74461cc2db
This PR was merged into the 4.2-dev branch.
Discussion
----------
[FrameworkBundle] Added new "auto" mode for `framework.session.cookie_secure` to turn it on when https is used
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets | -
| License | MIT
| Doc PR | -
I'm pretty sure we're many forgetting to make session cookies "secure".
Here is an "auto" mode that makes them secure automatically when the session is started on requests with the "https" scheme.
Commits
-------
|
||
---|---|---|
.. | ||
Asset | ||
BrowserKit | ||
Cache | ||
Config | ||
Console | ||
CssSelector | ||
Debug | ||
DependencyInjection | ||
DomCrawler | ||
Dotenv | ||
EventDispatcher | ||
ExpressionLanguage | ||
Filesystem | ||
Finder | ||
Form | ||
HttpFoundation | ||
HttpKernel | ||
Inflector | ||
Intl | ||
Ldap | ||
Lock | ||
Messenger | ||
OptionsResolver | ||
Process | ||
PropertyAccess | ||
PropertyInfo | ||
Routing | ||
Security | ||
Serializer | ||
Stopwatch | ||
Templating | ||
Translation | ||
Validator | ||
VarDumper | ||
WebLink | ||
Workflow | ||
Yaml |