Merge branch '7.1' into 7.2

* 7.1:
  fix: ignore missing directory in isVendor()
  [OptionsResolver] Allow Union/Intersection Types in Resolved Closures
  Issue #58821: [DependencyInjection] Support interfaces in ContainerBuilder::getReflectionClass().
  Dynamically fix compatibility with doctrine/data-fixtures v2
  [HttpKernel] Ensure HttpCache::getTraceKey() does not throw exception
  don't call EntityManager::initializeObject() with scalar values
  make RelayProxyTrait compatible with relay extension 0.9.0
  [Validator] review italian translations
  Update PR template

Author: nicolas-grekas

HttpCache/HttpCache.php

@@ -17,6 +17,7 @@
 
 namespace Symfony\Component\HttpKernel\HttpCache;
 
+use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\HttpKernel\HttpKernelInterface;
@@ -704,7 +705,11 @@ private function getTraceKey(Request $request): string
             $path .= '?'.$qs;
         }
 
-        return $request->getMethod().' '.$path;
+        try {
+            return $request->getMethod().' '.$path;
+        } catch (SuspiciousOperationException) {
+            return '_BAD_METHOD_ '.$path;
+        }
     }
 
     /**

Tests/HttpCache/HttpCacheTest.php

@@ -108,6 +108,17 @@ public function testPassesOnNonGetHeadRequests()
         $this->assertFalse($this->response->headers->has('Age'));
     }
 
+    public function testPassesSuspiciousMethodRequests()
+    {
+        $this->setNextResponse(200);
+        $this->request('POST', '/', ['HTTP_X-HTTP-Method-Override' => '__CONSTRUCT']);
+        $this->assertHttpKernelIsCalled();
+        $this->assertResponseOk();
+        $this->assertTraceNotContains('stale');
+        $this->assertTraceNotContains('invalid');
+        $this->assertFalse($this->response->headers->has('Age'));
+    }
+
     public function testInvalidatesOnPostPutDeleteRequests()
     {
         foreach (['post', 'put', 'delete'] as $method) {