30997a4005
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] Fix the retrieval of the last username when using forwarding
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | n/a
| License | MIT
| Doc PR | n/a
When using forwarding to render the login page (which is not the default), the info are stored in the subrequest attributes rather than the session. ``getLastAuthenticationError`` was handling this properly but ``getLastUsername`` was not checking the attributes.
This fixes it by checking the attributes (I'm checking them before the session, to be consistent with ``getLastAuthenticationError``)
Commits
-------
|
||
---|---|---|
.composer | ||
.github | ||
src/Symfony | ||
.editorconfig | ||
.gitignore | ||
.php_cs | ||
.travis.yml | ||
appveyor.yml | ||
CHANGELOG-2.2.md | ||
CHANGELOG-2.3.md | ||
CHANGELOG-2.4.md | ||
CHANGELOG-2.5.md | ||
CHANGELOG-2.6.md | ||
CHANGELOG-2.7.md | ||
composer.json | ||
CONTRIBUTING.md | ||
CONTRIBUTORS.md | ||
LICENSE | ||
phpunit | ||
phpunit.xml.dist | ||
README.md | ||
UPGRADE-2.1.md | ||
UPGRADE-2.2.md | ||
UPGRADE-2.3.md | ||
UPGRADE-2.4.md | ||
UPGRADE-2.5.md | ||
UPGRADE-2.6.md | ||
UPGRADE-2.7.md | ||
UPGRADE-3.0.md |
README
What is Symfony?
Symfony is a PHP 5.3 full-stack web framework. It is written with speed and flexibility in mind. It allows developers to build better and easy to maintain websites with PHP.
Symfony can be used to develop all kind of websites, from your personal blog to high traffic ones like Dailymotion or Yahoo! Answers.
Requirements
Symfony is only supported on PHP 5.3.9 and up.
Be warned that PHP 5.3.16 has a major bug in the Reflection subsystem and is not suitable to run Symfony (https://bugs.php.net/bug.php?id=62715)
Installation
The best way to install Symfony is to use the official Symfony Installer. It allows you to start a new project based on the version you want.
Documentation
The "Quick Tour" tutorial gives you a first feeling of the framework. If, like us, you think that Symfony can help speed up your development and take the quality of your work to the next level, read the official Symfony documentation.
Contributing
Symfony is an open source, community-driven project. If you'd like to contribute, please read the Contributing Code part of the documentation. If you're submitting a pull request, please follow the guidelines in the Submitting a Patch section and use Pull Request Template.
Running Symfony Tests
Information on how to run the Symfony test suite can be found in the Running Symfony Tests section.