Merge branch 'develop' of github.com:magento/magento2ce into bugfix

.htaccess

@@ -206,7 +206,7 @@
 
 ###########################################
 ## Deny access to root files to hide sensitive application information
-    RedirectMatch 404 /\.git
+    RedirectMatch 403 /\.git
 
     <Files composer.json>
         order allow,deny
@@ -277,10 +277,14 @@
         deny from all
     </Files>
     <Files magento_umask>
-            order allow,deny
-            deny from all
+        order allow,deny
+        deny from all
     </Files>
 
+# For 404s and 403s that aren't handled by the application, show plain 404 response
+ErrorDocument 404 /pub/errors/404.php
+ErrorDocument 403 /pub/errors/404.php
+
 ################################
 ## If running in cluster environment, uncomment this
 ## http://developer.yahoo.com/performance/rules.html#etags

.htaccess.sample

@@ -1,11 +1,12 @@
 ############################################
-## Optional override of deployment mode. We recommend you use the
-## command bin/magento deploy:mode:set to switch modes instead
-#   SetEnv MAGE_MODE default # or production or developer
+## overrides deployment configuration mode value
+## use command bin/magento deploy:mode:set to switch modes
+
+#   SetEnv MAGE_MODE developer
 
 ############################################
-## Uncomment these lines for CGI mode.
-## Make sure to specify the correct cgi php binary file name
+## uncomment these lines for CGI mode
+## make sure to specify the correct cgi php binary file name
 ## it might be /cgi-bin/php-cgi
 
 #    Action php5-cgi /cgi-bin/php5-cgi
@@ -16,42 +17,42 @@
 
 #   Options -MultiViews
 
-## You might also need to add this line to php.ini
+## you might also need to add this line to php.ini
 ##     cgi.fix_pathinfo = 1
-## If it still doesn't work, rename php.ini to php5.ini
+## if it still doesn't work, rename php.ini to php5.ini
 
 ############################################
-## This line is specific for 1and1 hosting
+## this line is specific for 1and1 hosting
 
     #AddType x-mapp-php5 .php
     #AddHandler x-mapp-php5 .php
 
 ############################################
-## Default index file
+## default index file
 
     DirectoryIndex index.php
 
 <IfModule mod_php5.c>
 
 ############################################
-## Adjust memory limit
+## adjust memory limit
 
     php_value memory_limit 768M
     php_value max_execution_time 18000
 
 ############################################
-## Disable automatic session start
+## disable automatic session start
 ## before autoload was initialized
 
     php_flag session.auto_start off
 
 ############################################
-## Enable resulting html compression
+## enable resulting html compression
 
     #php_flag zlib.output_compression on
 
 ###########################################
-## Disable user agent verification to not break multiple image upload
+## disable user agent verification to not break multiple image upload
 
     php_flag suhosin.session.cryptua off
 
@@ -60,32 +61,32 @@
 <IfModule mod_php7.c>
 
 ############################################
-## Adjust memory limit
+## adjust memory limit
 
     php_value memory_limit 768M
     php_value max_execution_time 18000
 
 ############################################
-## Disable automatic session start
+## disable automatic session start
 ## before autoload was initialized
 
     php_flag session.auto_start off
 
 ############################################
-## Enable resulting html compression
+## enable resulting html compression
 
     #php_flag zlib.output_compression on
 
 ###########################################
-## Disable user agent verification to not break multiple image upload
+## disable user agent verification to not break multiple image upload
 
     php_flag suhosin.session.cryptua off
 
 </IfModule>
 
 <IfModule mod_security.c>
 ###########################################
-## Disable POST processing to not break multiple image upload
+## disable POST processing to not break multiple image upload
 
     SecFilterEngine Off
     SecFilterScanPOST Off
@@ -94,7 +95,7 @@
 <IfModule mod_deflate.c>
 
 ############################################
-## Enable apache served files compression
+## enable apache served files compression
 ## http://developer.yahoo.com/performance/rules.html#gzip
 
     # Insert filter on all content
@@ -122,14 +123,14 @@
 <IfModule mod_ssl.c>
 
 ############################################
-## Make HTTPS env vars available for CGI mode
+## make HTTPS env vars available for CGI mode
 
     SSLOptions StdEnvVars
 
 </IfModule>
 
 ############################################
-## Workaround for Apache 2.4.6 CentOS build when working via ProxyPassMatch with HHVM (or any other)
+## workaround for Apache 2.4.6 CentOS build when working via ProxyPassMatch with HHVM (or any other)
 ## Please, set it on virtual host configuration level
 
 ##    SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
@@ -138,19 +139,19 @@
 <IfModule mod_rewrite.c>
 
 ############################################
-## Enable rewrites
+## enable rewrites
 
     Options +FollowSymLinks
     RewriteEngine on
 
 ############################################
-## You can put here your magento root folder
+## you can put here your magento root folder
 ## path relative to web root
 
     #RewriteBase /magento/
 
 ############################################
-## Workaround for HTTP authorization
+## workaround for HTTP authorization
 ## in CGI environment
 
     RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
@@ -162,21 +163,21 @@
     RewriteRule .* - [L,R=405]
 
 ############################################
-## Redirect for mobile user agents
+## redirect for mobile user agents
 
     #RewriteCond %{REQUEST_URI} !^/mobiledirectoryhere/.*$
     #RewriteCond %{HTTP_USER_AGENT} "android|blackberry|ipad|iphone|ipod|iemobile|opera mobile|palmos|webos|googlebot-mobile" [NC]
     #RewriteRule ^(.*)$ /mobiledirectoryhere/ [L,R=302]
 
 ############################################
-## Never rewrite for existing files, directories and links
+## never rewrite for existing files, directories and links
 
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteCond %{REQUEST_FILENAME} !-d
     RewriteCond %{REQUEST_FILENAME} !-l
 
 ############################################
-## Rewrite everything else to index.php
+## rewrite everything else to index.php
 
     RewriteRule .* index.php [L]
 
@@ -205,7 +206,7 @@
 
 ###########################################
 ## Deny access to root files to hide sensitive application information
-    RedirectMatch 404 /\.git
+    RedirectMatch 403 /\.git
 
     <Files composer.json>
         order allow,deny
@@ -280,6 +281,10 @@
         deny from all
     </Files>
 
+# For 404s and 403s that aren't handled by the application, show plain 404 response
+ErrorDocument 404 /pub/errors/404.php
+ErrorDocument 403 /pub/errors/404.php
+
 ################################
 ## If running in cluster environment, uncomment this
 ## http://developer.yahoo.com/performance/rules.html#etags

app/code/Magento/AdminNotification/composer.json

@@ -10,7 +10,7 @@
         "lib-libxml": "*"
     },
     "type": "magento2-module",
-    "version": "100.1.0-rc1",
+    "version": "100.1.0-rc2",
     "license": [
         "OSL-3.0",
         "AFL-3.0"

app/code/Magento/AdvancedPricingImportExport/composer.json

@@ -13,7 +13,7 @@
         "magento/framework": "100.1.*"
     },
     "type": "magento2-module",
-    "version": "100.1.0-rc1",
+    "version": "100.1.0-rc2",
     "license": [
         "OSL-3.0",
         "AFL-3.0"

app/code/Magento/Authorization/composer.json

@@ -7,7 +7,7 @@
         "magento/framework": "100.1.*"
     },
     "type": "magento2-module",
-    "version": "100.1.0-rc1",
+    "version": "100.1.0-rc2",
     "license": [
         "OSL-3.0",
         "AFL-3.0"

app/code/Magento/Authorizenet/composer.json

@@ -13,7 +13,7 @@
         "magento/framework": "100.1.*"
     },
     "type": "magento2-module",
-    "version": "100.1.0-rc1",
+    "version": "100.1.0-rc2",
     "license": [
         "proprietary"
     ],

app/code/Magento/Backend/Model/Session/Quote.php

@@ -155,8 +155,9 @@ public function getQuote()
             if ($this->getStoreId()) {
                 if (!$this->getQuoteId()) {
                     $this->_quote->setCustomerGroupId($this->groupManagement->getDefaultGroup()->getId());
+                    $this->_quote->setIsActive(false);
                     $this->_quote->setStoreId($this->getStoreId());
-
+                    
                     $this->quoteRepository->save($this->_quote);
                     $this->setQuoteId($this->_quote->getId());
                     $this->_quote = $this->quoteRepository->get($this->getQuoteId(), [$this->getStoreId()]);

app/code/Magento/Backend/Test/Unit/Model/Session/QuoteTest.php

@@ -343,6 +343,7 @@ public function testGetQuoteWithoutQuoteId()
             '',
             false
         );
+
         $this->quoteRepositoryMock->expects($this->once())->method('get')->willReturn($quoteMock);
         $cartInterfaceMock->expects($this->once())
             ->method('setCustomerGroupId')
@@ -357,7 +358,6 @@ public function testGetQuoteWithoutQuoteId()
         $quoteMock->expects($this->once())
             ->method('setIsSuperMode')
             ->with(true);
-
         $this->assertEquals($quoteMock, $this->quote->getQuote());
     }
 

app/code/Magento/Backend/composer.json

@@ -22,7 +22,7 @@
         "magento/framework": "100.1.*"
     },
     "type": "magento2-module",
-    "version": "100.1.0-rc1",
+    "version": "100.1.0-rc2",
     "license": [
         "OSL-3.0",
         "AFL-3.0"

app/code/Magento/Backend/view/adminhtml/templates/page/js/calendar.phtml

@@ -51,6 +51,7 @@ require([
             showHour: false,
             showMinute: false,
             serverTimezoneSeconds: <?php echo (int) $block->getStoreTimestamp(); ?>,
+            serverTimezoneOffset: <?php echo (int) $block->getTimezoneOffsetSeconds(); ?>,
             yearRange: '<?php /* @escapeNotVerified */ echo $block->getYearRange() ?>'
         }
     });

app/code/Magento/Backup/composer.json

@@ -9,7 +9,7 @@
         "magento/framework": "100.1.*"
     },
     "type": "magento2-module",
-    "version": "100.1.0-rc1",
+    "version": "100.1.0-rc2",
     "license": [
         "OSL-3.0",
         "AFL-3.0"

app/code/Magento/Braintree/Controller/Paypal/Review.php

@@ -10,6 +10,7 @@
 use Magento\Framework\Controller\ResultFactory;
 use Magento\Braintree\Gateway\Config\PayPal\Config;
 use Magento\Braintree\Model\Paypal\Helper\QuoteUpdater;
+use Magento\Framework\Exception\LocalizedException;
 
 /**
  * Class Review
@@ -21,6 +22,11 @@ class Review extends AbstractAction
      */
     private $quoteUpdater;
 
+    /**
+     * @var string
+     */
+    private static $paymentMethodNonce = 'payment_method_nonce';
+
     /**
      * Constructor
      *
@@ -52,13 +58,16 @@ public function execute()
 
         try {
             $this->validateQuote($quote);
-            $this->validateRequestData($requestData);
 
-            $this->quoteUpdater->execute(
-                $requestData['nonce'],
-                $requestData['details'],
-                $quote
-            );
+            if ($this->validateRequestData($requestData)) {
+                $this->quoteUpdater->execute(
+                    $requestData['nonce'],
+                    $requestData['details'],
+                    $quote
+                );
+            } elseif (!$quote->getPayment()->getAdditionalInformation(self::$paymentMethodNonce)) {
+                throw new LocalizedException(__('We can\'t initialize checkout.'));
+            }
 
             /** @var \Magento\Framework\View\Result\Page $resultPage */
             $resultPage = $this->resultFactory->create(ResultFactory::TYPE_PAGE);
@@ -82,13 +91,10 @@ public function execute()
 
     /**
      * @param array $requestData
-     * @return void
-     * @throws \InvalidArgumentException
+     * @return boolean
      */
     private function validateRequestData(array $requestData)
     {
-        if (empty($requestData['nonce']) || empty($requestData['details'])) {
-            throw new \InvalidArgumentException('Data of request cannot be empty.');
-        }
+        return !empty($requestData['nonce']) && !empty($requestData['details']);
     }
 }