8000 Add a normalization step for the user-identifier in firewalls · Issue #49269 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content
Add a normalization step for the user-identifier in firewalls #49269
New issue
New issue
Closed
#51744
Closed
Add a normalization step for the user-identifier in firewalls#49269
#51744
Labels
Help wantedIssues and PRs which are looking for volunteers to complete them.Security
@nicolas-grekas

Description

@nicolas-grekas
nicolas-grekas
opened on Feb 6, 2023

When user identifiers are submitted, what about normalizing them before hitting the rate-limiter and then the provider?
That'd allow easier comparisons, and maybe some more hardening against spoofing/confusables.

Related to #49268

A simple normalizer could eg lowercase + turn them in NFKC.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Help wantedIssues and PRs which are looking for volunteers to complete them.Security

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0