bug #25151 [FrameworkBundle] Automatically enable the CSRF protection if CSRF manager exists (sroze)
This PR was merged into the 3.4 branch.
Discussion
----------
[FrameworkBundle] Automatically enable the CSRF protection if CSRF manager exists
| Q | A
| ------------- | ---
| Branch? | 3.4
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | ø
| License | MIT
This will automatically enable the CSRF protection if `CsrfTokenManagerInterface` exists.
Commits
-------
fd4340693c
Automatically enable the CSRF protection if CSRF manager exists
This commit is contained in:
commit
d5f04284f9
@ -21,6 +21,7 @@ use Symfony\Component\Config\Definition\ConfigurationInterface;
|
|||||||
use Symfony\Component\Form\Form;
|
use Symfony\Component\Form\Form;
|
||||||
use Symfony\Component\Lock\Lock;
|
use Symfony\Component\Lock\Lock;
|
||||||
use Symfony\Component\Lock\Store\SemaphoreStore;
|
use Symfony\Component\Lock\Store\SemaphoreStore;
|
||||||
|
use Symfony\Component\Security\Csrf\CsrfTokenManagerInterface;
|
||||||
use Symfony\Component\Serializer\Serializer;
|
use Symfony\Component\Serializer\Serializer;
|
||||||
use Symfony\Component\Translation\Translator;
|
use Symfony\Component\Translation\Translator;
|
||||||
use Symfony\Component\Validator\Validation;
|
use Symfony\Component\Validator\Validation;
|
||||||
@ -142,7 +143,7 @@ class Configuration implements ConfigurationInterface
|
|||||||
$rootNode
|
$rootNode
|
||||||
->children()
|
->children()
|
||||||
->arrayNode('csrf_protection')
|
->arrayNode('csrf_protection')
|
||||||
->canBeEnabled()
|
->{!class_exists(FullStack::class) && class_exists(CsrfTokenManagerInterface::class) ? 'canBeDisabled' : 'canBeEnabled'}()
|
||||||
->end()
|
->end()
|
||||||
->end()
|
->end()
|
||||||
;
|
;
|
||||||
|
Reference in New Issue
Block a user