Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 60c1aae

Browse filesBrowse files
alexandre-dauboisalexandre-daubois
committed
[HttpFoundation] Deprecate passing referer_check, use_only_cookies, use_trans_sid, trans_sid_hosts and trans_sid_tags options to NativeSessionStorage 
1 parent b7572a5 commit 60c1aae
Copy full SHA for 60c1aae

File tree

6 files changed

+43
-6
lines changed
Filter options

6 files changed

+43
-6
lines changed

‎UPGRADE-7.2.md

Copy file name to clipboardExpand all lines: UPGRADE-7.2.md
+5Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,11 @@ FrameworkBundle
2929

3030
* [BC BREAK] The `secrets:decrypt-to-local` command terminates with a non-zero exit code when a secret could not be read
3131

32+
HttpFoundation
33+
--------------
34+
35+
* Deprecate passing `referer_check`, `use_only_cookies`, `use_trans_sid`, `trans_sid_hosts` and `trans_sid_tags` options to `NativeSessionStorage`
36+
3237
Ldap
3338
----
3439

‎src/Symfony/Component/HttpFoundation/CHANGELOG.md

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@ CHANGELOG
77
* Add optional `$requests` parameter to `RequestStack::__construct()`
88
* Add optional `$v4Bytes` and `$v6Bytes` parameters to `IpUtils::anonymize()`
99
* Add `PRIVATE_SUBNETS` as a shortcut for private IP address ranges to `Request::setTrustedProxies()`
10+
* Deprecate passing `referer_check`, `use_only_cookies`, `use_trans_sid`, `trans_sid_hosts` and `trans_sid_tags` options to `NativeSessionStorage`
1011

1112
7.1
1213
---

‎src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php
+9-5Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -62,16 +62,16 @@ class NativeSessionStorage implements SessionStorageInterface
6262
* gc_probability, "1"
6363
* lazy_write, "1"
6464
* name, "PHPSESSID"
65-
* referer_check, ""
65+
* referer_check, "" (deprecated since Symfony 7.2, to be removed in Symfony 8.0)
6666
* serialize_handler, "php"
6767
* use_strict_mode, "1"
6868
* use_cookies, "1"
69-
* use_only_cookies, "1"
70-
* use_trans_sid, "0"
69+
* use_only_cookies, "1" (deprecated since Symfony 7.2, to be removed in Symfony 8.0)
70+
* use_trans_sid, "0" (deprecated since Symfony 7.2, to be removed in Symfony 8.0)
7171
* sid_length, "32"
7272
* sid_bits_per_character, "5"
73-
* trans_sid_hosts, $_SERVER['HTTP_HOST']
74-
* trans_sid_tags, "a=href,area=href,frame=src,form="
73+
* trans_sid_hosts, $_SERVER['HTTP_HOST'] (deprecated since Symfony 7.2, to be removed in Symfony 8.0)
74+
* trans_sid_tags, "a=href,area=href,frame=src,form=" (deprecated since Symfony 7.2, to be removed in Symfony 8.0)
7575
*/
7676
public function __construct(array $options = [], AbstractProxy|\SessionHandlerInterface|null $handler = null, ?MetadataBag $metaBag = null)
7777
{
@@ -328,6 +328,10 @@ public function setOptions(array $options): void
328328
]);
329329

330330
foreach ($options as $key => $value) {
331+
if (\in_array($key, ['referer_check', 'use_only_cookies', 'use_trans_sid', 'trans_sid_hosts', 'trans_sid_tags'], true)) {
332+
trigger_deprecation('symfony/http-foundation', '7.2', 'NativeSessionStorage\'s "%s" option is deprecated and will be ignored in Symfony 8.0.', $key);
333+
}
334+
331335
if (isset($validOptions[$key])) {
332336
if ('cookie_secure' === $key && 'auto' === $value) {
333337
continue;

‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/Fixtures/common.inc

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/Session/Storage/Handler/Fixtures/common.inc
-1Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -28,7 +28,6 @@ ini_set('session.cookie_domain', '');
2828
ini_set('session.cookie_secure', '');
2929
ini_set('session.cookie_httponly', '');
3030
ini_set('session.use_cookies', 1);
31-
ini_set('session.use_only_cookies', 1);
3231
ini_set('session.cache_expire', 180);
3332
ini_set('session.cookie_path', '/');
3433
ini_set('session.cookie_domain', '');

‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/NativeSessionStorageTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/Session/Storage/NativeSessionStorageTest.php
+27Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
namespace Symfony\Component\HttpFoundation\Tests\Session\Storage;
1313

1414
use PHPUnit\Framework\TestCase;
15+
use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
1516
use Symfony\Component\HttpFoundation\Session\Attribute\AttributeBag;
1617
use Symfony\Component\HttpFoundation\Session\Flash\FlashBag;
1718
use Symfony\Component\HttpFoundation\Session\Storage\Handler\NativeFileSessionHandler;
@@ -32,6 +33,8 @@
3233
*/
3334
class NativeSessionStorageTest extends TestCase
3435
{
36+
use ExpectDeprecationTrait;
37+
3538
private string $savePath;
3639

3740
private $initialSessionSaveHandler;
@@ -215,10 +218,14 @@ public function testCacheExpireOption()
215218
}
216219

217220
/**
221+
* @group legacy
222+
*
218223
* The test must only be removed when the "session.trans_sid_tags" option is removed from PHP or when the "trans_sid_tags" option is no longer supported by the native session storage.
219224
*/
220225
public function testTransSidTagsOption()
221226
{
227+
$this->expectDeprecation('Since symfony/http-foundation 7.2: NativeSessionStorage\'s "trans_sid_tags" option is deprecated and will be ignored in Symfony 8.0.');
228+
222229
$previousErrorHandler = set_error_handler(function ($errno, $errstr) use (&$previousErrorHandler) {
223230
if ('ini_set(): Usage of session.trans_sid_tags INI setting is deprecated' !== $errstr) {
224231
return $previousErrorHandler ? $previousErrorHandler(...\func_get_args()) : false;
@@ -357,4 +364,24 @@ public function testSaveHandlesNullSessionGracefully()
357364

358365
$this->addToAssertionCount(1);
359366
}
367+
368+
/**
369+
* @group legacy
370+
*/
371+
public function testPassingDeprecatedOptions()
372+
{
373+
$this->expectDeprecation('Since symfony/http-foundation 7.2: NativeSessionStorage\'s "referer_check" option is deprecated and will be ignored in Symfony 8.0.');
374+
$this->expectDeprecation('Since symfony/http-foundation 7.2: NativeSessionStorage\'s "use_only_cookies" option is deprecated and will be ignored in Symfony 8.0.');
375+
$this->expectDeprecation('Since symfony/http-foundation 7.2: NativeSessionStorage\'s "use_trans_sid" option is deprecated and will be ignored in Symfony 8.0.');
376+
$this->expectDeprecation('Since symfony/http-foundation 7.2: NativeSessionStorage\'s "trans_sid_hosts" option is deprecated and will be ignored in Symfony 8.0.');
377+
$this->expectDeprecation('Since symfony/http-foundation 7.2: NativeSessionStorage\'s "trans_sid_tags" option is deprecated and will be ignored in Symfony 8.0.');
378+
379+
$this->getStorage([
380+
'referer_check' => 'foo',
381+
'use_only_cookies' => 'foo',
382+
'use_trans_sid' => 'foo',
383+
'trans_sid_hosts' => 'foo',
384+
'trans_sid_tags' => 'foo',
385+
]);
386+
}
360387
}

‎src/Symfony/Component/HttpFoundation/composer.json

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/composer.json
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
],
1818
"require": {
1919
"php": ">=8.2",
20+
"symfony/deprecation-contracts": "^2.5|^3.0",
2021
"symfony/polyfill-mbstring": "~1.1",
2122
"symfony/polyfill-php83": "^1.27"
2223
},

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.