symfony

Archived

forked from https://github.com/symfony/symfony

This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.

Go to file

Nicolas Grekas 4c2375fd12 feature #39919 [Security] Randomize CSRF token to harden BREACH attacks (jderusse) This PR was merged into the 5.3-dev branch. Discussion ---------- [Security] Randomize CSRF token to harden BREACH attacks \| Q \| A \| ------------- \| --- \| Branch? \| 5.x \| Bug fix? \| no \| New feature? \| yes \| Deprecations? \| no \| Tickets \| - \| License \| MIT \| Doc PR \| TODO This PR randomize the CSRF token in each request in order to hardening the [BREACH attack](https://en.wikipedia.org/wiki/Cross-site_request_forgery) Commits ------- `8b01095933` Randomize CSRF token to harden BREACH attacks		2021-01-23 19:51:17 +01:00
.github	Merge branch '5.2' into 5.x	2021-01-14 16:43:35 +01:00
src/Symfony	feature #39919 [Security] Randomize CSRF token to harden BREACH attacks (jderusse)	2021-01-23 19:51:17 +01:00
.appveyor.yml	Merge branch '4.4' into 5.1	2021-01-19 21:48:35 +01:00
.editorconfig	Update .editorconfig	2018-09-06 16:22:56 +02:00
.gitattributes	"export-ignore" contracts and phpunit-bridge	2021-01-22 10:53:35 +01:00
.gitignore	Run the phpunit-bridge from a PR	2019-08-02 17:46:19 +02:00
.php_cs.dist	Merge branch '5.1' into 5.2	2021-01-19 22:00:40 +01:00
.travis.yml	Merge branch '4.4' into 5.1	2021-01-14 21:09:08 +01:00
CHANGELOG-5.0.md	Merge branch '5.0' into 5.1	2020-06-15 13:50:15 +02:00
CHANGELOG-5.1.md	Update CHANGELOG for 5.1.10	2020-12-18 14:43:18 +01:00
CHANGELOG-5.2.md	Update CHANGELOG for 5.2.1	2020-12-18 14:49:30 +01:00
CODE_OF_CONDUCT.md	Added the Code of Conduct file	2018-10-10 03:13:30 -07:00
composer.json	[Notifier] Add mercure bridge	2021-01-16 10:46:54 +01:00
CONTRIBUTING.md	Mention the community review guide	2016-12-18 22:02:35 +01:00
CONTRIBUTORS.md	Update CONTRIBUTORS for 4.4.18	2020-12-18 14:32:28 +01:00
LICENSE	Bump license year	2021-01-01 10:24:35 +01:00
link	Merge branch '5.1' into 5.2	2020-12-10 20:16:15 +01:00
phpunit	Added compatibility with PHPunit 9.5	2020-12-05 16:15:30 +01:00
phpunit.xml.dist	Merge branch '4.4' into 5.1	2020-11-16 16:58:32 +01:00
README.md	Update README.md	2020-12-29 01:17:49 +01:00
UPGRADE-5.0.md	Merge branch '4.4' into 5.1	2020-12-10 18:44:54 +01:00
UPGRADE-5.1.md	Update UPGRADE-5.1.md	2020-09-07 01:58:27 +02:00
UPGRADE-5.2.md	[HttpFoundation] Deprecate BinaryFileResponse::create().	2020-11-20 16:47:02 +01:00
UPGRADE-5.3.md	deprecate the NamespacedAttributeBag class	2021-01-16 11:11:08 +01:00
UPGRADE-6.0.md	deprecate the NamespacedAttributeBag class	2021-01-16 11:11:08 +01:00

README.md

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Symfony is used by thousands of web applications (including BlaBlaCar.com and Spotify.com) and most of the popular PHP projects (including Drupal and Magento).

Installation

Install Symfony with Composer (see requirements details).
Symfony follows the semantic versioning strictly, publishes "Long Term Support" (LTS) versions and has a release process that is predictable and business-friendly.

Documentation

Read the Getting Started guide if you are new to Symfony.
Try the Symfony Demo application to learn Symfony in practice.
Master Symfony with the Guides and Tutorials, the Components docs and the Best Practices reference.

Community

Join the Symfony Community and meet other members at the Symfony events.
Get Symfony support on Stack Overflow, Slack, IRC, etc.
Follow us on GitHub, Twitter and Facebook.
Read our Code of Conduct and meet the CARE Team.

Contributing

Symfony is an Open Source, community-driven project with thousands of contributors. Join them contributing code or contributing documentation.

Security Issues

If you discover a security vulnerability within Symfony, please follow our disclosure procedure.

About Us

Symfony development is sponsored by SensioLabs, led by the Symfony Core Team and supported by Symfony contributors.