-
-
Notifications
You must be signed in to change notification settings - Fork 9.7k
Closed
Description
Symfony version(s) affected: 4.4-dev
Description
Because of PR #33663, responses are now marked private when they weren't before.
getToken()
is called in Symfony\Component\Security\Http\Firewall\AccessListener
if a firewall is defined. Calling this method increases the usage counter, then AbstractSessionListener
detects that the session has been used (it's not the case in 4.3) and mark the response a private (but shouldn't).
How to reproduce
This breaks the API Platform test suite. To reproduce:
git clone https://github.com/api-platform/core
cd core
jq '. + {"minimum-stability": "dev"}' composer.json | sponge composer.json
composer install
rm -Rf tests/Fixtures/app/var/cache/* && php -dmemory_limit=-1 ./vendor/bin/behat features/http_cache/headers.feature