Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork9.7k
[Security] Fix AuthenticationTrustResolver::isAnonymous()#42732
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
nicolas-grekas left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Nice thanks
| } | ||
| return$token && !$this->isAuthenticated($token); | ||
| if ($tokeninstanceof AnonymousToken ||$tokeninstanceof NullToken || ($token &&null ===$token->getUser())) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
return $token instanceof AnonymousToken || $token instanceof NullToken || ($token && !$token->getUser());
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
patch updated, thanks
nicolas-grekas commentedAug 25, 2021
Thank you@chalasr. |
This method wasn't checking if a token is null nor
$token->isAuthenticated()until#42650.Reverting that behavior change fixes tests on both 5.3 and 5.4