Skip to content

Namespace generated CSRF tokens depending of the current scheme #24992

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
fabpot merged 1 commit into from
Nov 16, 2017
Merged

Namespace generated CSRF tokens depending of the current scheme #24992

fabpot merged 1 commit into from
Nov 16, 2017

Conversation

@fabpot
Copy link
Member

@fabpot fabpot commented Nov 16, 2017

Q A
Branch? 2.7
Bug fix? yes
New feature? no
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets n/a
License MIT
Doc PR n/a

@fabpot
Copy link
Member Author

fabpot commented Nov 16, 2017

Thank you @dunglas.

@nicolas-grekas nicolas-grekas added this to the 2.7 milestone Nov 16, 2017
@fabpot fabpot merged commit cdb4271 into symfony:2.7 Nov 16, 2017
fabpot added a commit that referenced this pull request Nov 16, 2017
@fabpot
security #24992 Namespace generated CSRF tokens depending of the curr…
b4dbdd7 
…ent scheme (dunglas)

This PR was merged into the 2.7 branch.

Discussion
----------

Namespace generated CSRF tokens depending of the current scheme

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | n/a
| License       | MIT
| Doc PR        | n/a

<!--
- Bug fixes must be submitted against the lowest branch where they apply
  (lowest branches are regularly merged to upper ones so they get the fixes too).
- Features and deprecations must be submitted against the master branch.
- Please fill in this template according to the PR you're about to submit.
- Replace this comment by a description of what your PR is solving.
-->

Commits
-------

cdb4271 [Security] Namespace generated CSRF tokens depending of the current scheme
@symfony symfony locked and limited conversation to collaborators Nov 16, 2017
@fabpot fabpot deleted the https-csrf branch January 14, 2019 11:01
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

Bug Status: Needs Review

Projects

None yet

Milestone

2.7

Development

Successfully merging this pull request may close these issues.

4 participants

@fabpot @nicolas-grekas @carsonbot @dunglas