This repository has been archived on 2023-08-20. You can view files and clone it, but cannot push or open issues or pull requests.

Nicolas Grekas f3ac9f51ef bug #25508 [FrameworkBundle] Auto-enable CSRF if the component *+ session* are loaded (nicolas-grekas) ... This PR was merged into the 3.4 branch. Discussion ---------- [FrameworkBundle] Auto-enable CSRF if the component *+ session* are loaded | Q | A | ------------- | --- | Branch? | 3.4 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | https://github.com/symfony/recipes/issues/262 | License | MIT | Doc PR | - By binding CSRF and session default state, we provide better DX, but we also provide a way for bundles to enable session on its own: they just need to require "symfony/security-csrf". Yes, that's a side effect, but I think that's a nice one for 3.4/4.0. Of course, we might do better in 4.1, but for bug fix only releases, LGTM. Commits ------- 9e8231f [FrameworkBundle] Automatically enable the CSRF if component *+ session* are loaded		2018-01-16 15:44:24 +01:00
..
Compiler	Merge branch '3.3' into 3.4	2018-01-10 12:30:01 +01:00
Configuration.php	[FrameworkBundle] Automatically enable the CSRF if component *+ session* are loaded	2018-01-09 14:58:36 +01:00
FrameworkExtension.php	bug #25508 [FrameworkBundle] Auto-enable CSRF if the component *+ session* are loaded (nicolas-grekas)	2018-01-16 15:44:24 +01:00