Merge branch '2.8' into 3.0

fabpot · fabpot · commit 95ae6b3e30b7 · 2016-05-24T12:03:10.000+02:00
* 2.8:
  [Yaml] fix exception contexts
  People - person singularization
  [Yaml] properly handle unindented collections
  [Serializer] Add test for ignored attributes during denormalization
  chomp newlines only at the end of YAML documents
  Fixed server status command when port has been omitted
  Update UPGRADE FROM 2.x to 3.0
  fix removed commands wording in upgrade file
  Catch \Throwable
  Catch \Throwable
  Use levenshtein level for better Bundle matching
  [WebProfilerBundle] Fix CORS ajax security issues
  [DX][DI] Make Autowiring exceptions more future friendly
diff --git a/Resources/views/Profiler/base_js.html.twig b/Resources/views/Profiler/base_js.html.twig
@@ -82,6 +82,20 @@
 
             requestStack = [],
 
+            extractHeaders = function(xhr, stackElement) {
+                // Here we avoid to call xhr.getResponseHeader in order to
+                // prevent polluting the console with CORS security errors
+                var allHeaders = xhr.getAllResponseHeaders();
+                var ret;
+
+                if (ret = allHeaders.match(/^x-debug-token:\s+(.*)$/im)) {
+                    stackElement.profile = ret[1];
+                }
+                if (ret = allHeaders.match(/^x-debug-token-link:\s+(.*)$/im)) {
+                    stackElement.profilerUrl = ret[1];
+                }
+            },
+
             renderAjaxRequests = function() {
                 var requestCounter = document.querySelectorAll('.sf-toolbar-ajax-requests');
                 if (!requestCounter.length) {
@@ -241,8 +255,8 @@
                                 stackElement.duration = new Date() - stackElement.start;
                                 stackElement.loading = false;
                                 stackElement.error = self.status < 200 || self.status >= 400;
-                                stackElement.profile = self.getResponseHeader("X-Debug-Token");
-                                stackElement.profilerUrl = self.getResponseHeader("X-Debug-Token-Link");
+
+                                extractHeaders(self, stackElement);
 
                                 Sfjs.renderAjaxRequests();
                             }
