Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

[SecurityBundle] Renamefirewalls.logout.csrf_token_generator tofirewalls.logout.csrf_token_manager#48387

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
fabpot merged 1 commit intosymfony:6.3fromMatTheCat:rename-csrf_token_generator
Dec 22, 2022

Conversation

@MatTheCat
Copy link
Contributor

@MatTheCatMatTheCat commentedNov 29, 2022
edited
Loading

QA
Branch?6.3
Bug fix?no
New feature?no
Deprecations?yes
TicketsN/A
LicenseMIT
Doc PRsymfony/symfony-docs#17482

A long time ago,#6554 replacedCsrfProviderInterface byCsrfTokenGeneratorInterface, and#9216 split the latter intoCsrfTokenManagerInterface andTokenGeneratorInterface.#9587 later introducedcsrf_token_generator, which was already wrong at the time.

Given that token generators exist, it feels weird to have to setcsrf_token_generator tosecurity.csrf.token_manager as mentioned inthe documentation.

As this confusion recently led to#48339, I propose to renamefirewalls.logout.csrf_token_generator tofirewalls.logout.csrf_token_manager.

@carsonbot
Copy link

Hey!

I think@TimoBakx has recently worked with this code. Maybe they can help review this?

Cheers!

Carsonbot

@MatTheCatMatTheCatforce-pushed therename-csrf_token_generator branch from90e4d48 to5f56da3CompareDecember 6, 2022 22:59
@fabpotfabpotforce-pushed therename-csrf_token_generator branch from5f56da3 to0a0a98aCompareDecember 22, 2022 16:59
@fabpot
Copy link
Member

Thank you@MatTheCat.

@fabpotfabpot merged commit9df40aa intosymfony:6.3Dec 22, 2022

* Implementing the`ConstraintViolationInterface` without implementing the`getConstraint()` method is deprecated
* Implementing the`ConstraintViolationInterface` without implementing the`getConstraint()` method is deprecated
* Deprecate the`security.firewalls.logout.csrf_token_generator` config option, use`security.firewalls.logout.csrf_token_manager` instead
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

this should not be in theValidator section

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

fixed in377982f

@MatTheCatMatTheCat deleted the rename-csrf_token_generator branchDecember 22, 2022 18:48
OskarStark added a commit to symfony/symfony-docs that referenced this pull requestJan 30, 2023
…csrf_token_manager` (MatTheCat)This PR was squashed before being merged into the 6.3 branch.Discussion----------[Security] Rename logout’s `csrf_token_generator` to `csrf_token_manager`Follow-up ofsymfony/symfony#48387Should I still mention the deprecated `csrf_token_generator` in the documentation? If yes, how?Commits-------ced6562 [Security] Rename logout’s `csrf_token_generator` to `csrf_token_manager`
@fabpotfabpot mentioned this pull requestMay 1, 2023
nicolas-grekas added a commit that referenced this pull requestJul 21, 2023
… to XSD (HeahDude)This PR was merged into the 6.3 branch.Discussion----------[SecurityBundle] Add `firewalls.logout.csrf_token_manager` to XSD| Q             | A| ------------- | ---| Branch?       | 6.3| Bug fix?      | yes| New feature?  | no| Deprecations? | no| Tickets       | ~| License       | MIT| Doc PR        | ~The XSD has been missed in#48387.Commits-------742e5c2 [SecurityBundle] Add `firewalls.logout.csrf_token_manager` to XSD
Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment

Reviewers

@nicolas-grekasnicolas-grekasnicolas-grekas left review comments

@stofstofstof left review comments

@fabpotfabpotfabpot approved these changes

@wouterjwouterjAwaiting requested review from wouterj

@chalasrchalasrAwaiting requested review from chalasrchalasr is a code owner

Assignees

No one assigned

Projects

None yet

Milestone

6.3

Development

Successfully merging this pull request may close these issues.

5 participants

@MatTheCat@carsonbot@fabpot@nicolas-grekas@stof
[8]ページ先頭
©2009-2025 Movatter.jp