Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork9.7k
[HttpKernel] Preserve security exceptions#27515
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
stof commentedJun 6, 2018 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
should we actually ignore these ? These exceptions are handled by the exception listener registered by the firewall, so they should not reach the logging listener later. This looks like a priority issue instead. |
| ->addTag('security.voter'); | ||
| } | ||
| publicfunctionprocess(ContainerBuilder$container) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
I would rather put this compiler pass in a dedicated class.
We have lots of different passes in each of our bundles, and this logic is not more related to the DI extension than other passes (rather less)
| $request =$event->getRequest(); | ||
| do { | ||
| foreach ($this->silentIgnoreas$class) { | ||
| if (is_a($exception,$class)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
use$exception instanceof $class
| return; | ||
| } | ||
| } | ||
| }while (null !==$exception =$exception->getPrevious()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
use a different variable name for this loop, to avoid overriding the one containing the main exception
nicolas-grekas commentedJun 6, 2018
Just wondering: did#27516 change anything here? |
ro0NL commentedJun 6, 2018 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
@nicolas-grekas yes :) @stof i'm hesitating between this approach and raising the security exception listener from 0 to 2048+1, edit: then again.. exceptions are edge-case-ish anyway.. so perhaps we can get away with it, along with a clear changelog entry. I do prefer the priority solution.. sure |
nicolas-grekas commentedJun 7, 2018
Shouldn't we revert#25366 instead? This breaks a behavior that was accepted. Maybe only keep the early collection, but when a listener takes over handling, I see no reason to not let it decide what to do with the exception, don't you think? Especially given the comments on#27440. |
ro0NL commentedJun 8, 2018
status: needs work |
ro0NL commentedJun 9, 2018
closing in favor of#27562 |
Uh oh!
There was an error while loading.Please reload this page.
This PR introduces an approach that allows for skipping certain (origin) exception classes from being logged. In this case the security related ones.