7.3.18 (2023-12-06)
Overview of merged pull requests
Revert “BUGFIX: Sanitize uploaded svg files for suspicious contents”
As discussed in team meeting, this reverts commit a1642ef31f19a974f34a302c98c13c77b6422ba1 as it raises issues when workong with streams (https://github.com/neos/flow-development-collection/issues/3246).
Original PR: https://github.com/neos/flow-development-collection/pull/3172
See also: https://github.com/neos/flow-development-collection/issues/3248
Packages:
Flow
Utility.MediaTypes
BUGFIX: Assume content exists, if stream size is unknown
If a PSR7 stream is returned from an ActionController
action, no content arrives at the client, if the stream has an unknown size.
Why is that? Because the check in our ActionResponse
in hasContent()
is implemented like this:
$this->content->getSize() > 0
If a stream returns null
here, because the size is unknown, we should assume content exists…
There should be no change in behavior, even if the stream is in fact empty. Because that would lead to hasContent()
returning true
, and the HTTP response being built in ActionResponse
would get the stream as content. When being delivered that would evaluate to “a stream from an empty string”, so there will be (again) no difference, if you look at what the MessageTrait``does if the internal stream is ``null
:
- ```php
public function getBody(): StreamInterface {
- if (!$this->stream) {
$this->stream = Utils::streamFor(‘’);
}
return $this->stream;
}
Upgrade instructions
Review instructions
Packages:
Flow
BUGFIX: Update requirements.txt
Update requirements to build documentation based on security suggestions.
Packages:
Flow