Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 0ea374c

Browse filesBrowse files
author
Anthony MARTIN
committed
[FrameworkBundle] Add sid_length and sid_bits_per_character session ini options in configuration
| Q | A | ------------- | --- | Branch? | master | Bug fix? | no | New feature? | yes | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #29830 | License | MIT | Doc PR | n/a this a fix for the issue #29830 After deliberation, we estimate that only `sid_length` and` sid_bits_per_character` session options should be exposed. These options à optional. For others, we recommend changing your php.ini file We can now configure the session like this : ```yaml framwork: session: sid_length: 64 //optional, recommended value is 32 sid_bits_per_character: 6 //optional, recommended value is 5 ```
1 parent a6a1be8 commit 0ea374c
Copy full SHA for 0ea374c

File tree

3 files changed

+37
-1
lines changed
Filter options

3 files changed

+37
-1
lines changed

‎src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md
+2Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@ CHANGELOG
1212
PHP's native `serialize()` and `unserialize()` functions. To use the
1313
original serialization method, set the `framework.messenger.serializer.id`
1414
config option to `messenger.transport.symfony_serializer`.
15+
* Added php ini session options `sid_length` and `sid_bits_per_character`
16+
to the `session` section of the configuration
1517

1618
4.2.0
1719
-----

‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
+8Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -509,6 +509,14 @@ private function addSessionSection(ArrayNodeDefinition $rootNode)
509509
->defaultValue(0)
510510
->info('seconds to wait between 2 session metadata updates')
511511
->end()
512+
->integerNode('sid_length')
513+
->min(22)
514+
->max(256)
515+
->end()
516+
->integerNode('sid_bits_per_character')
517+
->min(4)
518+
->max(6)
519+
->end()
512520
->end()
513521
->end()
514522
->end()

‎src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Resources/config/schema/symfony-1.0.xsd
+27-1Lines changed: 27 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -114,13 +114,16 @@
114114
<xsd:attribute name="cookie-domain" type="xsd:string" />
115115
<xsd:attribute name="cookie-secure" type="cookie_secure" />
116116
<xsd:attribute name="cookie-httponly" type="xsd:boolean" />
117+
<xsd:attribute name="cookie-samesite" type="cookie_samesite" />
117118
<xsd:attribute name="use-cookies" type="xsd:boolean" />
118119
<xsd:attribute name="cache-limiter" type="xsd:string" />
119120
<xsd:attribute name="gc-maxlifetime" type="xsd:string" />
120121
<xsd:attribute name="gc-divisor" type="xsd:string" />
121122
<xsd:attribute name="gc-probability" type="xsd:string" />
122-
<xsd:attribute name="use-strict-mode" type="xsd:boolean" />
123123
<xsd:attribute name="save-path" type="xsd:string" />
124+
<xsd:attribute name="metadata-update-threshold" type="xsd:nonNegativeInteger" />
125+
<xsd:attribute name="sid-length" type="sid_length" />
126+
<xsd:attribute name="sid-bits-per-character" type="sid_bits_per_character" />
124127
</xsd:complexType>
125128

126129
<xsd:complexType name="request">
@@ -352,6 +355,29 @@
352355
</xsd:restriction>
353356
</xsd:simpleType>
354357

358+
<xsd:simpleType name="cookie_samesite">
359+
<xsd:restriction base="xsd:string">
360+
<xsd:enumeration value="" />
361+
<xsd:enumeration value="lax" />
362+
<xsd:enumeration value="strict" />
363+
</xsd:restriction>
364+
</xsd:simpleType>
365+
366+
<xsd:simpleType name="sid_bits_per_character">
367+
<xsd:restriction base="xsd:positiveInteger">
368+
<xsd:enumeration value="4" />
369+
<xsd:enumeration value="5" />
370+
<xsd:enumeration value="6" />
371+
</xsd:restriction>
372+
</xsd:simpleType>
373+
374+
<xsd:simpleType name="sid_length">
375+
<xsd:restriction base="xsd:positiveInteger">
376+
<xsd:minInclusive value="22" />
377+
<xsd:maxExclusive value="256" />
378+
</xsd:restriction>
379+
</xsd:simpleType>
380+
355381
<xsd:simpleType name="workflow_type">
356382
<xsd:restriction base="xsd:string">
357383
<xsd:enumeration value="state_machine" />

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.