Skip to content

[Security] Look at headers for switch_user username #24388

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 5, 2017
Merged

[Security] Look at headers for switch_user username #24388

merged 1 commit into from
Oct 5, 2017

Conversation

chalasr
Copy link
Member

@chalasr chalasr commented Oct 1, 2017

Q A
Branch? 3.4
Bug fix? no
New feature? yes
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets #24260
License MIT
Doc PR n/a

Allowing switch_user.parameter config node to be a header name.
It's supported by SwitchUserStatelessBundle and I think it makes sense.
Forgotten in #24260 so targets 3.4 but not a blocker.

@nicolas-grekas nicolas-grekas added this to the 3.4 milestone Oct 2, 2017
@chalasr chalasr requested a review from fabpot October 5, 2017 22:53
@fabpot
Copy link
Member

fabpot commented Oct 5, 2017

Thank you @chalasr.

@fabpot fabpot merged commit 3c80195 into symfony:3.4 Oct 5, 2017
fabpot added a commit that referenced this pull request Oct 5, 2017
@fabpot
feature #24388 [Security] Look at headers for switch_user username (c…
0c8043a 
…halasr)

This PR was merged into the 3.4 branch.

Discussion
----------

[Security] Look at headers for switch_user username

| Q             | A
| ------------- | ---
| Branch?       | 3.4
| Bug fix?      | no
| New feature?  | yes
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #24260
| License       | MIT
| Doc PR        | n/a

Allowing `switch_user.parameter` config node to be a header name.
It's supported by SwitchUserStatelessBundle and I think it makes sense.
Forgotten in #24260 so targets 3.4 but not a blocker.

Commits
-------

3c80195 [Security] Look at headers for switch user username parameter
@chalasr chalasr deleted the switch_user_header branch October 6, 2017 07:28
This was referenced Oct 18, 2017
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fabpot fabpot fabpot approved these changes

@xabbuh xabbuh xabbuh approved these changes

Assignees
No one assigned
Labels
Feature Security Status: Reviewed
Projects
None yet
Milestone
3.4
Development

Successfully merging this pull request may close these issues.
5 participants
@chalasr @fabpot @xabbuh @nicolas-grekas @carsonbot