8000 minor #56831 [SecurityBundle] Use %container.build_hash% instead of %… · symfony/symfony@4fae754 · GitHub
[go: up one dir, main page]
Skip to content

Commit 4fae754

Browse files
fabpot 8000 fabpot
committed
minor #56831 [SecurityBundle] Use %container.build_hash% instead of %kernel.secret% with the rate-limiter (nicolas-grekas)
This PR was merged into the 7.1 branch. Discussion ---------- [SecurityBundle] Use %container.build_hash% instead of %kernel.secret% with the rate-limiter | Q | A | ------------- | --- | Branch? | 7.2 | Bug fix? | no | New feature? | no | Deprecations? | no | Issues | - | License | MIT In #51434, we decided to hash the username and the client IP in order to anonymize logs. I propose to use %container.build_hash% instead of %kernel.secret% in order to use %kernel.secret% one less time. %container.build_hash% looks good enough to me, and it doesn't need any external configuration. Related to the discussion happening in symfony/recipes#1314 Commits ------- 574f573 [SecurityBundle] Use %container.build_hash% instead of %kernel.secret% with the rate-limiter
2 parents e38be3a + 574f573 commit 4fae754

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

src/Symfony/Bundle/SecurityBundle/DependencyInjection/Security/Factory/LoginThrottlingFactory.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -76,7 +76,7 @@ public function createAuthenticator(ContainerBuilder $container, string $firewal
7676
$container->register($config['limiter'] = 'security.login_throttling.'.$firewallName.'.limiter', DefaultLoginRateLimiter::class)
7777
->addArgument(new Reference('limiter.'.$globalId))
7878
->addArgument(new Reference('limiter.'.$localId))
79-
->addArgument('%kernel.secret%')
79+
->addArgument('%container.build_hash%')
8080
;
8181
}
8282

0 commit comments

Comments
 (0)
0