diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

bug #25151 [FrameworkBundle] Automatically enable the CSRF protection if CSRF manager exists (sroze)

Browse Source 
This PR was merged into the 3.4 branch.

Discussion
----------

[FrameworkBundle] Automatically enable the CSRF protection if CSRF manager exists

| Q             | A
| ------------- | ---
| Branch?       | 3.4
| Bug fix?      | no
| New feature?  | yes
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | ø
| License       | MIT

This will automatically enable the CSRF protection if `CsrfTokenManagerInterface` exists.

Commits
-------

fd4340693c Automatically enable the CSRF protection if CSRF manager exists
This commit is contained in:
Fabien Potencier 2017-11-24 08:16:56 -08:00
commit d5f04284f9
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
View File

@ -21,6 +21,7 @@ use Symfony\Component\Config\Definition\ConfigurationInterface;
use Symfony\Component\Form\Form;
use Symfony\Component\Lock\Lock;
use Symfony\Component\Lock\Store\SemaphoreStore;
use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
use Symfony\Component\Serializer\Serializer;
use Symfony\Component\Translation\Translator;
use Symfony\Component\Validator\Validation;
@ -142,7 +143,7 @@ class Configuration implements ConfigurationInterface
$rootNode
->children()
->arrayNode('csrf_protection')
->canBeEnabled()
->{!class_exists(FullStack::class) && class_exists(CsrfTokenManagerInterface::class) ? 'canBeDisabled' : 'canBeEnabled'}()
->end()
->end()
;