diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.
f2d687a08f
symfony/src/Symfony/Component
History
Fabien Potencier f2d687a08f feature #25669 [Security] Fail gracefully if the security token cannot be unserialized from the session (thewilkybarkid) 
This PR was merged into the 2.7 branch.

Discussion
----------

[Security] Fail gracefully if the security token cannot be unserialized from the session

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets |
| License       | MIT
| Doc PR        |

If the security token in the session can't be unserialized, an `E_NOTICE` is issued. This prevents it (and provides a better log message if it's not even a `__PHP_Incomplete_Class`).

This is similar to #24731, but I saw it triggered when changing OAuth library (https://github.com/elifesciences/journal/pull/824), so the token class itself no longer exists. (I want to avoid having to manually invalidate all sessions, as not all sessions use that token class.)

Commits
-------

053fa43add [Security] Fail gracefully if the security token cannot be unserialized from the session
2018-01-08 14:01:11 +01:00
..
Asset fixed years in copyright 2018-01-03 08:23:28 +01:00
BrowserKit fixed years in copyright 2018-01-03 08:23:28 +01:00
ClassLoader fixed years in copyright 2018-01-03 08:23:28 +01:00
Config fixed years in copyright 2018-01-03 08:23:28 +01:00
Console fixed years in copyright 2018-01-03 08:23:28 +01:00
CssSelector fixed years in copyright 2018-01-03 08:23:28 +01:00
Debug minor #25653 PHP CS Fixer: clean up repo and adjust config (keradus) 2018-01-03 18:10:39 +01:00
DependencyInjection fixed years in copyright 2018-01-03 08:23:28 +01:00
DomCrawler fixed years in copyright 2018-01-03 08:23:28 +01:00
EventDispatcher fixed years in copyright 2018-01-03 08:23:28 +01:00
ExpressionLanguage fixed years in copyright 2018-01-03 08:23:28 +01:00
Filesystem fixed years in copyright 2018-01-03 08:23:28 +01:00
Finder fixed years in copyright 2018-01-03 08:23:28 +01:00
Form [Form] AbstractLayoutTest - fix DOMDocument casing 2018-01-07 00:30:09 +01:00
HttpFoundation minor #25653 PHP CS Fixer: clean up repo and adjust config (keradus) 2018-01-03 18:10:39 +01:00
HttpKernel bumped Symfony version to 2.7.41 2018-01-05 06:53:01 +01:00
Intl fixed years in copyright 2018-01-03 08:23:28 +01:00
Locale fixed years in copyright 2018-01-03 08:23:28 +01:00
OptionsResolver fixed years in copyright 2018-01-03 08:23:28 +01:00
Process fixed years in copyright 2018-01-03 08:23:28 +01:00
PropertyAccess fixed years in copyright 2018-01-03 08:23:28 +01:00
Routing bug #25491 [Routing] Use the default host even if context is empty (sroze) 2018-01-03 19:00:19 +01:00
Security [Security] Fail gracefully if the security token cannot be unserialized from the session 2018-01-07 10:03:03 +01:00
Serializer fixed years in copyright 2018-01-03 08:23:28 +01:00
Stopwatch fixed years in copyright 2018-01-03 08:23:28 +01:00
Templating fixed years in copyright 2018-01-03 08:23:28 +01:00
Translation fixed years in copyright 2018-01-03 08:23:28 +01:00
Validator bug #25529 [Validator] Fix access to root object when using composite constraint (ostrolucky) 2018-01-03 09:00:37 +01:00
VarDumper Dumper shouldn't use html format for phpdbg 2018-01-03 11:33:04 +01:00
Yaml fixed years in copyright 2018-01-03 08:23:28 +01:00