Travis fail seems to be only linked to HHVM. Didn't touch impacted part.

yeah, HHVM is currently broken on Travis. It does not allow parsing XML files using an XSD

OK, code has been updated and I added a test for new HttpCache class.
Now I need to have a look at the failure with Symfony 2.3 and write some documentation.

Tests with Symfony 2.3 fixed, documentation updated, PR rebased.
Ready for review ! 😄

Ping @dbu @ddeboer @stof @andrerom

+1

Just meta comment to add from my side; @dbu as this and also some earlier code is based on code from eZ Publish, would it be ok to add eZ Systems AS to Resources/meta/LICENSE ? (maybe I'm wrong, but seems to be the convention with both liip and driebit mentioned atm)

@andrerom The license mentions them because they are the original authors of the bundle (FOSHttpCache has been created by merging 2 bundles together). We don't update the license holder each time a new contributor appears.
the place where it could appear is with an @author annotation on the class being contributed (alongside @lolautruche's name)

this looks good to me, but I will wait for @dbu to review as well

Ok, clear.

thanks a lot! very cool, and seems sane to me. i commented on a bunch of details. i really want to be paranoid and in doubt trade default performance for default security in case people misconfigured things.

for the doc:

i think we should have the HttpCache specific doc in its own chapter - i hope the kernel will provide at least purge/refresh at some point, even if ban is not very realistic. lets add a new file to the Features section named "Symfony2 HttpCache" that explains that instead of varnish or nginx you can also use this kernel. the doc would explain to extend our kernel and for the rest of the topic link to the relevant symfony core doc.

then we should

• add a link to that page in prerequisites on top at http://foshttpcachebundle.readthedocs.org/en/latest/features/user-context.html
• add a ..note:: that when you use the HttpCache and change any of the values you need to look at that HttpCache doc (link)

@lolautruche lolautruche Can you fix the last few CS issues?

Otherwise, I think we can merge this.

@lolautruche can you please add a line to the CHANGELOG.md file? i would say add a title 1.1.x-dev and then something like * **2014-10-29** Adding support for the user context lookup with the Symfony built-in reverse proxy HttpCache

CS fixed and last request from @dbu taken into account (cookie string for user hash request).

One request from me: Once merged, would it be possible to tag 1.1.0? We're indeed about to tag eZ 5.4 beta and we'd need to rely on a stable tag if possible :-). Thanks

One thing I’m noticing now: @lolautruche, you created protected methods in HttpCache, while we generally prefer private ones in order to improve backwards compatibility. Do you have a reason for using protected here?

@ddeboer in one word: extensibility 😉
This class is abstract and will be extended and might need to be tweaked for some reason.

@ddeboer However, isInternalRequest() and getUserHash() might better be private...

I think so, yes. But perhaps the other methods (except handle()), too. Having private methods will allow us to change implementation details without breaking BC. While I agree that the class might need to be tweaked, users of the bundle can always open issues or PRs if they need some extra functionality.

@dbu What do you think?

Changed. But I kept cleanupForwardRequest() protected though.

Thanks for merging !
But you didn't leave me time to make some private methods to protected :-)

I guess I'll open a new PR

i don't want to block you any longer, so i merged and tagged 1.1.0 !

i created #155 to track the question of basic auth.

Thank you so much @dbu @ddeboer 😃

Thank you, @lolautruche!