[FrameworkBundle] Force users to set "kernel.secret" to something different than default "ThisTokenIsNotSoSecretChangeIt"

2013-01-07 09:41:41 +01:00 · 2013-01-07 09:41:41 +01:00 · f5290b95a9
commit f5290b95a9
parent dc4a10e931
2 changed files with 18 additions and 3 deletions
--- a/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
+++ b/src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
@ -51,7 +51,12 @@ class Configuration implements ConfigurationInterface
                        })
                    ->end()
                ->end()
-                ->scalarNode('secret')->end()
+                ->scalarNode('secret')
+                    ->validate()
+                        ->ifTrue(function($v) { return 'ThisTokenIsNotSoSecretChangeIt' === $v; })
+                        ->thenInvalid('The "secret" parameter is currently set to the default. It is really important that you change it to something unique.')
+                    ->end()
+                ->end()
                ->scalarNode('trust_proxy_headers')->defaultFalse()->end() // @deprecated, to be removed in 2.3
                ->arrayNode('trusted_proxies')
                    ->beforeNormalization()
--- a/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
+++ b/src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
@ -66,7 +66,7 @@ class ConfigurationTest extends \PHPUnit_Framework_TestCase
    {
        $processor = new Processor();
        $configuration = new Configuration(array());
-        $config = $processor->processConfiguration($configuration, array(array('secret' => 's3cr3t', 'trusted_proxies' => 'Not an IP address')));
+        $processor->processConfiguration($configuration, array(array('secret' => 's3cr3t', 'trusted_proxies' => 'Not an IP address')));
    }

    /**
@ -76,6 +76,16 @@ class ConfigurationTest extends \PHPUnit_Framework_TestCase
    {
        $processor = new Processor();
        $configuration = new Configuration(array());
-        $config = $processor->processConfiguration($configuration, array(array('secret' => 's3cr3t', 'trusted_proxies' => array('Not an IP address'))));
+        $processor->processConfiguration($configuration, array(array('secret' => 's3cr3t', 'trusted_proxies' => array('Not an IP address'))));
+    }
+
+    /**
+     * @expectedException \Symfony\Component\Config\Definition\Exception\InvalidConfigurationException
+     */
+    public function testDefaultSecretIsUsed()
+    {
+        $processor = new Processor();
+        $configuration = new Configuration(array());
+        $processor->processConfiguration($configuration, array(array('secret' => 'ThisTokenIsNotSoSecretChangeIt')));
    }
 }