diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch '3.4' into 4.2 

* 3.4:
  [Security] Add a separator in the remember me cookie hash
This commit is contained in:
Nicolas Grekas 2019-04-16 10:58:51 +02:00
parent a5039c81c9 0a4ed67b0d
commit abd8b954f4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Symfony/Component/Security/Http/RememberMe/TokenBasedRememberMeServices.php
View File

@ -122,6 +122,6 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
*/
protected function generateCookieHash($class, $username, $expires, $password)
{
return hash_hmac('sha256', $class.$username.$expires.$password, $this->getSecret());
return hash_hmac('sha256', $class.self::COOKIE_DELIMITER.$username.self::COOKIE_DELIMITER.$expires.self::COOKIE_DELIMITER.$password, $this->getSecret());
}
}