Data

Tools

Indexes

Applications

Experiments

Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / symfony/symfony-docs issues and pull requests

Labelled with: Security

#21458 - [Security] Fix the OIDC discovery cache configuration

Pull Request - State: closed - Opened by javiereguiluz about 2 months ago
Labels: Security, Status: Needs Review

#21453 - [Security] Wrong example for oidc.discovery.cache option

Issue - State: closed - Opened by Tilogorn about 2 months ago - 3 comments
Labels: Security, hasPR

#21443 - [Security] : security.logout.path supports route name

Pull Request - State: closed - Opened by xavierleune about 2 months ago
Labels: Security, Status: Reviewed

#21425 - [Security] deprecate extending `RememberMeDetails` using legacy constru…

Issue - State: closed - Opened by fabpot about 2 months ago - 1 comment
Labels: Security

#21420 - [Security] improve VoteObject adding extraData

Pull Request - State: closed - Opened by javiereguiluz about 2 months ago
Labels: Security, Status: Needs Review

#21379 - [Security] Add `access_decision()` and `access_decision_for_user()`

Pull Request - State: closed - Opened by javiereguiluz 2 months ago - 1 comment
Labels: Security, Status: Reviewed, TwigBridge

#21350 - [Security][SecurityBundle] Dump role hierarchy as mermaid chart

Issue - State: closed - Opened by fabpot 2 months ago - 1 comment
Labels: Security, SecurityBundle

#21301 - [Security] add `methods` argument to `#[IsGranted]` to restrict access by HTTP method

Pull Request - State: closed - Opened by santysisi 3 months ago - 3 comments
Labels: Security, Status: Reviewed

#21296 - [Security] Add `$methods` support to `#[IsGranted]` to restrict access …

Issue - State: closed - Opened by fabpot 3 months ago
Labels: Security, hasPR

#21152 - [Security] remove documentation for the hide_user_not_found_option

Pull Request - State: closed - Opened by xabbuh 5 months ago
Labels: Security, Status: Reviewed

#21131 - [Security] Remove callable firewall listeners support

Issue - State: closed - Opened by nicolas-grekas 5 months ago - 1 comment
Labels: Security

#21092 - [Security] Remove mentions to deprecated eraseCredentials() method

Pull Request - State: open - Opened by javiereguiluz 5 months ago
Labels: Security

#21088 - [Security] : Removing recommendations to lowercase email adresses

Pull Request - State: closed - Opened by ThomasLandauer 5 months ago
Labels: Security, Status: Needs Review

#21080 - [Security] Stop recommending to lowercase email addresses

Issue - State: closed - Opened by ThomasLandauer 5 months ago - 2 comments
Labels: Security

#21040 - [Security] Update the main voters article

Pull Request - State: open - Opened by javiereguiluz 6 months ago
Labels: Security

#21030 - [Security] Remove `is_anonymous` expesssion language function

Pull Request - State: closed - Opened by alamirault 6 months ago - 3 comments
Labels: Security, Status: Reviewed

#21008 - [Security] Document the new `expose_security_errors` option

Pull Request - State: closed - Opened by javiereguiluz 6 months ago
Labels: Security, Status: Reviewed

#21008 - [Security] Document the new expose_security_errors option

Pull Request - State: open - Opened by javiereguiluz 6 months ago
Labels: Security

#21006 - [Security] Update voters.rst

Pull Request - State: closed - Opened by ifiroth 6 months ago - 1 comment
Labels: Security, Status: Reviewed

#20994 - [Security] Stateless CSRF is enabled by default in 7.2

Pull Request - State: closed - Opened by ThomasLandauer 6 months ago - 6 comments
Labels: Security, Status: Reviewed

#20990 - [Security] Fix type in `upgradePassword`

Pull Request - State: closed - Opened by Synxgz 6 months ago - 1 comment
Labels: Security, Status: Reviewed

#20990 - [Security] Fix type in `upgradePassword`

Pull Request - State: closed - Opened by Synxgz 6 months ago - 1 comment
Labels: Security, Status: Reviewed

#20986 - [Security] remove `plaintext` password hasher usage

Pull Request - State: closed - Opened by kbond 6 months ago - 1 comment
Labels: Security, Status: Reviewed

#20975 - [Security] Add usage example for `#[IsCsrfTokenValid` attribute on controller classes

Pull Request - State: closed - Opened by santysisi 6 months ago
Labels: Security, Status: Needs Review

#20975 - [Security] Add usage example for `#[IsCsrfTokenValid` attribute on controller classes

Pull Request - State: closed - Opened by santysisi 6 months ago - 1 comment
Labels: Security, Status: Reviewed

#20964 - [Security] Tell about stateless CSRF protection

Pull Request - State: closed - Opened by nicolas-grekas 6 months ago - 2 comments
Labels: Security, Status: Reviewed

#20964 - [Security] Tell about stateless CSRF protection

Pull Request - State: closed - Opened by nicolas-grekas 6 months ago - 1 comment
Labels: Security, Status: Reviewed

#20954 - [Security] [Best practices] Remove mention of `anonymous`

Pull Request - State: closed - Opened by MaximePinot 6 months ago - 1 comment
Labels: Security, Status: Reviewed

#20954 - [Security] [Best practices] Remove mention of `anonymous`

Pull Request - State: closed - Opened by MaximePinot 6 months ago - 1 comment
Labels: Security, Status: Reviewed

#20953 - [Security] Tell about erasing credentials when the user is stored in the session

Pull Request - State: closed - Opened by nicolas-grekas 6 months ago - 1 comment
Labels: Security, Status: Reviewed

#20946 - [Security] Update csrf.rst

Pull Request - State: closed - Opened by Chris53897 7 months ago - 1 comment
Labels: Security, Status: Reviewed

#20864 - [Security] document current user attribute in the main security doc entry

Pull Request - State: open - Opened by 94noni 8 months ago
Labels: Security, Status: Needs Review, Waiting feedback

#20811 - [Security] Add methods param doc for isCsrfTokenValid attribute

Pull Request - State: closed - Opened by Oviglo 8 months ago - 3 comments
Labels: Security, Status: Reviewed

#20811 - [Security] Add methods param doc for isCsrfTokenValid attribute

Pull Request - State: closed - Opened by Oviglo 8 months ago - 2 comments
Labels: Security, Status: Reviewed

#20810 - [Security] Add methods param in IsCsrfTokenValid attribute

Issue - State: closed - Opened by nicolas-grekas 8 months ago - 2 comments
Labels: Security, hasPR

#20795 - [Security] Chain Providers: Fixing PHP code sample

Pull Request - State: closed - Opened by ThomasLandauer 8 months ago - 1 comment
Labels: Security, Status: Reviewed

#20795 - [Security] Chain Providers: Fixing PHP code sample

Pull Request - State: closed - Opened by ThomasLandauer 8 months ago - 1 comment
Labels: Security, Status: Reviewed

#20794 - [Security] Simplifying the DEV firewall's pattern

Pull Request - State: open - Opened by ThomasLandauer 8 months ago - 3 comments
Labels: Security, Status: Needs Review, Waiting Code Merge

#20792 - [Security] : Removing duplicate sentence

Pull Request - State: closed - Opened by ThomasLandauer 8 months ago - 1 comment
Labels: Security, Status: Reviewed

#20792 - [Security] : Removing duplicate sentence

Pull Request - State: closed - Opened by ThomasLandauer 8 months ago
Labels: Security, Status: Reviewed

#20729 - [Security] Fix more heading levels in the security reference

Pull Request - State: closed - Opened by stof 9 months ago
Labels: Security, Status: Reviewed

#20699 - [Security] use strings for chained user providers

Pull Request - State: closed - Opened by emmanuel-averty 9 months ago - 1 comment
Labels: Security, Status: Needs Review

#20699 - [Security] use strings for chained user providers

Pull Request - State: closed - Opened by emmanuel-averty 9 months ago - 1 comment
Labels: Security, Status: Needs Review

#20690 - [Security] Add ability for voters to explain their vote

Pull Request - State: closed - Opened by MrYamous 9 months ago
Labels: Security, Status: Reviewed

#20690 - [Security] Add ability for voters to explain their vote

Pull Request - State: closed - Opened by MrYamous 9 months ago - 1 comment
Labels: Security, Status: Reviewed

#20669 - [Security] Add support for closures in the `IsGranted` attribute

Pull Request - State: closed - Opened by alexandre-daubois 9 months ago - 1 comment
Labels: Security, Status: Needs Review

#20669 - [Security] Add support for closures in the `IsGranted` attribute

Pull Request - State: open - Opened by alexandre-daubois 9 months ago - 1 comment
Labels: Security, Status: Needs Review, Waiting Code Merge

#20663 - [Security] Allow using a callable with `#[IsGranted]`

Issue - State: closed - Opened by nicolas-grekas 9 months ago
Labels: Security

#20658 - [Security] Add ability for voters to explain their vote

Issue - State: closed - Opened by fabpot 9 months ago
Labels: Security, hasPR

#20651 - [Security] Add `role_fetcher` option to LDAP security configuration

Pull Request - State: closed - Opened by Spomky 9 months ago
Labels: Security, Status: Reviewed

#20651 - [Security] Add `role_fetcher` option to LDAP security configuration

Pull Request - State: closed - Opened by Spomky 9 months ago - 1 comment
Labels: Security, Status: Reviewed

#20640 - [Security] Ability to add roles in `form_login_ldap` by ldap group

Issue - State: closed - Opened by fabpot 9 months ago
Labels: Security

#20637 - [Security] Add support for encrypted access tokens (JWE) in OIDC

Pull Request - State: closed - Opened by Spomky 9 months ago - 1 comment
Labels: Security, Status: Reviewed

#20637 - [Security] Add support for encrypted access tokens (JWE) in OIDC

Pull Request - State: closed - Opened by Spomky 9 months ago - 1 comment
Labels: Security, Status: Reviewed

#20636 - [Security] Update custom authenticator docs to include identifier normalization

Pull Request - State: closed - Opened by Spomky 9 months ago - 1 comment
Labels: Security, Status: Reviewed

#20636 - [Security] Update custom authenticator docs to include identifier normalization

Pull Request - State: closed - Opened by Spomky 9 months ago
Labels: Security, Status: Needs Review

#20632 - [Security] Add a normalization step for the user-identifier in firewalls

Issue - State: closed - Opened by fabpot 10 months ago
Labels: Security, hasPR

#20579 - [Security] Add OIDC Discovery

Pull Request - State: closed - Opened by vincentchalamon 10 months ago - 1 comment
Labels: Security, Status: Reviewed

#20544 - [Security] Remove mention of is_granted_ `$field` argument

Pull Request - State: closed - Opened by smnandre 11 months ago - 1 comment
Labels: Security, Status: Reviewed

#20505 - [Security] Add docs for `is_granted_for_user()` function

Pull Request - State: closed - Opened by natewiebe13 11 months ago - 1 comment
Labels: Security, Status: Reviewed

#20498 - [Security] Add Oauth client package in doc

Pull Request - State: closed - Opened by MrYamous 11 months ago - 2 comments
Labels: Security, Status: Reviewed

#20498 - [Security] Add Oauth client package in doc

Pull Request - State: closed - Opened by MrYamous 11 months ago - 2 comments
Labels: Security, Status: Reviewed

#20437 - [Security] Fix the namespace of a code example

Pull Request - State: closed - Opened by javiereguiluz 12 months ago
Labels: Security, Status: Reviewed

#20415 - [Security] Secret with remember me feature

Pull Request - State: closed - Opened by MrYamous 12 months ago - 1 comment
Labels: Security, Status: Reviewed

#20415 - [Security] Secret with remember me feature

Pull Request - State: closed - Opened by MrYamous 12 months ago - 1 comment
Labels: Security, Status: Reviewed

#20403 - [Security] Fix wrong method call of the decision manager

Pull Request - State: closed - Opened by TheCadien 12 months ago - 1 comment
Labels: Security, Status: Reviewed

#20403 - [Security] Fix wrong method call of the decision manager

Issue - State: closed - Opened by TheCadien 12 months ago - 1 comment
Labels: Security, Status: Reviewed

#20402 - Missing documentation on custom credentials and badges

Issue - State: open - Opened by michnovka about 1 year ago
Labels: Security

#20388 - [Security] use access decision manager to control which token to vote on

Pull Request - State: closed - Opened by xabbuh about 1 year ago
Labels: Security, Status: Needs Review

#20388 - [Security] use access decision manager to control which token to vote on

Pull Request - State: closed - Opened by xabbuh about 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#20306 - [Security] Implement stateless headers/cookies-based CSRF protection

Issue - State: closed - Opened by nicolas-grekas about 1 year ago - 3 comments
Labels: Security, hasPR

#20254 - [Doctrine][Security] Remove an old article about registration forms

Pull Request - State: closed - Opened by javiereguiluz about 1 year ago
Labels: Doctrine, Security, Status: Reviewed

#20254 - [Doctrine] Remove an old article about registration forms

Pull Request - State: open - Opened by javiereguiluz about 1 year ago
Labels: Doctrine, Security

#20240 - [Security] Fix role to detect logged-in user

Pull Request - State: closed - Opened by devojifr about 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#20240 - [Security] Fix role to detect logged-in user

Pull Request - State: closed - Opened by devojifr about 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#20234 - [Security] Allow passport attributes in `Security::login()`

Pull Request - State: closed - Opened by alexandre-daubois about 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#20234 - [Security] Allow passport attributes in `Security::login()`

Pull Request - State: closed - Opened by alexandre-daubois about 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#20229 - [Security][SecurityBundle] Allow passing attributes to passport via `Se…

Issue - State: closed - Opened by fabpot about 1 year ago
Labels: Security, hasPR, SecurityBundle

#20162 - [Security] adding missing 'private'

Pull Request - State: closed - Opened by tacman about 1 year ago - 1 comment
Labels: Security, Status: Needs Review

#20162 - [Security] adding missing 'private'

Pull Request - State: closed - Opened by tacman about 1 year ago - 1 comment
Labels: Security, Status: Needs Review

#20149 - [Security] complete list of support content types

Pull Request - State: closed - Opened by xabbuh about 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#20149 - [Security] complete list of support content types

Pull Request - State: closed - Opened by xabbuh about 1 year ago
Labels: Security, Status: Reviewed

#20125 - [Security] Deprecate empty user identifier

Issue - State: closed - Opened by fabpot over 1 year ago - 2 comments
Labels: Security

#20120 - [Security] Remove note about stateless firewalls marking routes as stateless

Pull Request - State: closed - Opened by MatTheCat over 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#20120 - [Security] Remove note about stateless firewalls marking routes as stateless

Pull Request - State: closed - Opened by MatTheCat over 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#20107 - [Security] fix: propose a better header naming for custom authenticator

Pull Request - State: closed - Opened by 94noni over 1 year ago - 3 comments
Labels: Security, Status: Reviewed

#20107 - [Security] fix: propose a better header naming for custom authenticator

Pull Request - State: closed - Opened by 94noni over 1 year ago - 2 comments
Labels: Security, Status: Reviewed

#20090 - [Security] Authenticator methods description

Pull Request - State: closed - Opened by smnandre over 1 year ago - 1 comment
Labels: Security, Status: Needs Review

#20066 - [Security] add the `$token` argument to `checkPostAuth()`

Pull Request - State: closed - Opened by xabbuh over 1 year ago - 2 comments
Labels: Security, Status: Reviewed

#20066 - [Security] add the `$token` argument to `checkPostAuth()`

Pull Request - State: closed - Opened by xabbuh over 1 year ago - 4 comments
Labels: Security, Status: Reviewed

#20062 - [Security] pass the current token to the `checkPostAuth()` method of us…

Issue - State: closed - Opened by fabpot over 1 year ago - 1 comment
Labels: Security, hasPR

#20060 - [Security] Update csrf.rst

Pull Request - State: closed - Opened by aurac over 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#20013 - [Security] Update impersonating_user.rst remove unneeded space

Pull Request - State: closed - Opened by JohJohan over 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#19966 - [Security] Add namespace for AccessTokenHandler

Pull Request - State: closed - Opened by andreybolonin over 1 year ago - 1 comment
Labels: Security, Status: Needs Review

#19961 - [Security] Remove an unneeded comment

Pull Request - State: closed - Opened by javiereguiluz over 1 year ago
Labels: Security, Status: Needs Review

#19870 - [Security] Add support for dynamic CSRF id with Expression in `#[IsCsrfTokenValid]`

Pull Request - State: closed - Opened by alamirault over 1 year ago - 3 comments
Labels: Security, Status: Reviewed

#19862 - [Security] Improve the docs related to CSRF

Issue - State: closed - Opened by javiereguiluz over 1 year ago
Labels: Security, Status: Needs Review

#19837 - [Security] : Redirect user to profile page

Pull Request - State: open - Opened by ThomasLandauer over 1 year ago
Labels: Security, Status: Needs Review

#19821 - [Security] Update login_link.rst

Pull Request - State: closed - Opened by carlcasbolt over 1 year ago - 1 comment
Labels: Security, Status: Reviewed

#19813 - [Security] Custom Authenticator: Adding info about session

Pull Request - State: open - Opened by ThomasLandauer over 1 year ago
Labels: Security, Status: Needs Review