8000 bug #40547 [RateLimiter] Security hardening - Rate limiter (jderusse) · symfony/symfony@0f4870b · GitHub
[go: up one dir, main page]
Skip to content

Commit 0f4870b

Browse files
NyholmNyholm
committed
bug #40547 [RateLimiter] Security hardening - Rate limiter (jderusse)
This PR was merged into the 5.2 branch. Discussion ---------- [RateLimiter] Security hardening - Rate limiter | Q | A | ------------- | --- | Branch? | 5.2 | Bug fix? | yes | New feature? | no | Deprecations? | yes | Tickets | - | License | MIT | Doc PR | - Commits ------- e61553a Security hardening - Rate limiter
2 parents 7611d24 + e61553a commit 0f4870b

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

src/Symfony/Component/RateLimiter/RateLimiterFactory.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ public function __construct(array $config, StorageInterface $storage, ?LockFacto
4646

4747
public function create(?string $key = null): LimiterInterface
4848
{
49-
$id = $this->config['id'].$key;
49+
$id = $this->config['id'].'-'.$key;
5050
$lock = $this->lockFactory ? $this->lockFactory->createLock($id) : new NoLock();
5151

5252
switch ($this->config['policy']) {

src/Symfony/Component/Security/Http/RateLimiter/DefaultLoginRateLimiter.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ protected function getLimiters(Request $request): array
4141
{
4242
return [
4343
$this->globalFactory->create($request->getClientIp()),
44-
$this->localFactory->create($request->attributes->get(Security::LAST_USERNAME).$request->getClientIp()),
44+
$this->localFactory->create($request->attributes->get(Security::LAST_USERNAME).'-'.$request->getClientIp()),
4545
];
4646
}
4747
}

0 commit comments

Comments
 (0)
0