bug #13901 [Bundle] Fix charset config (nicolas-grekas, bamarni)

This PR was merged into the 2.3 branch. Discussion ---------- [Bundle] Fix charset config | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #13715, #7617, #7532 | License | MIT | Doc PR | - This reverts #13715 and resurrects #7532, which was fine. Commits ------- ef41059 [WebProfilerBundle] Set debug+charset on the ExceptionHandler fallback cbd0525 used HTML5 meta charset tag and removed hardcoded ones 6ca7fc9 Revert "bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)"
Changed visibility of setUp() and tearDown to protected
2026-03-25 09:42:20 +01:00 · 2015-03-12 15:23:35 +01:00 · 2015-03-11 19:52:02 +01:00 · 2015-03-11 17:56:24 +01:00 · 2015-03-10 14:08:39 +01:00 · 2015-02-24 11:24:26 +01:00
5 changed files with 10 additions and 8 deletions
--- a/ExceptionHandler.php
+++ b/ExceptionHandler.php
@@ -92,6 +92,7 @@ class ExceptionHandler
            foreach ($exception->getHeaders() as $name => $value) {
                header($name.': '.$value, false);
            }
+            header('Content-Type: text/html; charset='.$this->charset);
        }

        echo $this->decorate($this->getContent($exception), $this->getStylesheet($exception));
@@ -110,7 +111,7 @@ class ExceptionHandler
            $exception = FlattenException::create($exception);
        }

-        return new Response($this->decorate($this->getContent($exception), $this->getStylesheet($exception)), $exception->getStatusCode(), $exception->getHeaders());
+        return Response::create($this->decorate($this->getContent($exception), $this->getStylesheet($exception)), $exception->getStatusCode(), $exception->getHeaders())->setCharset($this->charset);
    }

    /**
@@ -131,6 +132,7 @@ class ExceptionHandler
        }

        $content = '';
+        $flags = PHP_VERSION_ID >= 50400 ? ENT_QUOTES | ENT_SUBSTITUTE : ENT_QUOTES;
        if ($this->debug) {
            try {
                $count = count($exception->getAllPrevious());
@@ -138,7 +140,7 @@ class ExceptionHandler
                foreach ($exception->toArray() as $position => $e) {
                    $ind = $count - $position + 1;
                    $class = $this->abbrClass($e['class']);
-                    $message = nl2br($e['message']);
+                    $message = nl2br(htmlspecialchars($e['message'], $flags, $this->charset));
                    $content .= sprintf(<<<EOF
                        <div class="block_exception clear_fix">
                            <h2><span>%d/%d</span> %s: %s</h2>
@@ -169,7 +171,7 @@ EOF
            } catch (\Exception $e) {
                // something nasty happened and we cannot throw an exception anymore
                if ($this->debug) {
-                    $title = sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), $e->getMessage());
+                    $title = sprintf('Exception thrown when handling an exception (%s: %s)', get_class($e), htmlspecialchars($e->getMessage(), $flags, $this->charset));
                } else {
                    $title = 'Whoops, looks like something went wrong.';
                }
--- a/README.md
+++ b/README.md
@@ -40,5 +40,5 @@ Resources
 You can run the unit tests with the following command:

    $ cd path/to/Symfony/Component/Debug/
-    $ composer.phar install --dev
+    $ composer install
    $ phpunit
--- a/Tests/ErrorHandlerTest.php
+++ b/Tests/ErrorHandlerTest.php
@@ -26,13 +26,13 @@ class ErrorHandlerTest extends \PHPUnit_Framework_TestCase
     */
    protected $errorReporting;

-    public function setUp()
+    protected function setUp()
    {
        $this->errorReporting = error_reporting(E_ALL | E_STRICT);
        $this->iniSet('display_errors', '1');
    }

-    public function tearDown()
+    protected function tearDown()
    {
        error_reporting($this->errorReporting);
    }
--- a/composer.json
+++ b/composer.json
@@ -22,6 +22,7 @@
        "symfony/http-kernel": ">=2.3,<2.3.24|~2.4.0|>=2.5,<2.5.9|>=2.6,<2.6.2"
    },
    "require-dev": {
+        "symfony/phpunit-bridge": "~2.7",
        "symfony/http-kernel": "~2.3.24|~2.5.9|~2.6,>=2.6.2",
        "symfony/http-foundation": "~2.1"
    },
--- a/phpunit.xml.dist
+++ b/phpunit.xml.dist
@@ -7,8 +7,7 @@
         bootstrap="vendor/autoload.php"
 >
    <php>
-        <!-- Silence E_USER_DEPRECATED (-16385 == -1 & ~E_USER_DEPRECATED) -->
-        <ini name="error_reporting" value="-16385"/>
+        <ini name="error_reporting" value="-1" />
    </php>
    <testsuites>
        <testsuite name="Symfony Debug Component Test Suite">
Author	SHA1	Message	Date
Fabien Potencier	3e889e0489	bug #13901 [Bundle] Fix charset config (nicolas-grekas, bamarni) This PR was merged into the 2.3 branch. Discussion ---------- [Bundle] Fix charset config \| Q \| A \| ------------- \| --- \| Bug fix? \| yes \| New feature? \| no \| BC breaks? \| no \| Deprecations? \| no \| Tests pass? \| yes \| Fixed tickets \| #13715, #7617, #7532 \| License \| MIT \| Doc PR \| - This reverts #13715 and resurrects #7532, which was fine. Commits ------- ef41059 [WebProfilerBundle] Set debug+charset on the ExceptionHandler fallback cbd0525 used HTML5 meta charset tag and removed hardcoded ones 6ca7fc9 Revert "bug #13715 Enforce UTF-8 charset for core controllers (WouterJ)"	2015-03-12 15:23:35 +01:00
sarah khalil	dfb9bf2e04	Changed visibility of setUp() and tearDown to protected	2015-03-11 19:52:02 +01:00
Nicolas Grekas	29a6fd38f3	[WebProfilerBundle] Set debug+charset on the ExceptionHandler fallback	2015-03-11 17:56:24 +01:00
Fabien Potencier	712c58246b	fixed XSS in the exception handler	2015-03-10 14:08:39 +01:00
Nicolas Grekas	4ba2bda995	[2.3] require-dev PHPUnit bridge	2015-02-24 11:24:26 +01:00
Fabien Potencier	24170a0eb7	renamed composer.phar to composer to be consistent with the Symfony docs	2015-02-08 08:41:14 +01:00
Fabien Potencier	b7c4104ea0	removed composer --dev option everywhere	2015-02-08 08:33:54 +01:00