Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 99b5c59

Browse filesBrowse files
alexandre-dauboisalexandre-daubois
committed
[FrameworkBundle] Deprecate session.sid_length and session.sid_bits_per_character config options
1 parent b2e4eac commit 99b5c59
Copy full SHA for 99b5c59

File tree

Expand file treeCollapse file tree

11 files changed

+41
-12
lines changed
Filter options
Expand file treeCollapse file tree

11 files changed

+41
-12
lines changed

‎UPGRADE-7.2.md

Copy file name to clipboardExpand all lines: UPGRADE-7.2.md
+6Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,12 @@ FrameworkBundle
2828
---------------
2929

3030
* [BC BREAK] The `secrets:decrypt-to-local` command terminates with a non-zero exit code when a secret could not be read
31+
* Deprecate `session.sid_length` and `session.sid_bits_per_character` config options
32+
33+
HttpFoundation
34+
--------------
35+
36+
* Deprecate passing `session.sid_bits_per_character` and `session.sid_length` options to `NativeSessionStorage`
3137

3238
Messenger
3339
---------

‎src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@ CHANGELOG
1111
* [BC BREAK] The `secrets:decrypt-to-local` command terminates with a non-zero exit code when a secret could not be read
1212
* Deprecate making `cache.app` adapter taggable, use the `cache.app.taggable` adapter instead
1313
* Enable `json_decode_detailed_errors` in the default serializer context in debug mode by default when `seld/jsonlint` is installed
14+
* Deprecate `session.sid_length` and `session.sid_bits_per_character` config options
1415

1516
7.1
1617
---

‎src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/DependencyInjection/Configuration.php
+2Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -685,10 +685,12 @@ private function addSessionSection(ArrayNodeDefinition $rootNode): void
685685
->integerNode('sid_length')
686686
->min(22)
687687
->max(256)
688+
->setDeprecated('symfony/framework-bundle', '7.2', 'Setting the "%path%.%node%" configuration option is deprecated. It will be removed in version 8.0.')
688689
->end()
689690
->integerNode('sid_bits_per_character')
690691
->min(4)
691692
->max(6)
693+
->setDeprecated('symfony/framework-bundle', '7.2', 'Setting the "%path%.%node%" configuration option is deprecated. It will be removed in version 8.0.')
692694
->end()
693695
->end()
694696
->end()

‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/full.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/php/full.php
-2Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,8 +43,6 @@
4343
'gc_maxlifetime' => 90000,
4444
'gc_divisor' => 108,
4545
'gc_probability' => 1,
46-
'sid_length' => 22,
47-
'sid_bits_per_character' => 4,
4846
'save_path' => '/path/to/sessions',
4947
],
5048
'assets' => [

‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/xml/full.xml
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@
1717
<framework:ssi enabled="true" />
1818
<framework:profiler only-exceptions="true" enabled="false" />
1919
<framework:router resource="%kernel.project_dir%/config/routing.xml" type="xml" utf8="true" />
20-
<framework:session gc-maxlifetime="90000" gc-probability="1" gc-divisor="108" storage-factory-id="session.storage.factory.native" handler-id="session.handler.native_file" name="_SYMFONY" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-samesite="lax" cookie-httponly="false" use-cookies="true" save-path="/path/to/sessions" sid-length="22" sid-bits-per-character="4" />
20+
<framework:session gc-maxlifetime="90000" gc-probability="1" gc-divisor="108" storage-factory-id="session.storage.factory.native" handler-id="session.handler.native_file" name="_SYMFONY" cookie-lifetime="86400" cookie-path="/" cookie-domain="example.com" cookie-secure="true" cookie-samesite="lax" cookie-httponly="false" use-cookies="true" save-path="/path/to/sessions" />
2121
<framework:request>
2222
<framework:format name="csv">
2323
<framework:mime-type>text/csv</framework:mime-type>

‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/full.yml

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/Fixtures/yml/full.yml
-2Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,8 +36,6 @@ framework:
3636
gc_probability: 1
3737
gc_divisor: 108
3838
gc_maxlifetime: 90000
39-
sid_length: 22
40-
sid_bits_per_character: 4
4139
save_path: /path/to/sessions
4240
assets:
4341
version: v1

‎src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTestCase.php

Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Tests/DependencyInjection/FrameworkExtensionTestCase.php
-2Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -676,8 +676,6 @@ public function testSession()
676676
$this->assertEquals(108, $options['gc_divisor']);
677677
$this->assertEquals(1, $options['gc_probability']);
678678
$this->assertEquals(90000, $options['gc_maxlifetime']);
679-
$this->assertEquals(22, $options['sid_length']);
680-
$this->assertEquals(4, $options['sid_bits_per_character']);
681679

682680
$this->assertEquals('/path/to/sessions', $container->getParameter('session.save_path'));
683681
}

‎src/Symfony/Component/HttpFoundation/CHANGELOG.md

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/CHANGELOG.md
+1Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ CHANGELOG
55
---
66

77
* Add optional `$requests` argument to `RequestStack::__construct()`
8+
* Deprecate passing `session.sid_bits_per_character` and `session.sid_length` options to `NativeSessionStorage`
89

910
7.1
1011
---

‎src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Session/Storage/NativeSessionStorage.php
+10-4Lines changed: 10 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -68,8 +68,8 @@ class NativeSessionStorage implements SessionStorageInterface
6868
* use_cookies, "1"
6969
* use_only_cookies, "1"
7070
* use_trans_sid, "0"
71-
* sid_length, "32"
72-
* sid_bits_per_character, "5"
71+
* sid_length, "32" (@deprecated since Symfony 7.2, to be removed in 8.0)
72+
* sid_bits_per_character, "5" (@deprecated since Symfony 7.2, to be removed in 8.0)
7373
* trans_sid_hosts, $_SERVER['HTTP_HOST']
7474
* trans_sid_tags, "a=href,area=href,frame=src,form="
7575
*/
@@ -125,9 +125,9 @@ public function start(): bool
125125
* The part `[a-zA-Z0-9,-]` is related to the PHP ini directive `session.sid_bits_per_character` defined as 6.
126126
* See https://www.php.net/manual/en/session.configuration.php#ini.session.sid-bits-per-character.
127127
* Allowed values are integers such as:
128-
* - 4 for range `a-f0-9`
128+
* - 4 for range `a-f0-9` (@deprecated since Symfony 7.2, only 5 bits per character will be allowed in Symfony 8.0)
129129
* - 5 for range `a-v0-9`
130-
* - 6 for range `a-zA-Z0-9,-`
130+
* - 6 for range `a-zA-Z0-9,-` (@deprecated since Symfony 7.2, only 5 bits per character will be allowed in Symfony 8.0)
131131
*
132132
* ---------- Part 2
133133
*
@@ -139,6 +139,8 @@ public function start(): bool
139139
* - The length of Windows and Linux filenames is limited to 255 bytes. Then the max must not exceed 255.
140140
* - The session filename prefix is `sess_`, a 5 bytes string. Then the max must not exceed 255 - 5 = 250.
141141
*
142+
* This is @deprecated since Symfony 7.2 and only sid length of 32 will be allowed in Symfony 8.0.
143+
*
142144
* ---------- Conclusion
143145
*
144146
* The parts 1 and 2 prevent the warning below:
@@ -328,6 +330,10 @@ public function setOptions(array $options): void
328330
]);
329331

330332
foreach ($options as $key => $value) {
333+
if (\in_array($key, ['sid_length', 'sid_bits_per_character'], true)) {
334+
trigger_deprecation('symfony/http-foundation', '7.2', 'The "%s" option is deprecated and won\'t be a valid option in Symfony 8.0.', $key);
335+
}
336+
331337
if (isset($validOptions[$key])) {
332338
if ('cookie_secure' === $key && 'auto' === $value) {
333339
continue;

‎src/Symfony/Component/HttpFoundation/Tests/Session/Storage/NativeSessionStorageTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Tests/Session/Storage/NativeSessionStorageTest.php
+18Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@
1212
namespace Symfony\Component\HttpFoundation\Tests\Session\Storage;
1313

1414
use PHPUnit\Framework\TestCase;
15+
use Symfony\Bridge\PhpUnit\ExpectDeprecationTrait;
1516
use Symfony\Component\HttpFoundation\Session\Attribute\AttributeBag;
1617
use Symfony\Component\HttpFoundation\Session\Flash\FlashBag;
1718
use Symfony\Component\HttpFoundation\Session\Storage\Handler\NativeFileSessionHandler;
@@ -32,6 +33,8 @@
3233
*/
3334
class NativeSessionStorageTest extends TestCase
3435
{
36+
use ExpectDeprecationTrait;
37+
3538
private string $savePath;
3639

3740
private $initialSessionSaveHandler;
@@ -337,4 +340,19 @@ public function testSaveHandlesNullSessionGracefully()
337340

338341
$this->addToAssertionCount(1);
339342
}
343+
344+
/**
345+
* @group legacy
346+
*/
347+
public function testPassingDeprecatedOptions()
348+
{
349+
$this->expectDeprecation('Since symfony/http-foundation 7.2: The "sid_length" option is deprecated and won\'t be a valid option in Symfony 8.0.');
350+
$this->expectDeprecation('Since symfony/http-foundation 7.2: The "sid_bits_per_character" option is deprecated and won\'t be a valid option in Symfony 8.0.');
351+
352+
$this->getStorage([
353+
'cookie_lifetime' => 123456,
354+
'sid_length' => 42,
355+
'sid_bits_per_character' => 6,
356+
]);
357+
}
340358
}

‎src/Symfony/Component/HttpFoundation/composer.json

Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/composer.json
+2-1Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,8 @@
1818
"require": {
1919
"php": ">=8.2",
2020
"symfony/polyfill-mbstring": "~1.1",
21-
"symfony/polyfill-php83": "^1.27"
21+
"symfony/polyfill-php83": "^1.27",
22+
"symfony/deprecation-contracts": "^2.5|^3.0"
2223
},
2324
"require-dev": {
2425
"doctrine/dbal": "^3.6|^4",

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.