Support session cookie options with cookie_ prefix
This commit is contained in:
parent
e0fba80057
commit
6e2a7dabb6
|
@ -42,6 +42,8 @@ To get the diff between two versions, go to https://github.com/symfony/symfony/c
|
||||||
* added support for placeholders in route defaults and requirements (replaced by the value set in the service container)
|
* added support for placeholders in route defaults and requirements (replaced by the value set in the service container)
|
||||||
* added Filesystem component as a dependency
|
* added Filesystem component as a dependency
|
||||||
* added support for hinclude (use ``standalone: 'js'`` in render tag)
|
* added support for hinclude (use ``standalone: 'js'`` in render tag)
|
||||||
|
* session options: lifetime, path, domain, secure, httponly were deprecated.
|
||||||
|
Prefixed versions should now be used instead: cookie_lifetime, cookie_path, cookie_domain, cookie_secure, cookie_httponly
|
||||||
* [BC BREAK] following session options: 'lifetime', 'path', 'domain', 'secure', 'httponly'
|
* [BC BREAK] following session options: 'lifetime', 'path', 'domain', 'secure', 'httponly'
|
||||||
are now prefixed with cookie_ when dumped to the container
|
are now prefixed with cookie_ when dumped to the container
|
||||||
|
|
||||||
|
@ -244,7 +246,7 @@ To get the diff between two versions, go to https://github.com/symfony/symfony/c
|
||||||
* Added `Symfony\Component\HttpFoundation\Session\Storage\AbstractSessionStorage` base class for
|
* Added `Symfony\Component\HttpFoundation\Session\Storage\AbstractSessionStorage` base class for
|
||||||
session storage drivers.
|
session storage drivers.
|
||||||
* Added `SessionHandlerInterface` interface which storage drivers should implement after inheriting from
|
* Added `SessionHandlerInterface` interface which storage drivers should implement after inheriting from
|
||||||
`Symfony\Component\HttpFoundation\Session\Storage\AbstractSessionStorage` when writing custom
|
`Symfony\Component\HttpFoundation\Session\Storage\AbstractSessionStorage` when writing custom
|
||||||
session save handlers using PHP 5.3. This interface is a stub for the PHP 5.4 interface.
|
session save handlers using PHP 5.3. This interface is a stub for the PHP 5.4 interface.
|
||||||
* [BC BREAK] `SessionStorageInterface` methods removed: `write()`, `read()` and `remove()`. Added
|
* [BC BREAK] `SessionStorageInterface` methods removed: `write()`, `read()` and `remove()`. Added
|
||||||
`getBag()`, `registerBag()`.
|
`getBag()`, `registerBag()`.
|
||||||
|
|
|
@ -112,9 +112,9 @@ UPGRADE FROM 2.0 to 2.1
|
||||||
protected function load()
|
protected function load()
|
||||||
{
|
{
|
||||||
parent::load();
|
parent::load();
|
||||||
|
|
||||||
// load choices
|
// load choices
|
||||||
|
|
||||||
$this->choices = $choices;
|
$this->choices = $choices;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -128,7 +128,7 @@ UPGRADE FROM 2.0 to 2.1
|
||||||
public function __construct()
|
public function __construct()
|
||||||
{
|
{
|
||||||
// load choices
|
// load choices
|
||||||
|
|
||||||
parent::__construct($choices);
|
parent::__construct($choices);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -143,7 +143,7 @@ UPGRADE FROM 2.0 to 2.1
|
||||||
protected function loadChoiceList()
|
protected function loadChoiceList()
|
||||||
{
|
{
|
||||||
// load choices
|
// load choices
|
||||||
|
|
||||||
return new SimpleChoiceList($choices);
|
return new SimpleChoiceList($choices);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -216,7 +216,7 @@ UPGRADE FROM 2.0 to 2.1
|
||||||
|
|
||||||
```
|
```
|
||||||
$builder->add('tags', 'collection', array('prototype' => 'proto'));
|
$builder->add('tags', 'collection', array('prototype' => 'proto'));
|
||||||
|
|
||||||
// results in the name "$$proto$$" in the template
|
// results in the name "$$proto$$" in the template
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -224,7 +224,7 @@ UPGRADE FROM 2.0 to 2.1
|
||||||
|
|
||||||
```
|
```
|
||||||
$builder->add('tags', 'collection', array('prototype' => '__proto__'));
|
$builder->add('tags', 'collection', array('prototype' => '__proto__'));
|
||||||
|
|
||||||
// results in the name "__proto__" in the template
|
// results in the name "__proto__" in the template
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -244,7 +244,7 @@ UPGRADE FROM 2.0 to 2.1
|
||||||
$this->setMessage($constraint->message, array(
|
$this->setMessage($constraint->message, array(
|
||||||
'{{ value }}' => $value,
|
'{{ value }}' => $value,
|
||||||
));
|
));
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -260,7 +260,7 @@ UPGRADE FROM 2.0 to 2.1
|
||||||
$this->context->addViolation($constraint->message, array(
|
$this->context->addViolation($constraint->message, array(
|
||||||
'{{ value }}' => $value,
|
'{{ value }}' => $value,
|
||||||
));
|
));
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -295,7 +295,7 @@ UPGRADE FROM 2.0 to 2.1
|
||||||
If you used these methods on bound forms, you should consider moving your
|
If you used these methods on bound forms, you should consider moving your
|
||||||
logic to an event listener that observes one of the following events:
|
logic to an event listener that observes one of the following events:
|
||||||
`FormEvents::PRE_BIND`, `FormEvents::BIND_CLIENT_DATA` or
|
`FormEvents::PRE_BIND`, `FormEvents::BIND_CLIENT_DATA` or
|
||||||
`FormEvents::BIND_NORM_DATA`.
|
`FormEvents::BIND_NORM_DATA`.
|
||||||
|
|
||||||
### Session
|
### Session
|
||||||
|
|
||||||
|
@ -341,3 +341,33 @@ UPGRADE FROM 2.0 to 2.1
|
||||||
|
|
||||||
Any session storage driver that wants to use custom save handlers should
|
Any session storage driver that wants to use custom save handlers should
|
||||||
implement `SessionHandlerInterface`.
|
implement `SessionHandlerInterface`.
|
||||||
|
|
||||||
|
### FrameworkBundle
|
||||||
|
|
||||||
|
* session options: lifetime, path, domain, secure, httponly were deprecated.
|
||||||
|
Prefixed versions should now be used instead: cookie_lifetime, cookie_path, cookie_domain, cookie_secure, cookie_httponly
|
||||||
|
|
||||||
|
Before:
|
||||||
|
|
||||||
|
```
|
||||||
|
framework:
|
||||||
|
session:
|
||||||
|
lifetime: 3600
|
||||||
|
path: \
|
||||||
|
domain: example.com
|
||||||
|
secure: true
|
||||||
|
httponly: true
|
||||||
|
```
|
||||||
|
|
||||||
|
After:
|
||||||
|
|
||||||
|
```
|
||||||
|
framework:
|
||||||
|
session:
|
||||||
|
cookie_lifetime: 3600
|
||||||
|
cookie_path: \
|
||||||
|
cookie_domain: example.com
|
||||||
|
cookie_secure: true
|
||||||
|
cookie_httponly: true
|
||||||
|
```
|
||||||
|
|
||||||
|
|
|
@ -169,11 +169,16 @@ class Configuration implements ConfigurationInterface
|
||||||
->booleanNode('auto_start')->defaultFalse()->end()
|
->booleanNode('auto_start')->defaultFalse()->end()
|
||||||
->scalarNode('storage_id')->defaultValue('session.storage.native_file')->end()
|
->scalarNode('storage_id')->defaultValue('session.storage.native_file')->end()
|
||||||
->scalarNode('name')->end()
|
->scalarNode('name')->end()
|
||||||
->scalarNode('lifetime')->end()
|
->scalarNode('cookie_lifetime')->end()
|
||||||
->scalarNode('path')->end()
|
->scalarNode('cookie_path')->end()
|
||||||
->scalarNode('domain')->end()
|
->scalarNode('cookie_domain')->end()
|
||||||
->booleanNode('secure')->end()
|
->booleanNode('cookie_secure')->end()
|
||||||
->booleanNode('httponly')->end()
|
->booleanNode('cookie_httponly')->end()
|
||||||
|
->scalarNode('lifetime')->setInfo('DEPRECATED! Please use: cookie_lifetime')->end()
|
||||||
|
->scalarNode('path')->setInfo('DEPRECATED! Please use: cookie_path')->end()
|
||||||
|
->scalarNode('domain')->setInfo('DEPRECATED! Please use: cookie_domain')->end()
|
||||||
|
->booleanNode('secure')->setInfo('DEPRECATED! Please use: cookie_secure')->end()
|
||||||
|
->booleanNode('httponly')->setInfo('DEPRECATED! Please use: cookie_httponly')->end()
|
||||||
->end()
|
->end()
|
||||||
->end()
|
->end()
|
||||||
->end()
|
->end()
|
||||||
|
|
|
@ -294,14 +294,16 @@ class FrameworkExtension extends Extension
|
||||||
// session storage
|
// session storage
|
||||||
$container->setAlias('session.storage', $config['storage_id']);
|
$container->setAlias('session.storage', $config['storage_id']);
|
||||||
$options = array();
|
$options = array();
|
||||||
foreach (array('name', 'auto_start') as $key) {
|
foreach (array('name', 'cookie_lifetime', 'cookie_path', 'cookie_domain', 'cookie_secure', 'cookie_httponly', 'auto_start') as $key) {
|
||||||
if (isset($config[$key])) {
|
if (isset($config[$key])) {
|
||||||
$options[$key] = $config[$key];
|
$options[$key] = $config[$key];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
//drivers require correct names for cookie options e.g the one with cookie_ prefix
|
|
||||||
|
//we deprecated session options without cookie_ prefix, but we are still supporting them,
|
||||||
|
//Let's merge the ones that were supplied without prefix
|
||||||
foreach (array('lifetime', 'path', 'domain', 'secure', 'httponly') as $key) {
|
foreach (array('lifetime', 'path', 'domain', 'secure', 'httponly') as $key) {
|
||||||
if (isset($config[$key])) {
|
if (!isset($options['cookie_'.$key]) && isset($config[$key])) {
|
||||||
$options['cookie_'.$key] = $config[$key];
|
$options['cookie_'.$key] = $config[$key];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -75,11 +75,18 @@
|
||||||
<xsd:complexType name="session">
|
<xsd:complexType name="session">
|
||||||
<xsd:attribute name="storage-id" type="xsd:string" />
|
<xsd:attribute name="storage-id" type="xsd:string" />
|
||||||
<xsd:attribute name="name" type="xsd:string" />
|
<xsd:attribute name="name" type="xsd:string" />
|
||||||
|
<xsd:attribute name="cookie-lifetime" type="xsd:integer" />
|
||||||
|
<xsd:attribute name="cookie-path" type="xsd:string" />
|
||||||
|
<xsd:attribute name="cookie-domain" type="xsd:string" />
|
||||||
|
<xsd:attribute name="cookie-secure" type="xsd:boolean" />
|
||||||
|
<xsd:attribute name="cookie-httponly" type="xsd:boolean" />
|
||||||
|
<!-- deprecated attributes -->
|
||||||
<xsd:attribute name="lifetime" type="xsd:integer" />
|
<xsd:attribute name="lifetime" type="xsd:integer" />
|
||||||
<xsd:attribute name="path" type="xsd:string" />
|
<xsd:attribute name="path" type="xsd:string" />
|
||||||
<xsd:attribute name="domain" type="xsd:string" />
|
<xsd:attribute name="domain" type="xsd:string" />
|
||||||
<xsd:attribute name="secure" type="xsd:boolean" />
|
<xsd:attribute name="secure" type="xsd:boolean" />
|
||||||
<xsd:attribute name="httponly" type="xsd:boolean" />
|
<xsd:attribute name="httponly" type="xsd:boolean" />
|
||||||
|
<!-- end of deprecated attributes -->
|
||||||
<xsd:attribute name="cache-limiter" type="xsd:string" />
|
<xsd:attribute name="cache-limiter" type="xsd:string" />
|
||||||
<xsd:attribute name="auto-start" type="xsd:boolean" />
|
<xsd:attribute name="auto-start" type="xsd:boolean" />
|
||||||
</xsd:complexType>
|
</xsd:complexType>
|
||||||
|
|
|
@ -0,0 +1,21 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
$container->loadFromExtension('framework', array(
|
||||||
|
'secret' => 's3cr3t',
|
||||||
|
'session' => array(
|
||||||
|
'auto_start' => true,
|
||||||
|
'storage_id' => 'session.storage.native_file',
|
||||||
|
'name' => '_SYMFONY',
|
||||||
|
'lifetime' => 2012,
|
||||||
|
'path' => '/sf2',
|
||||||
|
'domain' => 'sf2.example.com',
|
||||||
|
'secure' => false,
|
||||||
|
'httponly' => false,
|
||||||
|
'cookie_lifetime' => 86400,
|
||||||
|
'cookie_path' => '/',
|
||||||
|
'cookie_domain' => 'example.com',
|
||||||
|
'cookie_secure' => true,
|
||||||
|
'cookie_httponly' => true,
|
||||||
|
),
|
||||||
|
));
|
||||||
|
|
|
@ -0,0 +1,18 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
$container->loadFromExtension('framework', array(
|
||||||
|
'secret' => 's3cr3t',
|
||||||
|
'session' => array(
|
||||||
|
'auto_start' => true,
|
||||||
|
'storage_id' => 'session.storage.native_file',
|
||||||
|
'name' => '_SYMFONY',
|
||||||
|
'lifetime' => 2012,
|
||||||
|
'path' => '/sf2',
|
||||||
|
'domain' => 'sf2.example.com',
|
||||||
|
'secure' => false,
|
||||||
|
'cookie_lifetime' => 86400,
|
||||||
|
'cookie_path' => '/',
|
||||||
|
'cookie_httponly' => true,
|
||||||
|
),
|
||||||
|
));
|
||||||
|
|
|
@ -0,0 +1,12 @@
|
||||||
|
<?xml version="1.0" ?>
|
||||||
|
|
||||||
|
<container xmlns="http://symfony.com/schema/dic/services"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xmlns:framework="http://symfony.com/schema/dic/symfony"
|
||||||
|
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd
|
||||||
|
http://symfony.com/schema/dic/symfony http://symfony.com/schema/dic/symfony/symfony-1.0.xsd">
|
||||||
|
|
||||||
|
<framework:config secret="s3cr3t">
|
||||||
|
<framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" lifetime="2012" path="/sf2" domain="sf2.example.com" secure="false" httponly="false" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-httponly="true" />
|
||||||
|
</framework:config>
|
||||||
|
</container>
|
|
@ -0,0 +1,12 @@
|
||||||
|
<?xml version="1.0" ?>
|
||||||
|
|
||||||
|
<container xmlns="http://symfony.com/schema/dic/services"
|
||||||
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||||
|
xmlns:framework="http://symfony.com/schema/dic/symfony"
|
||||||
|
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd
|
||||||
|
http://symfony.com/schema/dic/symfony http://symfony.com/schema/dic/symfony/symfony-1.0.xsd">
|
||||||
|
|
||||||
|
<framework:config secret="s3cr3t">
|
||||||
|
<framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" lifetime="2012" path="/sf2" domain="sf2.example.com" secure="false" httponly="false" cookie-lifetime="86400" cookie-path="/" cookie-httponly="true" />
|
||||||
|
</framework:config>
|
||||||
|
</container>
|
|
@ -12,7 +12,7 @@
|
||||||
<framework:esi enabled="true" />
|
<framework:esi enabled="true" />
|
||||||
<framework:profiler only-exceptions="true" />
|
<framework:profiler only-exceptions="true" />
|
||||||
<framework:router resource="%kernel.root_dir%/config/routing.xml" type="xml" />
|
<framework:router resource="%kernel.root_dir%/config/routing.xml" type="xml" />
|
||||||
<framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" lifetime="86400" path="/" domain="example.com" secure="true" httponly="true" />
|
<framework:session auto-start="true" storage-id="session.storage.native_file" name="_SYMFONY" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-httponly="true" />
|
||||||
<framework:templating assets-version="SomeVersionScheme" cache="/path/to/cache" >
|
<framework:templating assets-version="SomeVersionScheme" cache="/path/to/cache" >
|
||||||
<framework:loader>loader.foo</framework:loader>
|
<framework:loader>loader.foo</framework:loader>
|
||||||
<framework:loader>loader.bar</framework:loader>
|
<framework:loader>loader.bar</framework:loader>
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
framework:
|
||||||
|
secret: s3cr3t
|
||||||
|
session:
|
||||||
|
auto_start: true
|
||||||
|
storage_id: session.storage.native_file
|
||||||
|
name: _SYMFONY
|
||||||
|
lifetime: 2012
|
||||||
|
path: /sf2
|
||||||
|
domain: sf2.example.com
|
||||||
|
secure: false
|
||||||
|
httponly: false
|
||||||
|
cookie_lifetime: 86400
|
||||||
|
cookie_path: /
|
||||||
|
cookie_domain: example.com
|
||||||
|
cookie_secure: true
|
||||||
|
cookie_httponly: true
|
|
@ -0,0 +1,14 @@
|
||||||
|
framework:
|
||||||
|
secret: s3cr3t
|
||||||
|
session:
|
||||||
|
auto_start: true
|
||||||
|
storage_id: session.storage.native_file
|
||||||
|
name: _SYMFONY
|
||||||
|
lifetime: 2012
|
||||||
|
path: /sf2
|
||||||
|
domain: sf2.example.com
|
||||||
|
secure: false
|
||||||
|
httponly: false
|
||||||
|
cookie_lifetime: 86400
|
||||||
|
cookie_path: /
|
||||||
|
cookie_httponly: true
|
|
@ -89,6 +89,36 @@ abstract class FrameworkExtensionTest extends TestCase
|
||||||
$this->assertTrue($options['cookie_httponly']);
|
$this->assertTrue($options['cookie_httponly']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testSessionDeprecatedMergeFull()
|
||||||
|
{
|
||||||
|
$container = $this->createContainerFromFile('deprecated_merge_full');
|
||||||
|
|
||||||
|
$this->assertTrue($container->hasDefinition('session'), '->registerSessionConfiguration() loads session.xml');
|
||||||
|
|
||||||
|
$options = $container->getParameter('session.storage.options');
|
||||||
|
$this->assertEquals('_SYMFONY', $options['name']);
|
||||||
|
$this->assertEquals(86400, $options['cookie_lifetime']);
|
||||||
|
$this->assertEquals('/', $options['cookie_path']);
|
||||||
|
$this->assertEquals('example.com', $options['cookie_domain']);
|
||||||
|
$this->assertTrue($options['cookie_secure']);
|
||||||
|
$this->assertTrue($options['cookie_httponly']);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testSessionDeprecatedMergePartial()
|
||||||
|
{
|
||||||
|
$container = $this->createContainerFromFile('deprecated_merge_partial');
|
||||||
|
|
||||||
|
$this->assertTrue($container->hasDefinition('session'), '->registerSessionConfiguration() loads session.xml');
|
||||||
|
|
||||||
|
$options = $container->getParameter('session.storage.options');
|
||||||
|
$this->assertEquals('_SYMFONY', $options['name']);
|
||||||
|
$this->assertEquals(86400, $options['cookie_lifetime']);
|
||||||
|
$this->assertEquals('/', $options['cookie_path']);
|
||||||
|
$this->assertEquals('sf2.example.com', $options['cookie_domain']);
|
||||||
|
$this->assertFalse($options['cookie_secure']);
|
||||||
|
$this->assertTrue($options['cookie_httponly']);
|
||||||
|
}
|
||||||
|
|
||||||
public function testTemplating()
|
public function testTemplating()
|
||||||
{
|
{
|
||||||
$container = $this->createContainerFromFile('full');
|
$container = $this->createContainerFromFile('full');
|
||||||
|
|
Reference in New Issue