symfony

Archived

forked from https://github.com/symfony/symfony

This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.

Go to file

Fabien Potencier 460fcbf23b bug #22569 [Security] Handle bad request format in json auth listener (ogizanagi) This PR was merged into the 3.3-dev branch. Discussion ---------- [Security] Handle bad request format in json auth listener \| Q \| A \| ------------- \| --- \| Branch? \| master (3.3) \| Bug fix? \| yesish \| New feature? \| yes \| BC breaks? \| no \| Deprecations? \| no \| Tests pass? \| yes \| Fixed tickets \| N/A \| License \| MIT \| Doc PR \| N/A In https://github.com/symfony/symfony/pull/22034, I wondered myself if we shouldn't throw a dedicated exception to handle bad formatted requests and give more inputs to the client by returning a 400 response with an explicit message. ~~Here is a suggestion, introducing a new `BadRequestFormatException` and using it in `UsernamePasswordJsonAuthenticationListener` whenever there is no custom failure handler set (but someone using its own handler should be able to treat the failure properly too).~~ As discussed with @chalasr , it seems better to directly throw a `BadRequestHttpException` as it's actually out of the whole security process. PR updated. Commits ------- `93a8cb9cd4` [Security] Handle bad request format in json auth listener		2017-04-29 08:39:09 -07:00
.composer	Drop hirak/prestissimo	2016-05-12 07:44:15 -05:00
.github	Make .travis.yml more readable	2017-04-19 14:51:17 +02:00
src/Symfony	bug #22569 [Security] Handle bad request format in json auth listener (ogizanagi)	2017-04-29 08:39:09 -07:00
.editorconfig	Add EditorConfig File	2012-06-16 14:08:15 +02:00
.gitignore	Add appveyor.yml for C.I. on Windows	2015-08-25 23:41:37 +02:00
.php_cs.dist	[Asset] Adding a new version strategy that reads from a manifest JSON file	2017-03-25 09:22:50 -07:00
.travis.yml	Merge branch '3.2'	2017-04-19 22:29:26 +02:00
appveyor.yml	Merge branch '2.8' into 3.2	2017-04-04 09:26:27 +02:00
CHANGELOG-3.0.md	Merge branch '2.8' into 3.1	2016-08-05 10:37:39 +02:00
CHANGELOG-3.1.md	updated CHANGELOG for 3.1.9	2017-01-12 12:43:31 -08:00
CHANGELOG-3.2.md	updated CHANGELOG for 3.2.7	2017-04-05 05:51:48 -07:00
composer.json	Add a new Link component	2017-04-10 09:55:52 -07:00
CONTRIBUTING.md	Mention the community review guide	2016-12-18 22:02:35 +01:00
CONTRIBUTORS.md	Merge branch '2.8' into 3.2	2017-04-04 08:30:56 -07:00
LICENSE	updated LICENSE year	2017-01-02 12:30:00 -08:00
phpunit	Use PHPUnit 6.0 on PHP 7.* test lines	2017-02-21 14:43:45 +01:00
phpunit.xml.dist	Merge branch '3.2'	2017-04-12 07:14:56 -07:00
README.md	Rename StackOverflow to Stack Overflow	2017-03-08 11:34:04 +01:00
UPGRADE-3.0.md	Fixed formatting in Security section	2017-04-14 11:38:02 +02:00
UPGRADE-3.1.md	[Serializer] Remove AbstractObjectNormalizer::isAttributeToNormalize	2016-12-08 16:02:32 +01:00
UPGRADE-3.2.md	fixed CS	2017-03-05 08:45:00 -08:00
UPGRADE-3.3.md	minor #22475 [SecurityBundle] Enhance FirewallContext::getListeners() (ro0NL)	2017-04-26 13:18:04 -04:00
UPGRADE-4.0.md	minor #22475 [SecurityBundle] Enhance FirewallContext::getListeners() (ro0NL)	2017-04-26 13:18:04 -04:00

README.md

Symfony is a PHP framework for web applications and a set of reusable PHP components. Symfony is used by thousands of web applications (including BlaBlaCar.com and Spotify.com) and most of the popular PHP projects (including Drupal and Magento).

Installation

Install Symfony with Composer or with our own installer (see requirements details).
Symfony follows the semantic versioning strictly, publishes "Long Term Support" (LTS) versions and has a release process that is predictable and business-friendly.

Documentation

Read the Getting Started guide if you are new to Symfony.
Try the Symfony Demo application to learn Symfony in practice.
Master Symfony with the Guides and Tutorials, the Components docs and the Best Practices reference.

Community

Join the Symfony Community and meet other members at the Symfony events.
Get Symfony support on Stack Overflow, Slack, IRC, etc.
Follow us on GitHub, Twitter and Facebook.

Contributing

Symfony is an Open Source, community-driven project with thousands of contributors. Join them contributing code or contributing documentation.

Security Issues

If you discover a security vulnerability within Symfony, please follow our disclosure procedure.

About Us

Symfony development is sponsored by SensioLabs, lead by the Symfony Core Team and supported by Symfony contributors.