[FrameworkBundle] Force users to set "kernel.secret" to something different than default "ThisTokenIsNotSoSecretChangeIt"
This commit is contained in:
parent
dc4a10e931
commit
f5290b95a9
@ -51,7 +51,12 @@ class Configuration implements ConfigurationInterface
|
|||||||
})
|
})
|
||||||
->end()
|
->end()
|
||||||
->end()
|
->end()
|
||||||
->scalarNode('secret')->end()
|
->scalarNode('secret')
|
||||||
|
->validate()
|
||||||
|
->ifTrue(function($v) { return 'ThisTokenIsNotSoSecretChangeIt' === $v; })
|
||||||
|
->thenInvalid('The "secret" parameter is currently set to the default. It is really important that you change it to something unique.')
|
||||||
|
->end()
|
||||||
|
->end()
|
||||||
->scalarNode('trust_proxy_headers')->defaultFalse()->end() // @deprecated, to be removed in 2.3
|
->scalarNode('trust_proxy_headers')->defaultFalse()->end() // @deprecated, to be removed in 2.3
|
||||||
->arrayNode('trusted_proxies')
|
->arrayNode('trusted_proxies')
|
||||||
->beforeNormalization()
|
->beforeNormalization()
|
||||||
|
@ -66,7 +66,7 @@ class ConfigurationTest extends \PHPUnit_Framework_TestCase
|
|||||||
{
|
{
|
||||||
$processor = new Processor();
|
$processor = new Processor();
|
||||||
$configuration = new Configuration(array());
|
$configuration = new Configuration(array());
|
||||||
$config = $processor->processConfiguration($configuration, array(array('secret' => 's3cr3t', 'trusted_proxies' => 'Not an IP address')));
|
$processor->processConfiguration($configuration, array(array('secret' => 's3cr3t', 'trusted_proxies' => 'Not an IP address')));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -76,6 +76,16 @@ class ConfigurationTest extends \PHPUnit_Framework_TestCase
|
|||||||
{
|
{
|
||||||
$processor = new Processor();
|
$processor = new Processor();
|
||||||
$configuration = new Configuration(array());
|
$configuration = new Configuration(array());
|
||||||
$config = $processor->processConfiguration($configuration, array(array('secret' => 's3cr3t', 'trusted_proxies' => array('Not an IP address'))));
|
$processor->processConfiguration($configuration, array(array('secret' => 's3cr3t', 'trusted_proxies' => array('Not an IP address'))));
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @expectedException \Symfony\Component\Config\Definition\Exception\InvalidConfigurationException
|
||||||
|
*/
|
||||||
|
public function testDefaultSecretIsUsed()
|
||||||
|
{
|
||||||
|
$processor = new Processor();
|
||||||
|
$configuration = new Configuration(array());
|
||||||
|
$processor->processConfiguration($configuration, array(array('secret' => 'ThisTokenIsNotSoSecretChangeIt')));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user