Will that make the reported breaks work again? Eg submitting a json-decoded array in a TextType?
I'm not sure we should do this for now: input data should always be strictly validated. Allowing arrays was a really nasty behavior, on the edge of a security risk maybe for some.

bugfix made in # seems to break

which PR are you talking about? 🤔

@OskarStark See#29809 for the main discussion triggered by PR#29307 .

The core form types do explicitly set this value to false if they expect the submitted data to be strings.

What'd the behaviour of thenull form type which defaults to TextType? My reading is that those "evil" forms are still broken?

@nicolas-grekas As long as you do not explicitly set theaccept_multiple_values totrue yourself array values would still be rejected (that's why we need to be explicit about this in the core form types).

But what this will allow easily again having a custom type like this:

class UnstructuredTypeextends AbstractType{}

@althaus Yes, if you are not explicitly about the type being used and theTextType is the result of the guessing process, this PR does not change anything for you.

@xabbuh if I'm interpereting it correctly I could use for unstructured data this then:

useSymfony\Component\Form\Extension\Core\Type\FormType;$builder->add('some_unstructured_data', FormType::class');

@alexander-schranz Yes, that should work (that basically is the same as this test:https://github.com/symfony/symfony/pull/29911/files#diff-de65be85a5affed1f499b79d96965419R1062). But I'd be happy if you could confirm that in your application context.

@xabbuh will test it in the application at the evening. Thank you for having a look at the issue!

@alexander-schranz makes sense, done

I'm not sure at all we should do this change.
The behavior change we introduced is a bug fix.
I'm sorry some "hacked" the component and are caught by the fix, but every bug fix does that potentially.
Does this PR provide something that cannot be achieved otherwise?
Adding a new option means added complexity for everyone, better think twice about it.

I'm sorry some "hacked" the component

I'm pretty sure that 9 out of 10 didn't do this on purpose, but either by accident or due to lacking docs back then. The Form component really can be a b**ch sometimes. It's the only one forcing us to rework code parts every now and then due to some "fix". :/

I can also see that adding a fire-and-forget option just for this small thing on all those classes could raise more headache than it solves. So I'd be glad if someone can imagine a solution working for both sides.

I'm sorry some "hacked" the component and are caught by the fix, but every bug fix does that potentially.

True that, but even big bundles like RestBundle using that "hack" and recommend it in their docs.

True that, but even big bundles like RestBundle using that "hack" and recommend it in their docs.

time to fix them!

I'm also not sure I would fix this by adding another option. I find it too confusing to have

• compound
• multiple
• accept_multiple_values (or whatever new name we pick)

In the end the fix for all affected users would be something like this here, or not?
sulu/sulu#4349

@dmaicher Basically yes, except that the type could be shortened to not have to include theconfigureOptions() method at all.

closing here as it doesn't look like the proposed change is of interest