8000 Fix #44434 by simonchrz · Pull Request #44436 · symfony/symfony · GitHub
[go: up one dir, main page]
Skip to content

Fix #44434 #44436

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 5 commits into from
Closed

Fix #44434 #44436

wants to merge 5 commits into from

Conversation

simonchrz
Copy link
Contributor
Q A
Branch? 5.4
Bug fix? yes
New feature? no
Deprecations? no
Tickets Fix #44434
License MIT

The function onKernelResponse() removes possible Set-Cookie headers from headers_list by using SessionUtils::popSessionCookie($sessionName, $sessionCookiePath);
https://github.com/symfony/symfony/blob/5.4/src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php#L149

2nd expected parameter of SessionUtils::popSessionCookie function is the sessionId, not the $sessionCookiePath
https://github.com/symfony/symfony/blob/v5.4.0/src/Symfony/Component/HttpFoundation/Session/SessionUtils.php#L28

wouterj and others added 5 commits December 2, 2021 18:39
@wouterj
Fix compatibility with symfony/security-core 6.x
e044b17
@fabpot
bug #44427 [FrameworkBundle] Fix compatibility with symfony/security-…
3fe93d6 
…core 6.x (deps=high tests) (wouterj)

This PR was merged into the 5.3 branch.

Discussion
----------

[FrameworkBundle] Fix compatibility with symfony/security-core 6.x (deps=high tests)

| Q             | A
| ------------- | ---
| Branch?       | 5.3
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Tickets       | -
| License       | MIT
| Doc PR        | -

Complete diff of this PR must be removed when upmerging to 6.0.

Commits
-------

e044b17 Fix compatibility with symfony/security-core 6.x
@fabpot
Merge branch '5.3' into 5.4
6c8513a 
* 5.3:
  Fix compatibility with symfony/security-core 6.x
@wouterj
Fix merge
481cb9e
@simonchrz
use $sessionId instead of $sessionCookiePath on SessionUtils::popSess…
f58c663 
…ionCookie call
@carsonbot carsonbot added this to the 6.1 milestone Dec 3, 2021
@xabbuh xabbuh modified the milestones: 6.1, 5.4 Dec 3, 2021
@simonchrz simonchrz closed this Dec 3, 2021
@simonchrz simonchrz deleted the fix-44434 branch December 3, 2021 10:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Bug Status: Needs Review
Projects
None yet
Milestone
5.4
Development

Successfully merging this pull request may close these issues.

[HttpKernel] wrong usage of SessionUtils::popSessionCookie AbstractSessionListener
5 participants
@simonchrz @xabbuh @carsonbot @wouterj @fabpot
0