Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 34f8f5e

Browse filesBrowse files
alexandre-dauboisalexandre-daubois
committed
[FrameworkBundle] Deprecate session.sid_length and session.sid_bits_per_character config options
1 parent cc11de0 commit 34f8f5e
Copy full SHA for 34f8f5e

File tree

11 files changed

+41
-12
lines changed
Filter options

11 files changed

+41
-12
lines changed

‎UPGRADE-7.2.md

Copy file name to clipboardExpand all lines: UPGRADE-7.2.md
+6Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,12 @@ FrameworkBundle
2828
---------------
2929

3030
* [BC BREAK] The `secrets:decrypt-to-local` command terminates with a non-zero exit code when a secret could not be read
31+
* Deprecate `session.sid_length` and `session.sid_bits_per_character` config options
32+
33+
HttpFoundation
34+
--------------
35+
36+
* Deprecate passing `sid_bits_per_character` and `sid_length` options to `NativeSessionStorage`
3137

3238
Ldap
3339
----

‎src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ CHANGELOG
1212
* Deprecate making `cache.app` adapter taggable, use the `cache.app.taggable` adapter instead
1313
* Enable `json_decode_detailed_errors` in the default serializer context in debug mode by default when `seld/jsonlint` is installed
1414
* Register `Symfony\Component\Serializer\NameConverter\SnakeCaseToCamelCaseNameConverter` as a service named `serializer.name_converter.snake_case_to_camel_case` if available
15+
* Deprecate `session.sid_length` and `session.sid_bits_per_character` config options
1516

1617
7.1
1718
---

‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
+2Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -685,10 +685,12 @@ private function addSessionSection(ArrayNodeDefinition $rootNode): void
685685
->integerNode('sid_length')
686686
->min(22)
687687
->max(256)
688+
->setDeprecated('symfony/framework-bundle', '7.2', 'Setting the "%path%.%node%" configuration option is deprecated. It will be removed in version 8.0. No alternative is provided as PHP 8.4 has deprecated the related option.')
688689
->end()
689690
->integerNode('sid_bits_per_character')
690691
->min(4)
691692
->max(6)
693+
->setDeprecated('symfony/framework-bundle', '7.2', 'Setting the "%path%.%node%" configuration option is deprecated. It will be removed in version 8.0. No alternative is provided as PHP 8.4 has deprecated the related option.')
692694
->end()
693695
->end()
694696
->end()

‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/full.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/full.php
-2Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,8 +43,6 @@
4343
'gc_maxlifetime' => 90000,
4444
'gc_divisor' => 108,
4545
'gc_probability' => 1,
46-
'sid_length' => 22,
47-
'sid_bits_per_character' => 4,
4846
'save_path' => '/path/to/sessions',
4947
],
5048
'assets' => [

‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
<framework:ssi enabled="true" />
1818
<framework:profiler only-exceptions="true" enabled="false" />
1919
<framework:router resource="%kernel.project_dir%/config/routing.xml" type="xml" utf8="true" />
20-
<framework:session gc-maxlifetime="90000" gc-probability="1" gc-divisor="108" storage-factory-id="session.storage.factory.native" handler-id="session.handler.native_file" name="_SYMFONY" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-samesite="lax" cookie-httponly="false" use-cookies="true" save-path="/path/to/sessions" sid-length="22" sid-bits-per-character="4" />
20+
<framework:session gc-maxlifetime="90000" gc-probability="1" gc-divisor="108" storage-factory-id="session.storage.factory.native" handler-id="session.handler.native_file" name="_SYMFONY" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-samesite="lax" cookie-httponly="false" use-cookies="true" save-path="/path/to/sessions" />
2121
<framework:request>
2222
<framework:format name="csv">
2323
<framework:mime-type>text/csv</framework:mime-type>

‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/full.yml

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/full.yml
-2Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,8 +36,6 @@ framework:
3636
gc_probability: 1
3737
gc_divisor: 108
3838
gc_maxlifetime: 90000
39-
sid_length: 22
40-
sid_bits_per_character: 4
4139
save_path: /path/to/sessions
4240
assets:
4341
version: v1

‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTestCase.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTestCase.php
-2Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -676,8 +676,6 @@ public function testSession()
676676
$this->assertEquals(108, $options['gc_divisor']);
677677
$this->assertEquals(1, $options['gc_probability']);
678678
$this->assertEquals(90000, $options['gc_maxlifetime']);
679-
$this->assertEquals(22, $options['sid_length']);
680-
$this->assertEquals(4, $options['sid_bits_per_character']);
681679

682680
$this->assertEquals('/path/to/sessions', $container->getParameter('session.save_path'));
683681
}

‎src/Symfony/Component/HttpFoundation/CHANGELOG.md

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ CHANGELOG
66

77
* Add optional `$requests` parameter to `RequestStack::__construct()`
88
* Add optional `$v4Bytes` and `$v6Bytes` parameters to `IpUtils::anonymize()`
9+
* Deprecate passing `sid_bits_per_character` and `sid_length` options to `NativeSessionStorage`
910

1011
7.1
1112
---

‎src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php
+10-4Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -68,8 +68,8 @@ class NativeSessionStorage implements SessionStorageInterface
6868
* use_cookies, "1"
6969
* use_only_cookies, "1"
7070
* use_trans_sid, "0"
71-
* sid_length, "32"
72-
* sid_bits_per_character, "5"
71+
* sid_length, "32" (@deprecated since Symfony 7.2, to be removed in 8.0)
72+
* sid_bits_per_character, "5" (@deprecated since Symfony 7.2, to be removed in 8.0)
7373
* trans_sid_hosts, $_SERVER['HTTP_HOST']
7474
* trans_sid_tags, "a=href,area=href,frame=src,form="
7575
*/
@@ -126,8 +126,8 @@ public function start(): bool
126126
* See https://www.php.net/manual/en/session.configuration.php#ini.session.sid-bits-per-character.
127127
* Allowed values are integers such as:
128128
* - 4 for range `a-f0-9`
129-
* - 5 for range `a-v0-9`
130-
* - 6 for range `a-zA-Z0-9,-`
129+
* - 5 for range `a-v0-9` (@deprecated since Symfony 7.2, it will default to 4 and the option will be ignored in Symfony 8.0)
130+
* - 6 for range `a-zA-Z0-9,-` (@deprecated since Symfony 7.2, it will default to 4 and the option will be ignored in Symfony 8.0)
131131
*
132132
* ---------- Part 2
133133
*
@@ -139,6 +139,8 @@ public function start(): bool
139139
* - The length of Windows and Linux filenames is limited to 255 bytes. Then the max must not exceed 255.
140140
* - The session filename prefix is `sess_`, a 5 bytes string. Then the max must not exceed 255 - 5 = 250.
141141
*
142+
* This is @deprecated since Symfony 7.2, the sid length will default to 32 and the option will be ignored in Symfony 8.0.
143+
*
142144
* ---------- Conclusion
143145
*
144146
* The parts 1 and 2 prevent the warning below:
@@ -328,6 +330,10 @@ public function setOptions(array $options): void
328330
]);
329331

330332
foreach ($options as $key => $value) {
333+
if (\in_array($key, ['sid_length', 'sid_bits_per_character'], true)) {
334+
trigger_deprecation('symfony/http-foundation', '7.2', 'NativeSessionStorage\'s "%s" option is deprecated and will be ignored in Symfony 8.0.', $key);
335+
}
336+
331337
if (isset($validOptions[$key])) {
332338
if ('cookie_secure' === $key && 'auto' === $value) {
333339
continue;

‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/NativeSessionStorageTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/Session/Storage/NativeSessionStorageTest.php
+18Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
namespace Symfony\Component\HttpFoundation\Tests\Session\Storage;
1313

1414
use PHPUnit\Framework\TestCase;
15+
use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
1516
use Symfony\Component\HttpFoundation\Session\Attribute\AttributeBag;
1617
use Symfony\Component\HttpFoundation\Session\Flash\FlashBag;
1718
use Symfony\Component\HttpFoundation\Session\Storage\Handler\NativeFileSessionHandler;
@@ -32,6 +33,8 @@
3233
*/
3334
class NativeSessionStorageTest extends TestCase
3435
{
36+
use ExpectDeprecationTrait;
37+
3538
private string $savePath;
3639

3740
private $initialSessionSaveHandler;
@@ -337,4 +340,19 @@ public function testSaveHandlesNullSessionGracefully()
337340

338341
$this->addToAssertionCount(1);
339342
}
343+
344+
/**
345+
* @group legacy
346+
*/
347+
public function testPassingDeprecatedOptions()
348+
{
349+
$this->expectDeprecation('Since symfony/http-foundation 7.2: NativeSessionStorage\'s "sid_length" option is deprecated and will be ignored in Symfony 8.0.');
350+
$this->expectDeprecation('Since symfony/http-foundation 7.2: NativeSessionStorage\'s "sid_bits_per_character" option is deprecated and will be ignored in Symfony 8.0.');
351+
352+
$this->getStorage([
353+
'cookie_lifetime' => 123456,
354+
'sid_length' => 42,
355+
'sid_bits_per_character' => 6,
356+
]);
357+
}
340358
}

‎src/Symfony/Component/HttpFoundation/composer.json

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/composer.json
+2-1Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,8 @@
1818
"require": {
1919
"php": ">=8.2",
2020
"symfony/polyfill-mbstring": "~1.1",
21-
"symfony/polyfill-php83": "^1.27"
21+
"symfony/polyfill-php83": "^1.27",
22+
"symfony/deprecation-contracts": "^2.5|^3.0"
2223
},
2324
"require-dev": {
2425
"doctrine/dbal": "^3.6|^4",

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.