From 06b9c6f486aa1bc1a1f4b9d00b036f79e3ac3994 Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Fri, 7 Feb 2025 19:13:17 +0100 Subject: [PATCH 1/4] [Form][FrameworkBundle] Use auto-configuration to make the default CSRF token id apply only to the app; not to bundles --- DependencyInjection/FrameworkExtension.php | 6 ++---- Resources/config/form_csrf.php | 2 +- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/DependencyInjection/FrameworkExtension.php b/DependencyInjection/FrameworkExtension.php index 556a0cff6..98dd074f4 100644 --- a/DependencyInjection/FrameworkExtension.php +++ b/DependencyInjection/FrameworkExtension.php @@ -615,7 +615,7 @@ public function load(array $configs, ContainerBuilder $container): void $container->registerForAutoconfiguration(DataCollectorInterface::class) ->addTag('data_collector'); $container->registerForAutoconfiguration(FormTypeInterface::class) - ->addTag('form.type'); + ->addTag('form.type', ['csrf_token_id' => '%.form.type_extension.csrf.token_id%']); $container->registerForAutoconfiguration(FormTypeGuesserInterface::class) ->addTag('form.type_guesser'); $container->registerForAutoconfiguration(FormTypeExtensionInterface::class) @@ -777,9 +777,7 @@ private function registerFormConfiguration(array $config, ContainerBuilder $cont $container->setParameter('form.type_extension.csrf.enabled', true); $container->setParameter('form.type_extension.csrf.field_name', $config['form']['csrf_protection']['field_name']); $container->setParameter('form.type_extension.csrf.field_attr', $config['form']['csrf_protection']['field_attr']); - - $container->getDefinition('form.type_extension.csrf') - ->replaceArgument(7, $config['form']['csrf_protection']['token_id']); + $container->setParameter('.form.type_extension.csrf.token_id', $config['form']['csrf_protection']['token_id']); } else { $container->setParameter('form.type_extension.csrf.enabled', false); } diff --git a/Resources/config/form_csrf.php b/Resources/config/form_csrf.php index c63d087c8..a86bb7c60 100644 --- a/Resources/config/form_csrf.php +++ b/Resources/config/form_csrf.php @@ -24,7 +24,7 @@ param('validator.translation_domain'), service('form.server_params'), param('form.type_extension.csrf.field_attr'), - abstract_arg('framework.form.csrf_protection.token_id'), + param('.form.type_extension.csrf.token_id'), ]) ->tag('form.type_extension') ; From 53cad5c6cfee42bb2c026b907313592ae9eefb8d Mon Sep 17 00:00:00 2001 From: Quentin Schuler Date: Fri, 21 Feb 2025 14:41:03 +0100 Subject: [PATCH 2/4] [FrameworkBundle] Disable the keys normalization of the CSRF form field attributes The form.csrf_protection.field_attr configuration node value should remain as-is when defined. The default behavior of the configuration component is to normalize keys, but in that specific cases, keys becomes HTML attributes and therefore should not be changed. This commit fix that behaviour for the specific node. --- DependencyInjection/Configuration.php | 1 + Tests/DependencyInjection/ConfigurationTest.php | 16 ++++++++++++++++ 2 files changed, 17 insertions(+) diff --git a/DependencyInjection/Configuration.php b/DependencyInjection/Configuration.php index 678698f4d..4d494eed0 100644 --- a/DependencyInjection/Configuration.php +++ b/DependencyInjection/Configuration.php @@ -250,6 +250,7 @@ private function addFormSection(ArrayNodeDefinition $rootNode, callable $enableI ->scalarNode('field_name')->defaultValue('_token')->end() ->arrayNode('field_attr') ->performNoDeepMerging() + ->normalizeKeys(false) ->scalarPrototype()->end() ->defaultValue(['data-controller' => 'csrf-protection']) ->end() diff --git a/Tests/DependencyInjection/ConfigurationTest.php b/Tests/DependencyInjection/ConfigurationTest.php index 53706d2e0..6f3363f39 100644 --- a/Tests/DependencyInjection/ConfigurationTest.php +++ b/Tests/DependencyInjection/ConfigurationTest.php @@ -699,6 +699,22 @@ public function testSerializerJsonDetailedErrorMessagesNotSetByDefaultWithDebugD $this->assertSame([], $config['serializer']['default_context'] ?? []); } + public function testFormCsrfProtectionFieldAttrDoNotNormalizeKeys() + { + $processor = new Processor(); + $config = $processor->processConfiguration(new Configuration(false), [ + [ + 'form' => [ + 'csrf_protection' => [ + 'field_attr' => ['data-example-attr' => 'value'], + ], + ], + ], + ]); + + $this->assertSame(['data-example-attr' => 'value'], $config['form']['csrf_protection']['field_attr'] ?? []); + } + protected static function getBundleDefaultConfig() { return [ From 33b50cb778f469fbd185629f3c7adfb12bf65f2c Mon Sep 17 00:00:00 2001 From: fabi Date: Fri, 14 Feb 2025 20:13:35 +0100 Subject: [PATCH 3/4] [Mailer] fix multiple transports default injection --- DependencyInjection/FrameworkExtension.php | 1 - Resources/config/mailer.php | 5 +---- Tests/DependencyInjection/FrameworkExtensionTestCase.php | 3 +-- 3 files changed, 2 insertions(+), 7 deletions(-) diff --git a/DependencyInjection/FrameworkExtension.php b/DependencyInjection/FrameworkExtension.php index f918eafbb..3a518bee7 100644 --- a/DependencyInjection/FrameworkExtension.php +++ b/DependencyInjection/FrameworkExtension.php @@ -2660,7 +2660,6 @@ private function registerMailerConfiguration(array $config, ContainerBuilder $co } $transports = $config['dsn'] ? ['main' => $config['dsn']] : $config['transports']; $container->getDefinition('mailer.transports')->setArgument(0, $transports); - $container->getDefinition('mailer.default_transport')->setArgument(0, current($transports)); $mailer = $container->getDefinition('mailer.mailer'); if (false === $messageBus = $config['message_bus']) { diff --git a/Resources/config/mailer.php b/Resources/config/mailer.php index 9eb545ca2..7a3a95739 100644 --- a/Resources/config/mailer.php +++ b/Resources/config/mailer.php @@ -46,10 +46,7 @@ ]) ->set('mailer.default_transport', TransportInterface::class) - ->factory([service('mailer.transport_factory'), 'fromString']) - ->args([ - abstract_arg('env(MAILER_DSN)'), - ]) + ->alias('mailer.default_transport', 'mailer.transports') ->alias(TransportInterface::class, 'mailer.default_transport') ->set('mailer.messenger.message_handler', MessageHandler::class) diff --git a/Tests/DependencyInjection/FrameworkExtensionTestCase.php b/Tests/DependencyInjection/FrameworkExtensionTestCase.php index c891ec143..7f94b83ce 100644 --- a/Tests/DependencyInjection/FrameworkExtensionTestCase.php +++ b/Tests/DependencyInjection/FrameworkExtensionTestCase.php @@ -2103,8 +2103,7 @@ public function testMailer(string $configFile, array $expectedTransports, array $this->assertTrue($container->hasAlias('mailer')); $this->assertTrue($container->hasDefinition('mailer.transports')); $this->assertSame($expectedTransports, $container->getDefinition('mailer.transports')->getArgument(0)); - $this->assertTrue($container->hasDefinition('mailer.default_transport')); - $this->assertSame(current($expectedTransports), $container->getDefinition('mailer.default_transport')->getArgument(0)); + $this->assertTrue($container->hasAlias('mailer.default_transport')); $this->assertTrue($container->hasDefinition('mailer.envelope_listener')); $l = $container->getDefinition('mailer.envelope_listener'); $this->assertSame('sender@example.org', $l->getArgument(0)); From c796e22376bb1d23be0d1d5d1b6c49befdf08add Mon Sep 17 00:00:00 2001 From: Wolfgang Klinger Date: Thu, 12 Dec 2024 10:44:13 +0100 Subject: [PATCH 4/4] [Messenger] Filter out non-consumable receivers when registering `ConsumeMessagesCommand` --- DependencyInjection/FrameworkExtension.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/DependencyInjection/FrameworkExtension.php b/DependencyInjection/FrameworkExtension.php index f918eafbb..61f68c198 100644 --- a/DependencyInjection/FrameworkExtension.php +++ b/DependencyInjection/FrameworkExtension.php @@ -2282,13 +2282,17 @@ private function registerMessengerConfiguration(array $config, ContainerBuilder $transportRateLimiterReferences = []; foreach ($config['transports'] as $name => $transport) { $serializerId = $transport['serializer'] ?? 'messenger.default_serializer'; + $tags = [ + 'alias' => $name, + 'is_failure_transport' => \in_array($name, $failureTransports), + ]; + if (str_starts_with($transport['dsn'], 'sync://')) { + $tags['is_consumable'] = false; + } $transportDefinition = (new Definition(TransportInterface::class)) ->setFactory([new Reference('messenger.transport_factory'), 'createTransport']) ->setArguments([$transport['dsn'], $transport['options'] + ['transport_name' => $name], new Reference($serializerId)]) - ->addTag('messenger.receiver', [ - 'alias' => $name, - 'is_failure_transport' => \in_array($name, $failureTransports), - ]) + ->addTag('messenger.receiver', $tags) ; $container->setDefinition($transportId = 'messenger.transport.'.$name, $transportDefinition); $senderAliases[$name] = $transportId;