[SecurityBundle] Added csrf_token_generator and csrf_token_id as new #9587
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
names for csrf_provider and intention options
fabpot
added a commit
that referenced
this pull request
Nov 23, 2013
…ken_id as new (shieldo) This PR was merged into the master branch. Discussion ---------- [SecurityBundle] Added csrf_token_generator and csrf_token_id as new names for csrf_provider and intention options | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | yes | Tests pass? | yes | Fixed tickets | #9176 | License | MIT | Doc PR | n/a Commits ------- f2f15f5 [SecurityBundle] Added csrf_token_generator and csrf_token_id as new names for csrf_provider and intention options
| ->always() | ||
| ->then(function ($v) { | ||
| unset($v['csrf_provider']); | ||
| unset($v['intention']); |
There was a problem hiding this comment.
I would move these 2 unset calls in the previous normalization functions
There was a problem hiding this comment.
Agree, that would be better. Have submitted PR #9598.
fabpot
added a commit
that referenced
this pull request
Nov 24, 2013
…on (shieldo) This PR was merged into the master branch. Discussion ---------- [SecurityBundle] minor simplification in main configuration As per @stof's suggestion (#9587 (comment)). | Q | A | ------------- | --- | Bug fix? | no | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | n/a | License | MIT | Doc PR | n/a Commits ------- 0d8c34b [SecurityBundle] minor simplification in main configuration
javiereguiluz
added a commit
to symfony/demo
that referenced
this pull request
Dec 10, 2015
… (ogizanagi) This PR was merged into the master branch. Discussion ---------- Use csrf_token_generator instead of deprecated csrf_provider The `csrf_provider` on a security firewall has been deprecated in favor of `csrf_token_generator` in 2.8 (symfony/symfony#9587). Commits ------- bd9ff10 Use csrf_token_generator instead of deprecated csrf_provider
weaverryan
added a commit
to symfony/symfony-docs
that referenced
this pull request
Jan 16, 2016
…lfiren, Aaron Valandra, xabbuh) This PR was merged into the 2.7 branch. Discussion ---------- csrf_token_generator and csrf_token_id documentation | Q | A | ------------- | --- | Doc fix? | no | New docs? | yes (symfony/symfony#6554, symfony/symfony#9587) | Applies to | 2.4+ | Fixed tickets | #3059, #5942 Commits ------- 304d7a5 finish csrf_token_generator and csrf_token_id docs 3ceb61c Improper markdown for versionadded. 91b5e2e Updated documentation as requested by @stof and @xabbuh 0044aa2 Updated csrf_in_login_form.rst to include csrf_token_id and csrf_token_generator
fabpot
added a commit
that referenced
this pull request
Dec 22, 2022
…enerator` to `firewalls.logout.csrf_token_manager` (MatTheCat) This PR was merged into the 6.3 branch. Discussion ---------- [SecurityBundle] Rename `firewalls.logout.csrf_token_generator` to `firewalls.logout.csrf_token_manager` | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | no | Deprecations? | yes | Tickets | N/A | License | MIT | Doc PR | symfony/symfony-docs#17482 A long time ago, #6554 replaced `CsrfProviderInterface` by `CsrfTokenGeneratorInterface`, and #9216 split the latter into `CsrfTokenManagerInterface` and `TokenGeneratorInterface`. #9587 later introduced `csrf_token_generator`, which was already wrong at the time. Given that token generators exist, it feels weird to have to set <code>csrf_token_**generator**</code> to <code>security.csrf.token_**manager**</code> as mentioned in [the documentation](https://symfony.com/doc/current/reference/configuration/security.html#csrf-token-generator). As this confusion recently led to #48339, I propose to rename `firewalls.logout.csrf_token_generator` to `firewalls.logout.csrf_token_manager`. Commits ------- 0a0a98a [SecurityBundle] Rename `firewalls.logout.csrf_token_generator` to `firewalls.logout.csrf_token_manager`
sayjun0505
added a commit
to sayjun0505/sym_proj
that referenced
this pull request
Apr 16, 2023
… (ogizanagi) This PR was merged into the master branch. Discussion ---------- Use csrf_token_generator instead of deprecated csrf_provider The `csrf_provider` on a security firewall has been deprecated in favor of `csrf_token_generator` in 2.8 (symfony/symfony#9587). Commits ------- bd9ff10 Use csrf_token_generator instead of deprecated csrf_provider
spider-yamet
added a commit
to spider-yamet/sym_proj
that referenced
this pull request
Apr 16, 2023
… (ogizanagi) This PR was merged into the master branch. Discussion ---------- Use csrf_token_generator instead of deprecated csrf_provider The `csrf_provider` on a security firewall has been deprecated in favor of `csrf_token_generator` in 2.8 (symfony/symfony#9587). Commits ------- bd9ff10 Use csrf_token_generator instead of deprecated csrf_provider
frederickboyd
added a commit
to frederickboyd/frederickboyd
that referenced
this pull request
May 25, 2025
… (ogizanagi) This PR was merged into the master branch. Discussion ---------- Use csrf_token_generator instead of deprecated csrf_provider The `csrf_provider` on a security firewall has been deprecated in favor of `csrf_token_generator` in 2.8 (symfony/symfony#9587). Commits ------- bd9ff10 Use csrf_token_generator instead of deprecated csrf_provider
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
names for csrf_provider and intention options