8000 [SecurityBundle] Properly escape regex in AddSessionDomainConstraintPass · symfony/symfony@de03cee · GitHub
[go: up one dir, main page]

Skip to content

Commit de03cee

Browse files
committed
[SecurityBundle] Properly escape regex in AddSessionDomainConstraintPass
1 parent 3b42ca9 commit de03cee

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

src/Symfony/Bundle/SecurityBundle/DependencyInjection/Compiler/AddSessionDomainConstraintPass.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ public function process(ContainerBuilder $container)
3131
}
3232

3333
$sessionOptions = $container->getParameter('session.storage.options');
34-
$domainRegexp = empty($sessionOptions['cookie_domain']) ? '%s' : sprintf('(?:%%s|(?:.+\.)?%s)', preg_quote(trim($sessionOptions['cookie_domain'], '.')));
34+
$domainRegexp = empty($sessionOptions['cookie_domain']) ? '%%s' : sprintf('(?:%%%%s|(?:.+\.)?%s)', preg_quote(trim($sessionOptions['cookie_domain'], '.')));
3535
$domainRegexp = (empty($sessionOptions['cookie_secure']) ? 'https?://' : 'https://').$domainRegexp;
3636

3737
$container->findDefinition('security.http_utils')->addArgument(sprintf('{^%s$}i', $domainRegexp));

0 commit comments

Comments
 (0)
0