symfony
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
Lines changed: 2 additions & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/FrameworkExtension.php
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Resources/config/session.xml
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bundle/FrameworkBundle/Resources/config/session.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/ConfigurationTest.php
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/full.php
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/full.php
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/full.yml
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/full.yml
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
Lines changed: 1 addition & 0 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTest.php
Lines changed: 1 addition & 0 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
Lines changed: 5 additions & 5 deletions b/‎src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
Lines changed: 5 additions & 5 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/EventListener/SessionListener.php
Lines changed: 2 additions & 2 deletions b/‎src/Symfony/Component/HttpKernel/EventListener/SessionListener.php
Lines changed: 2 additions & 2 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
Lines changed: 4 additions & 4 deletions b/‎src/Symfony/Component/HttpKernel/Tests/EventListener/SessionListenerTest.php
Lines changed: 4 additions & 4 deletions
@@ -18,6 +18,7 @@ CHANGELOG
  * Made `BrowserKitAssertionsTrait` report the original error message in case of a failure
  * Added ability for `config:dump-reference` and `debug:config` to dump and debug kernel container extension configuration.
  * Deprecated `session.attribute_bag` service and `session.flash_bag` service.
+ * Added `session.strict_statless` option to configure the strictness of stateless reporting
 
 5.0.0
 -----
 
@@ -540,6 +540,7 @@ private function addSessionSection(ArrayNodeDefinition $rootNode)
                             ->min(4)
                             ->max(6)
                         ->end()
+                        ->booleanNode('strict_stateless')->defaultValue('%kernel.debug%')->end()
                     ->end()
                 ->end()
             ->end()
 
@@ -972,6 +972,8 @@ private function registerSessionConfiguration(array $config, ContainerBuilder $c
         $container->setParameter('session.save_path', $config['save_path']);
 
         $container->setParameter('session.metadata.update_threshold', $config['metadata_update_threshold']);
+
+        $container->setParameter('session.strict_stateless', $config['strict_stateless']);
     }
 
     private function registerRequestConfiguration(array $config, ContainerBuilder $container, XmlFileLoader $loader)
 
@@ -117,6 +117,7 @@
         <xsd:attribute name="metadata-update-threshold" type="xsd:nonNegativeInteger" />
         <xsd:attribute name="sid-length" type="sid_length" />
         <xsd:attribute name="sid-bits-per-character" type="sid_bits_per_character" />
+        <xsd:attribute name="strict-stateless" type="xsd:boolean" />
     </xsd:complexType>
 
     <xsd:complexType name="request">
 
@@ -78,7 +78,7 @@
                 <argument key="initialized_session" type="service" id="session" on-invalid="ignore_uninitialized" />
                 <argument key="logger" type="service" id="logger" on-invalid="ignore" />
             </argument>
-            <argument>%kernel.debug%</argument>
+            <argument>%session.strict_stateless%</argument> <!-- strictStatelessReport -->
         </service>
 
         <!-- for BC -->
 
@@ -429,6 +429,7 @@ protected static function getBundleDefaultConfig()
                 'gc_probability' => 1,
                 'save_path' => '%kernel.cache_dir%/sessions',
                 'metadata_update_threshold' => 0,
+                'strict_stateless' => '%kernel.debug%',
             ],
             'request' => [
                 'enabled' => false,
 
@@ -41,6 +41,7 @@
         'sid_length' => 22,
         'sid_bits_per_character' => 4,
         'save_path' => '/path/to/sessions',
+        'strict_stateless' => true,
     ],
     'assets' => [
         'version' => 'v1',
 
@@ -15,7 +15,7 @@
         <framework:ssi enabled="true" />
         <framework:profiler only-exceptions="true" enabled="false" />
         <framework:router resource="%kernel.project_dir%/config/routing.xml" type="xml" utf8="true" />
-        <framework:session gc-maxlifetime="90000" gc-probability="1" gc-divisor="108" storage-id="session.storage.native" handler-id="session.handler.native_file" name="_SYMFONY" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-httponly="false" use-cookies="true" save-path="/path/to/sessions" sid-length="22" sid-bits-per-character="4" />
+        <framework:session gc-maxlifetime="90000" gc-probability="1" gc-divisor="108" storage-id="session.storage.native" handler-id="session.handler.native_file" name="_SYMFONY" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-httponly="false" use-cookies="true" save-path="/path/to/sessions" sid-length="22" sid-bits-per-character="4" strict-stateless="true" />
         <framework:request>
             <framework:format name="csv">
                 <framework:mime-type>text/csv</framework:mime-type>
 
@@ -33,6 +33,7 @@ framework:
         sid_length:      22
         sid_bits_per_character: 4
         save_path:       /path/to/sessions
+        strict_stateless: true
     assets:
         version: v1
     translator:
 
@@ -478,6 +478,7 @@ public function testSession()
         $this->assertEquals('fr', $container->getParameter('kernel.default_locale'));
         $this->assertEquals('session.storage.native', (string) $container->getAlias('session.storage'));
         $this->assertEquals('session.handler.native_file', (string) $container->getAlias('session.handler'));
+        $this->assertTrue($container->getParameter('session.strict_stateless'));
 
         $options = $container->getParameter('session.storage.options');
         $this->assertEquals('_SYMFONY', $options['name']);
 
@@ -42,12 +42,12 @@ abstract class AbstractSessionListener implements EventSubscriberInterface
 
     protected $container;
     private $sessionUsageStack = [];
-    private $debug;
+    private $strictStatelessReport;
 
-    public function __construct(ContainerInterface $container = null, bool $debug = false)
+    public function __construct(ContainerInterface $container = null, bool $strictStatelessReport = false)
     {
         $this->container = $container;
-        $this->debug = $debug;
+        $this->strictStatelessReport = $strictStatelessReport;
     }
 
     public function onKernelRequest(RequestEvent $event)
@@ -130,7 +130,7 @@ public function onKernelResponse(ResponseEvent $event)
             return;
         }
 
-        if ($this->debug) {
+        if ($this->strictStatelessReport) {
             throw new UnexpectedSessionUsageException('Session was used while the request was declared stateless.');
         }
 
@@ -148,7 +148,7 @@ public function onFinishRequest(FinishRequestEvent $event)
 
     public function onSessionUsage(): void
     {
-        if (!$this->debug) {
+        if (!$this->strictStatelessReport) {
             return;
         }
 
 
@@ -28,9 +28,9 @@
  */
 class SessionListener extends AbstractSessionListener
 {
-    public function __construct(ContainerInterface $container, bool $debug = false)
+    public function __construct(ContainerInterface $container, bool $strictStatelessReport = false)
     {
-        parent::__construct($container, $debug);
+        parent::__construct($container, $strictStatelessReport);
     }
 
     protected function getSession(): ?SessionInterface
 
@@ -181,7 +181,7 @@ public function testSurrogateMasterRequestIsPublic()
         $this->assertLessThanOrEqual((new \DateTime('now', new \DateTimeZone('UTC'))), (new \DateTime($response->headers->get('Expires'))));
     }
 
-    public function testSessionUsageExceptionIfStatelessAndSessionUsed()
+    public function testSessionUsageExceptionWhenStrictStatelessAndSessionUsed()
     {
         $session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();
         $session->expects($this->exactly(2))->method('getUsageIndex')->will($this->onConsecutiveCalls(0, 1));
@@ -200,7 +200,7 @@ public function testSessionUsageExceptionIfStatelessAndSessionUsed()
         $listener->onKernelResponse(new ResponseEvent($kernel, $request, HttpKernelInterface::MASTER_REQUEST, new Response()));
     }
 
-    public function testSessionUsageLogIfStatelessAndSessionUsed()
+    public function testSessionUsageLogWhenNotStrictStatelessAndSessionUsed()
     {
         $session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();
         $session->expects($this->exactly(2))->method('getUsageIndex')->will($this->onConsecutiveCalls(0, 1));
@@ -245,7 +245,7 @@ public function testSessionIsSavedWhenUnexpectedSessionExceptionThrown()
         $listener->onKernelResponse(new ResponseEvent($kernel, $request, HttpKernelInterface::MASTER_REQUEST, $response));
     }
 
-    public function testSessionUsageCallbackWhenDebugAndStateless()
+    public function testSessionUsageCallbackWhenStrictAndStateless()
     {
         $session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();
         $session->method('isStarted')->willReturn(true);
@@ -268,7 +268,7 @@ public function testSessionUsageCallbackWhenDebugAndStateless()
         (new SessionListener($container, true))->onSessionUsage();
     }
 
-    public function testSessionUsageCallbackWhenNoDebug()
+    public function testSessionUsageCallbackWhenNotStrict()
     {
         $session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();
         $session->method('isStarted')->willReturn(true);
-Original file line number
+Diff line change
                             ->min(4)
                             ->max(6)
                         ->end()
 +                        ->booleanNode('strict_stateless')->defaultValue('%kernel.debug%')->end()
                     ->end()
                 ->end()
             ->end()
Original file line number	Diff line number	Diff line change
`@@ -972,6 +972,8 @@ private function registerSessionConfiguration(array $config, ContainerBuilder $c`
`972`	`972`	`$container->setParameter('session.save_path', $config['save_path']);`
`973`	`973`
`974`	`974`	`$container->setParameter('session.metadata.update_threshold', $config['metadata_update_threshold']);`
	`975`	`+`
	`976`	`+ $container->setParameter('session.strict_stateless', $config['strict_stateless']);`
`975`	`977`	`}`
`976`	`978`
`977`	`979`	`private function registerRequestConfiguration(array $config, ContainerBuilder $container, XmlFileLoader $loader)`
Original file line number	Diff line number	Diff line change
`@@ -42,12 +42,12 @@ abstract class AbstractSessionListener implements EventSubscriberInterface`
`42`	`42`
`43`	`43`	`protected $container;`
`44`	`44`	`private $sessionUsageStack = [];`
`45`		`- private $debug;`
	`45`	`+ private $strictStatelessReport;`
`46`	`46`
`47`		`- public function __construct(ContainerInterface $container = null, bool $debug = false)`
	`47`	`+ public function __construct(ContainerInterface $container = null, bool $strictStatelessReport = false)`
`48`	`48`	`{`
`49`	`49`	`$this->container = $container;`
`50`		`- $this->debug = $debug;`
	`50`	`+ $this->strictStatelessReport = $strictStatelessReport;`
`51`	`51`	`}`
`52`	`52`
`53`	`53`	`public function onKernelRequest(RequestEvent $event)`
`@@ -130,7 +130,7 @@ public function onKernelResponse(ResponseEvent $event)`
`130`	`130`	`return;`
`131`	`131`	`}`
`132`	`132`
`133`		`- if ($this->debug) {`
	`133`	`+ if ($this->strictStatelessReport) {`
`134`	`134`	`throw new UnexpectedSessionUsageException('Session was used while the request was declared stateless.');`
`135`	`135`	`}`
`136`	`136`
`@@ -148,7 +148,7 @@ public function onFinishRequest(FinishRequestEvent $event)`
`148`	`148`
`149`	`149`	`public function onSessionUsage(): void`
`150`	`150`	`{`
`151`		`- if (!$this->debug) {`
	`151`	`+ if (!$this->strictStatelessReport) {`
`152`	`152`	`return;`
`153`	`153`	`}`
`154`	`154`
Original file line number	Diff line number	Diff line change
`@@ -28,9 +28,9 @@`
`28`	`28`	`*/`
`29`	`29`	`class SessionListener extends AbstractSessionListener`
`30`	`30`	`{`
`31`		`- public function __construct(ContainerInterface $container, bool $debug = false)`
	`31`	`+ public function __construct(ContainerInterface $container, bool $strictStatelessReport = false)`
`32`	`32`	`{`
`33`		`- parent::__construct($container, $debug);`
	`33`	`+ parent::__construct($container, $strictStatelessReport);`
`34`	`34`	`}`
`35`	`35`
`36`	`36`	`protected function getSession(): ?SessionInterface`
Original file line number	Diff line number	Diff line change
`@@ -181,7 +181,7 @@ public function testSurrogateMasterRequestIsPublic()`
`181`	`181`	`$this->assertLessThanOrEqual((new \DateTime('now', new \DateTimeZone('UTC'))), (new \DateTime($response->headers->get('Expires'))));`
`182`	`182`	`}`
`183`	`183`
`184`		`- public function testSessionUsageExceptionIfStatelessAndSessionUsed()`
	`184`	`+ public function testSessionUsageExceptionWhenStrictStatelessAndSessionUsed()`
`185`	`185`	`{`
`186`	`186`	`$session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();`
`187`	`187`	`$session->expects($this->exactly(2))->method('getUsageIndex')->will($this->onConsecutiveCalls(0, 1));`
`@@ -200,7 +200,7 @@ public function testSessionUsageExceptionIfStatelessAndSessionUsed()`
`200`	`200`	`$listener->onKernelResponse(new ResponseEvent($kernel, $request, HttpKernelInterface::MASTER_REQUEST, new Response()));`
`201`	`201`	`}`
`202`	`202`
`203`		`- public function testSessionUsageLogIfStatelessAndSessionUsed()`
	`203`	`+ public function testSessionUsageLogWhenNotStrictStatelessAndSessionUsed()`
`204`	`204`	`{`
`205`	`205`	`$session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();`
`206`	`206`	`$session->expects($this->exactly(2))->method('getUsageIndex')->will($this->onConsecutiveCalls(0, 1));`
`@@ -245,7 +245,7 @@ public function testSessionIsSavedWhenUnexpectedSessionExceptionThrown()`
`245`	`245`	`$listener->onKernelResponse(new ResponseEvent($kernel, $request, HttpKernelInterface::MASTER_REQUEST, $response));`
`246`	`246`	`}`
`247`	`247`
`248`		`- public function testSessionUsageCallbackWhenDebugAndStateless()`
	`248`	`+ public function testSessionUsageCallbackWhenStrictAndStateless()`
`249`	`249`	`{`
`250`	`250`	`$session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();`
`251`	`251`	`$session->method('isStarted')->willReturn(true);`
`@@ -268,7 +268,7 @@ public function testSessionUsageCallbackWhenDebugAndStateless()`
`268`	`268`	`(new SessionListener($container, true))->onSessionUsage();`
`269`	`269`	`}`
`270`	`270`
`271`		`- public function testSessionUsageCallbackWhenNoDebug()`
	`271`	`+ public function testSessionUsageCallbackWhenNotStrict()`
`272`	`272`	`{`
`273`	`273`	`$session = $this->getMockBuilder(Session::class)->disableOriginalConstructor()->getMock();`
`274`	`274`	`$session->method('isStarted')->willReturn(true);`