Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

isCsrfTokenValid() replace string by ?string #26117

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

isCsrfTokenValid() replace string by ?string #26117

wants to merge 3 commits into from

Conversation

GaylordP
Copy link

@GaylordP GaylordP commented Feb 9, 2018
edited
Loading

Q A
Branch? master
Bug fix? yes
New feature? no
BC breaks? no
Deprecations? no
Tests pass? no
License MIT
PHP version 7.1.13

Hello,

In my controller :

    class PostController extends Controller
    {
        public function delete(Request $request, Post $post): Response
        {
            if (!$this->isCsrfTokenValid('delete', $request->request->get('token'))) {
                return $this->render('administration/post/delete.html.twig', [
                    'post' => $post,
                ]);
            }
            ... // flush is database
        }

Generate this error :

Type error: Argument 2 passed to Symfony\Bundle\FrameworkBundle\Controller\Controller::isCsrfTokenValid() must be of the type string, null given, called in ...

In CsrfToken class, you have :

    namespace Symfony\Component\Security\Csrf;

    class CsrfToken
    {
        public function __construct(string $id, ?string $value)

And in ControllerTrait :

    trait ControllerTrait
   {
        protected function isCsrfTokenValid(string $id, string $token): bool
        {

Sorry for my bad english, I'm French and this is my first bug report :)

stof
stof approved these changes Feb 9, 2018
View reviewed changes
Copy link
Member

@stof stof left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 (should even go in 4.0)

@nicolas-grekas nicolas-grekas added this to the 4.0 milestone Feb 9, 2018
nicolas-grekas
nicolas-grekas approved these changes Feb 9, 2018
View reviewed changes
Copy link
Member

@nicolas-grekas nicolas-grekas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for 4.0

@nicolas-grekas
Copy link
Member

Thank you @GaylordP.

nicolas-grekas added a commit that referenced this pull request Feb 11, 2018
@nicolas-grekas
bug #26117 isCsrfTokenValid() replace string by ?string (GaylordP)
963b675 
This PR was submitted for the master branch but it was squashed and merged into the 4.0 branch instead (closes #26117).

Discussion
----------

isCsrfTokenValid() replace string  by ?string

| Q             | A
| ------------- | ---
| Branch?       | master
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | no
| License       | MIT
| PHP version | 7.1.13

Hello,

In my controller :

```php
    class PostController extends Controller
    {
        public function delete(Request $request, Post $post): Response
        {
            if (!$this->isCsrfTokenValid('delete', $request->request->get('token'))) {
                return $this->render('administration/post/delete.html.twig', [
                    'post' => $post,
                ]);
            }
            ... // flush is database
        }
````

Generate this error :

> Type error: Argument 2 passed to Symfony\Bundle\FrameworkBundle\Controller\Controller::isCsrfTokenValid() must be of the type string, null given, called in ...

In `CsrfToken` class, you have :
````php
    namespace Symfony\Component\Security\Csrf;

    class CsrfToken
    {
        public function __construct(string $id, ?string $value)
````
And in ControllerTrait :
````php
    trait ControllerTrait
   {
        protected function isCsrfTokenValid(string $id, string $token): bool
        {
````
Sorry for my bad english, I'm French and this is my first bug report :)

Commits
-------

37fbbca isCsrfTokenValid() replace string  by ?string
@fabpot fabpot mentioned this pull request Mar 1, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@stof stof stof approved these changes

@chalasr chalasr chalasr approved these changes

Assignees
No one assigned
Labels
Bug Status: Reviewed
Projects
None yet
Milestone
4.0
Development

Successfully merging this pull request may close these issues.
5 participants
@GaylordP @nicolas-grekas @stof @chalasr @carsonbot
Morty Proxy This is a proxified and sanitized view of the page, visit original site.