Merge branch '5.3' into 5.4

* 5.3:
  [Security] Do not overwrite already stored tokens for REMOTE_USER authentication
  [Validator] Fix validation for single level domains
  Fix redundant type casts
  Increased the reserved memory from 10k to 32k
  [DoctrineBridge] Add DbalLoggerTest to group legacy
  Leverage DBAL's getNativeConnection() method
  Fix idempotency of LocoProvider write method

Author: nicolas-grekas

Constraints/UrlValidator.php

@@ -25,7 +25,13 @@ class UrlValidator extends ConstraintValidator
             (%s)://                                 # protocol
             (((?:[\_\.\pL\pN-]|%%[0-9A-Fa-f]{2})+:)?((?:[\_\.\pL\pN-]|%%[0-9A-Fa-f]{2})+)@)?  # basic auth
             (
-                ([\pL\pN\pS\-\_]+\.)*(([\pL\pN]|xn\-\-[\pL\pN-]+)+\.?) # a domain name
+                (?:
+                    (?:xn--[a-z0-9-]++\.)*+xn--[a-z0-9-]++            # a domain name using punycode
+                        |
+                    (?:[\pL\pN\pS\pM\-\_]++\.)+[\pL\pN\pM]++          # a multi-level domain name
+                        |
+                    [a-z0-9\-\_]++                                    # a single-level domain name
+                )\.?
                     |                                                 # or
                 \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}                    # an IP address
                     |                                                 # or

Mapping/Loader/AbstractLoader.php

@@ -67,7 +67,7 @@ protected function addNamespaceAlias(string $alias, string $namespace)
     protected function newConstraint(string $name, $options = null)
     {
         if (str_contains($name, '\\') && class_exists($name)) {
-            $className = (string) $name;
+            $className = $name;
         } elseif (str_contains($name, ':')) {
             [$prefix, $className] = explode(':', $name, 2);
 

Tests/Constraints/UrlValidatorTest.php

@@ -123,6 +123,10 @@ public function getValidUrls()
             ['http://very.long.domain.name.com/'],
             ['http://localhost/'],
             ['http://myhost123/'],
+            ['http://internal-api'],
+            ['http://internal-api.'],
+            ['http://internal-api/'],
+            ['http://internal-api/path'],
             ['http://127.0.0.1/'],
             ['http://127.0.0.1:80/'],
             ['http://[::1]/'],
@@ -169,6 +173,7 @@ public function getValidUrls()
             ['http://symfony.com/#fragment'],
             ['http://symfony.com/#one_more%20test'],
             ['http://example.com/exploit.html?hello[0]=test'],
+            ['http://বিডিআইএ.বাংলা'],
         ];
     }
 
@@ -254,7 +259,14 @@ public function getInvalidUrls()
             ['http://127.0.0.1:aa/'],
             ['ftp://[::1]/'],
             ['http://[::1'],
+            ['http://☎'],
+            ['http://☎.'],
+            ['http://☎/'],
+            ['http://☎/path'],
+            ['http://hello.☎'],
+            ['http://hello.☎.'],
             ['http://hello.☎/'],
+            ['http://hello.☎/path'],
             ['http://:[email protected]'],
             ['http://:password@@symfony.com'],
             ['http://username:passwordsymfony.com'],
@@ -271,6 +283,9 @@ public function getInvalidUrls()
             ['http://.m.example.com'],
             ['http://wwww.example..com'],
             ['http://.www.example.com'],
+            ['http://example.co-'],
+            ['http://example.co-/path'],
+            ['http:///path'],
         ];
     }