symfony
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/EventListener/DisableSessionSubscriber.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/EventListener/DisableSessionSubscriber.php
-51Lines changed: 0 additions & 51 deletions b/‎src/Symfony/Bundle/FrameworkBundle/EventListener/DisableSessionSubscriber.php
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/EventListener/DisableSessionSubscriber.php
-51Lines changed: 0 additions & 51 deletions
diff --git a/‎src/Symfony/Bundle/FrameworkBundle/Resources/config/session.xml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Resources/config/session.xml
+2-9Lines changed: 2 additions & 9 deletions b/‎src/Symfony/Bundle/FrameworkBundle/Resources/config/session.xml
Copy file name to clipboardExpand all lines: src/Symfony/Bundle/FrameworkBundle/Resources/config/session.xml
+2-9Lines changed: 2 additions & 9 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Request.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Request.php
+3-4Lines changed: 3 additions & 4 deletions b/‎src/Symfony/Component/HttpFoundation/Request.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Request.php
+3-4Lines changed: 3 additions & 4 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/DisableableSessionProxy.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Session/DisableableSessionProxy.php
-238Lines changed: 0 additions & 238 deletions b/‎src/Symfony/Component/HttpFoundation/Session/DisableableSessionProxy.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpFoundation/Session/DisableableSessionProxy.php
-238Lines changed: 0 additions & 238 deletions
diff --git a/‎src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
+24-1Lines changed: 24 additions & 1 deletion b/‎src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/HttpKernel/EventListener/AbstractSessionListener.php
+24-1Lines changed: 24 additions & 1 deletion
@@ -17,10 +17,6 @@
             <argument type="service" id="session.flash_bag" />
         </service>
 
-        <service id="disableable_session" class="Symfony\Component\HttpFoundation\Session\DisableableSessionProxy" decorates="session">
-            <argument type="service" id="disableable_session.inner"/>
-        </service>
-
         <service id="Symfony\Component\HttpFoundation\Session\SessionInterface" alias="session" />
         <service id="Symfony\Component\HttpFoundation\Session\Storage\SessionStorageInterface" alias="session.storage" />
         <service id="SessionHandlerInterface" alias="session.handler" />
@@ -70,12 +66,9 @@
             <argument type="service_locator">
                 <argument key="session" type="service" id="session" on-invalid="ignore" />
                 <argument key="initialized_session" type="service" id="session" on-invalid="ignore_uninitialized" />
+                <argument key="logger" type="service" id="logger" on-invalid="ignore" />
             </argument>
-        </service>
-
-        <service id="session.disable_listener" class="Symfony\Bundle\FrameworkBundle\EventListener\DisableSessionSubscriber">
-            <tag name="kernel.event_subscriber" />
-            <argument type="service" id="session" />
+            <argument>%kernel.debug%</argument>
         </service>
 
         <!-- for BC -->
 
@@ -13,7 +13,6 @@
 
 use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
 use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
-use Symfony\Component\HttpFoundation\Session\DisableableSessionProxy;
 use Symfony\Component\HttpFoundation\Session\SessionInterface;
 
 /**
@@ -750,14 +749,14 @@ public function hasPreviousSession()
      * like whether the session is started or not. It is just a way to check if this Request
      * is associated with a Session instance.
      *
-     * @return bool true when the Request contains an enabled Session object, false otherwise
+     * @return bool true when the Request contains a Session object, false otherwise
      */
     public function hasSession()
     {
-        return null !== $this->session && !($this->session instanceof DisableableSessionProxy && $this->session->isDisabled());
+        return null !== $this->session;
     }
 
-    public function setSession(?SessionInterface $session)
+    public function setSession(SessionInterface $session)
     {
         $this->session = $session;
     }
 
@@ -18,6 +18,7 @@
 use Symfony\Component\HttpKernel\Event\FinishRequestEvent;
 use Symfony\Component\HttpKernel\Event\RequestEvent;
 use Symfony\Component\HttpKernel\Event\ResponseEvent;
+use Symfony\Component\HttpKernel\Exception\UnexpectedSessionUsageException;
 use Symfony\Component\HttpKernel\KernelEvents;
 
 /**
@@ -40,11 +41,13 @@ abstract class AbstractSessionListener implements EventSubscriberInterface
     const NO_AUTO_CACHE_CONTROL_HEADER = 'Symfony-Session-NoAutoCacheControl';
 
     protected $container;
+    protected $debug;
     private $sessionUsageStack = [];
 
-    public function __construct(ContainerInterface $container = null)
+    public function __construct(ContainerInterface $container = null, bool $debug = true)
     {
         $this->container = $container;
+        $this->debug = $debug;
     }
 
     public function onKernelRequest(RequestEvent $event)
@@ -83,6 +86,10 @@ public function onKernelResponse(ResponseEvent $event)
         }
 
         if ($session instanceof Session ? $session->getUsageIndex() !== end($this->sessionUsageStack) : $session->isStarted()) {
+            if (true === $event->getRequest()->attributes->get('_stateless', false)) {
+                $this->reportUnexpectedSessionUse();
+            }
+
             if ($autoCacheControl) {
                 $response
                     ->setExpires(new \DateTime())
@@ -145,4 +152,20 @@ public static function getSubscribedEvents(): array
      * @return SessionInterface|null A SessionInterface instance or null if no session is available
      */
     abstract protected function getSession();
+
+    /**
+     * Report that the session was unexpectedly used.
+     *
+     * @throws UnexpectedSessionUsageException
+     */
+    private function reportUnexpectedSessionUse(): void
+    {
+        if ($this->debug) {
+            throw new UnexpectedSessionUsageException();
+        }
+
+        if ($this->container->has('logger')) {
+            $this->container->get('logger')->warning('Session was used in a stateless mode');
+        }
+    }
 }
Original file line number	Diff line number	Diff line change
`@@ -13,7 +13,6 @@`
`13`	`13`
`14`	`14`	`use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;`
`15`	`15`	`use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;`
`16`		`-use Symfony\Component\HttpFoundation\Session\DisableableSessionProxy;`
`17`	`16`	`use Symfony\Component\HttpFoundation\Session\SessionInterface;`
`18`	`17`
`19`	`18`	`/**`
`@@ -750,14 +749,14 @@ public function hasPreviousSession()`
`750`	`749`	`* like whether the session is started or not. It is just a way to check if this Request`
`751`	`750`	`* is associated with a Session instance.`
`752`	`751`	`*`
`753`		`- * @return bool true when the Request contains an enabled Session object, false otherwise`
	`752`	`+ * @return bool true when the Request contains a Session object, false otherwise`
`754`	`753`	`*/`
`755`	`754`	`public function hasSession()`
`756`	`755`	`{`
`757`		`- return null !== $this->session && !($this->session instanceof DisableableSessionProxy && $this->session->isDisabled());`
	`756`	`+ return null !== $this->session;`
`758`	`757`	`}`
`759`	`758`
`760`		`- public function setSession(?SessionInterface $session)`
	`759`	`+ public function setSession(SessionInterface $session)`
`761`	`760`	`{`
`762`	`761`	`$this->session = $session;`
`763`	`762`	`}`