire when retrieved by get()
or all()
. This
implementation is ESI compatible.AutoExpireFlashBag
(default) to replicate Symfony 2.0.x auto expire
behaviour of messages auto expiring after one page page load. Messages must
be retrieved by get()
or all()
.Symfony\Component\HttpFoundation\Attribute\AttributeBag
to replicate
attributes storage behaviour from 2.0.x (default).Symfony\Component\HttpFoundation\Attribute\NamespacedAttributeBag
for
namespace session attributes.Session
class API remains without BC break as it
will allow single messages as before.getPathInfo()
, getBaseUrl()
and getBasePath()
of
a Request
now all return a raw value (vs a urldecoded value before). Any call
to one of these methods must be checked and wrapped in a rawurldecode()
if
needed.