Security update for Core, with self-updated composer

[yaffs-website] / vendor / symfony / routing / Matcher / UrlMatcher.php

diff --git a/vendor/symfony/routing/Matcher/UrlMatcher.php b/vendor/symfony/routing/Matcher/UrlMatcher.php
index 9786a9b42cc609918ec0bd50e8eecab6a250853d..c646723b3ab08efeb668c9b73a0e4cab4cbc0d5b 100644 (file)
--- a/vendor/symfony/routing/Matcher/UrlMatcher.php
+++ b/vendor/symfony/routing/Matcher/UrlMatcher.php
@@ -207,7 +207,7 @@ class UrlMatcher implements UrlMatcherInterface, RequestMatcherInterface
     protected function handleRouteRequirements($pathinfo, $name, Route $route)
     {
         // expression condition
-        if ($route->getCondition() && !$this->getExpressionLanguage()->evaluate($route->getCondition(), array('context' => $this->context, 'request' => $this->request))) {
+        if ($route->getCondition() && !$this->getExpressionLanguage()->evaluate($route->getCondition(), array('context' => $this->context, 'request' => $this->request ?: $this->createRequest($pathinfo)))) {
             return array(self::REQUIREMENT_MISMATCH, null);
         }
 
@@ -248,4 +248,19 @@ class UrlMatcher implements UrlMatcherInterface, RequestMatcherInterface
 
         return $this->expressionLanguage;
     }
+
+    /**
+     * @internal
+     */
+    protected function createRequest($pathinfo)
+    {
+        if (!class_exists('Symfony\Component\HttpFoundation\Request')) {
+            return null;
+        }
+
+        return Request::create($this->context->getScheme().'://'.$this->context->getHost().$this->context->getBaseUrl().$pathinfo, $this->context->getMethod(), $this->context->getParameters(), array(), array(), array(
+            'SCRIPT_FILENAME' => $this->context->getBaseUrl(),
+            'SCRIPT_NAME' => $this->context->getBaseUrl(),
+        ));
+    }
 }