Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make CsrfTokenManager public #487

Merged
merged 3 commits into from
Oct 18, 2022

Conversation

Zales0123
Copy link
Member

@Zales0123 Zales0123 commented Oct 18, 2022

Q A
Bug fix? yes
New feature? no
BC breaks? no
Deprecations? no
Related tickets fixes #477
License MIT

We, unfortunately, rely on this service to be public in the ResourceController :/

I've covered the bug with a test (by adding a "delete" button to the test UI) and added explicit Symfony 6.0 and 6.1 testing in the workflow 🖖

Thank you, @dannyvw, for reporting this bug! 🏅

@Zales0123 Zales0123 added the Bug Confirmed bugs or bugfixes. label Oct 18, 2022
@Zales0123 Zales0123 requested a review from a team as a code owner October 18, 2022 10:08
@Zales0123 Zales0123 force-pushed the make-csrf-token-manager-public branch from 4931044 to dfeba75 Compare October 18, 2022 10:08
/**
* TODO Remove on sylius/resource-bundle 2.0
*/
final class CsrfTokenManagerPass implements CompilerPassInterface
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It would be just the art for the sake of art, but we could try to cover this pass with configuration test as well :P

@Zales0123 Zales0123 merged commit 46b2938 into Sylius:1.10 Oct 18, 2022
@Zales0123 Zales0123 deleted the make-csrf-token-manager-public branch October 18, 2022 11:32
Zales0123 added a commit that referenced this pull request Oct 18, 2022
- [#341](#341) Dropping usage of Request->get ([@loic425](https://github.com/loic425), [@Zales0123](https://github.com/Zales0123))
- [#450](#450) Adjust when some runtime deprecation notices are triggered and use Symfony's trigger_deprecation() helper ([@mbabker](https://github.com/mbabker))
- [#467](#467) [README] Add development section and update links ([@lchrusciel](https://github.com/lchrusciel))
- [#478](#478) Add tests with grids ([@loic425](https://github.com/loic425))
- [#487](#487) Make CsrfTokenManager public ([@Zales0123](https://github.com/Zales0123))
- [#488](#488) Return 422 status code when the form fails ([@belmeopmenieuwesim](https://github.com/belmeopmenieuwesim), [@Zales0123](https://github.com/Zales0123))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Bug Confirmed bugs or bugfixes.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Symfony 6.1 csrf protection
3 participants