diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.
74461cc2db
symfony/src/Symfony/Component
History
Fabien Potencier 74461cc2db feature #28244 [FrameworkBundle] Added new "auto" mode for framework.session.cookie_secure to turn it on when https is used (nicolas-grekas) 
This PR was merged into the 4.2-dev branch.

Discussion
----------

[FrameworkBundle] Added new "auto" mode for `framework.session.cookie_secure` to turn it on when https is used

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | no
| New feature?  | yes
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | -
| License       | MIT
| Doc PR        | -

I'm pretty sure we're many forgetting to make session cookies "secure".
Here is an "auto" mode that makes them secure automatically when the session is started on requests with the "https" scheme.

Commits
-------

4f7b41a83d [FrameworkBundle] Added new "auto" mode for `framework.session.cookie_secure` to turn it on when https is used
2018-08-27 18:19:09 +02:00
..
Asset Merge branch '4.1' 2018-07-26 11:13:01 +02:00
BrowserKit Merge branch '4.1' 2018-07-26 11:13:01 +02:00
Cache Merge branch '4.1' 2018-08-24 12:22:37 +02:00
Config feature #28027 [Config] Rename FileLoaderLoadException to LoaderLoadException (ProgMiner) 2018-08-10 09:17:45 +02:00
Console Improve support for anonymous classes 2018-08-21 14:03:16 +02:00
CssSelector Merge branch '4.1' 2018-07-26 11:13:01 +02:00
Debug Improve support for anonymous classes 2018-08-21 14:03:16 +02:00
DependencyInjection Merge branch '4.1' 2018-08-26 10:35:20 +02:00
DomCrawler cs fix 2018-08-24 12:01:11 +02:00
Dotenv Merge branch '4.1' 2018-07-26 13:25:51 +02:00
EventDispatcher Merge branch '4.1' 2018-07-26 11:13:01 +02:00
ExpressionLanguage Merge branch '4.1' 2018-07-26 11:13:01 +02:00
Filesystem Merge branch '4.1' 2018-08-18 18:57:16 +02:00
Finder Merge branch '4.1' 2018-07-26 13:25:51 +02:00
Form Merge branch '4.1' 2018-08-24 12:22:37 +02:00
HttpFoundation Merge branch '4.1' 2018-08-26 10:35:20 +02:00
HttpKernel feature #28244 [FrameworkBundle] Added new "auto" mode for framework.session.cookie_secure to turn it on when https is used (nicolas-grekas) 2018-08-27 18:19:09 +02:00
Inflector Merge branch '4.1' 2018-07-26 10:59:12 +02:00
Intl Merge branch '4.1' 2018-08-01 10:24:20 +02:00
Ldap Merge branch '4.1' 2018-07-26 11:13:01 +02:00
Lock Merge branch '4.1' 2018-08-24 12:22:37 +02:00
Messenger [Messenger] Don't make EnvelopeItemInterface extend Serializable 2018-08-24 15:12:11 +02:00
OptionsResolver Alpha-ordering for "use" statements 2018-07-26 11:03:18 +02:00
Process Merge branch '4.1' 2018-08-03 13:20:06 +02:00
PropertyAccess Merge branch '4.1' 2018-08-24 12:22:37 +02:00
PropertyInfo fix merge 2018-08-03 14:20:17 +02:00
Routing feature #27957 [Routing] Add fallback to cultureless locale for internationalized routes (fancyweb) 2018-08-10 09:25:39 +02:00
Security [FrameworkBundle] Added new "auto" mode for framework.session.cookie_secure to turn it on when https is used 2018-08-27 18:13:55 +02:00
Serializer feature #28277 [Serializer] AbstractObjectNormalizer improve performance (martiis) 2018-08-27 17:56:01 +02:00
Stopwatch Merge branch '4.1' 2018-07-26 13:01:15 +02:00
Templating Merge branch '4.1' 2018-07-26 13:25:51 +02:00
Translation Merge branch '4.1' 2018-08-08 09:59:30 +02:00
Validator [Validator] Fix precision issue regarding floats and DivisibleBy constraint 2018-08-20 16:30:22 +02:00
VarDumper Improve support for anonymous classes 2018-08-21 14:03:16 +02:00
WebLink Merge branch '4.1' 2018-07-26 11:13:01 +02:00
Workflow Merge branch '4.1' 2018-07-26 11:13:01 +02:00
Yaml Merge branch '4.1' 2018-08-18 18:57:16 +02:00