Data

Tools

Indexes

Applications

Experiments

Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / symfony/symfony issues and pull requests

Labelled with: Security

#50896 - [Security] OpenID Code Token Single Sign On implementation

Issue - State: open - Opened by alexander-schranz over 2 years ago - 4 comments
Labels: Security, Keep open

#50895 - [Security] AccessTokenFactory is not extendable with a custom Factory

Issue - State: closed - Opened by alexander-schranz over 2 years ago - 3 comments
Labels: Security, Stalled

#50779 - Support for external user ids in OneSignal Notifier

Issue - State: closed - Opened by KDederichs over 2 years ago - 4 comments
Labels: Security, Feature

#50695 - [Security] Improve error handling in OIDC access token handlers

Pull Request - State: closed - Opened by chalasr over 2 years ago - 5 comments
Labels: Security, Feature, Status: Needs Work

#50695 - [Security] Improve error handling in OIDC access token handlers

Pull Request - State: closed - Opened by chalasr over 2 years ago - 5 comments
Labels: Security, Feature, Status: Needs Work

#50650 - [security] Provide authentification token when using an user checker

Issue - State: closed - Opened by fabienlem over 2 years ago - 9 comments
Labels: Security, Feature

#50513 - [Security] Bugfix UserBadge userLoader

Pull Request - State: closed - Opened by cesurapp over 2 years ago - 1 comment
Labels: Security

#50511 - UserLoader Not Called

Issue - State: closed - Opened by arrrray over 2 years ago - 1 comment
Labels: Security, Bug, Status: Needs Review

#50441 - [Security] Support JWE on OidcTokenHandler

Issue - State: closed - Opened by vincentchalamon over 2 years ago - 5 comments
Labels: Security, Feature

#50434 - [Security] Import `oidc.signature.key` JWK from OIDC server

Issue - State: closed - Opened by vincentchalamon over 2 years ago - 2 comments
Labels: Security, Feature, Keep open

#50433 - [Security] OIDC Discovery

Issue - State: closed - Opened by vincentchalamon over 2 years ago - 2 comments
Labels: Security, Keep open

#50431 - [Security] Fix OIDC bugs

Pull Request - State: closed - Opened by vincentchalamon over 2 years ago - 2 comments
Labels: Security

#50402 - ContextListener is logging warning everytime a user is not found

Issue - State: closed - Opened by VincentLanglet over 2 years ago - 6 comments
Labels: Security, Bug, Status: Needs Review, Stalled

#50312 - [Security] Skip clearing CSRF Token on stateless logout

Pull Request - State: open - Opened by chalasr over 2 years ago
Labels: Security, Bug, Status: Needs Review

#50310 - `CsrfTokenClearingLogoutListener` trying to clear storage on logout from stateless firewall

Issue - State: open - Opened by mbabker over 2 years ago
Labels: Security, Bug, Status: Needs Review

#50209 - [Security] CSRF token validation failure in functional tests

Issue - State: closed - Opened by mmarchois over 2 years ago - 3 comments
Labels: Security, Bug, Status: Needs Review

#50028 - Locked account produces "Invalid credentials" message

Issue - State: closed - Opened by antfarmer over 2 years ago - 8 comments
Labels: Security, Bug, Status: Needs Review

#50027 - [Security] OAuth2 Introspection Endpoint (RFC7662)

Pull Request - State: closed - Opened by Spomky over 2 years ago - 8 comments
Labels: Security, Feature, Status: Reviewed

#49968 - [Messenger][Security] Async authentication

Issue - State: closed - Opened by ro0NL over 2 years ago - 12 comments
Labels: Security, Messenger

#49938 - [Security] Improve DX when invalid custom authenticators

Pull Request - State: open - Opened by alamirault over 2 years ago - 1 comment
Labels: Security, Feature, Status: Needs Review

#49821 - [Security] New Password Policy listener

Pull Request - State: open - Opened by Spomky over 2 years ago - 14 comments
Labels: Security, Feature, Status: Needs Review

#49589 - [Security] add argument target support for #[IsGranted]

Issue - State: closed - Opened by ninsuo almost 3 years ago - 6 comments
Labels: Security

#49532 - TraceableAuthenticatorManagerListener OOM

Issue - State: closed - Opened by tourze almost 3 years ago - 3 comments
Labels: Security, Bug, Status: Needs Review, Stalled

#49269 - Add a normalization step for the user-identifier in firewalls

Issue - State: closed - Opened by nicolas-grekas almost 3 years ago - 3 comments
Labels: Security, Help wanted

#49217 - [Security] deprecate the $secret argument of the PersistentRememberMeHandler constructor

Pull Request - State: closed - Opened by xabbuh almost 3 years ago - 1 comment
Labels: Security, Status: Reviewed, Deprecation

#49201 - [Security] get rid of string|mixed hack

Issue - State: closed - Opened by Warxcell almost 3 years ago - 10 comments
Labels: Security, Bug, Status: Needs Review, Stalled

#49116 - [KernelBrowser] loginUser does not work with lazy session

Issue - State: closed - Opened by micheh almost 3 years ago - 9 comments
Labels: Security, Bug, HttpKernel, Status: Needs Review, Stalled

#49033 - [Security] Introduce template for Voter phpdoc

Pull Request - State: closed - Opened by VincentLanglet almost 3 years ago - 7 comments
Labels: Security, Status: Reviewed

#49019 - LoginFailureEvent should have a setException method

Issue - State: open - Opened by Geolim4 almost 3 years ago - 12 comments
Labels: Security, Stalled

#48277 - [Security] Json login exception

Pull Request - State: open - Opened by Gabbarowski about 3 years ago - 8 comments
Labels: Security, Feature, Status: Reviewed, Deprecation

#48276 - [Security] add CAS 2.0 AccessToken handler

Pull Request - State: closed - Opened by nacorp about 3 years ago - 14 comments
Labels: Security, Feature, Status: Reviewed

#48276 - [Security] add CAS 2.0 AccessToken handler

Pull Request - State: closed - Opened by nacorp about 3 years ago - 14 comments
Labels: Security, Feature, Status: Reviewed

#48165 - [Security] Remove extra call to check if Session exists

Pull Request - State: closed - Opened by dmitryuk about 3 years ago - 2 comments
Labels: Security, Feature, Status: Needs Review

#48142 - [Security][SecurityBundle] User authorization checker

Pull Request - State: closed - Opened by natewiebe13 about 3 years ago - 20 comments
Labels: Security, Feature, SecurityBundle, Status: Reviewed

#48142 - [Security][SecurityBundle] User authorization checker

Pull Request - State: closed - Opened by natewiebe13 about 3 years ago - 20 comments
Labels: Security, Feature, SecurityBundle, Status: Reviewed

#47814 - InvalidArgumentException: Class "" used for service "security.listener.session.main" cannot be found

Issue - State: closed - Opened by andrea-daru about 3 years ago - 4 comments
Labels: Security, Bug, Status: Needs Review, Status: Waiting feedback

#47488 - [Security] Fix valid remember-me token exposure to the second consequent request

Pull Request - State: closed - Opened by zerkms over 3 years ago - 2 comments
Labels: Security, Bug, Status: Reviewed

#47287 - [Security] login_throttling: Allow configuring the multiplier "5"

Issue - State: closed - Opened by ThomasLandauer over 3 years ago - 4 comments
Labels: Security, Feature, RateLimiter, Stalled

#47276 - CSRF Token is not kept when session is renewed with REMEMBERME

Issue - State: closed - Opened by allan-simon over 3 years ago - 9 comments
Labels: Security, Bug, Status: Needs Review

#46493 - [Security] Add the ability for voter to return decision reason

Pull Request - State: closed - Opened by alamirault over 3 years ago - 9 comments
Labels: Security, Feature, Status: Needs Review, Deprecation

#46362 - [Security][Throttling] Hide username and client ip in logs

Issue - State: closed - Opened by xelaris over 3 years ago - 8 comments
Labels: Security

#46338 - [Security] Allow configuring a target url when switching user

Pull Request - State: closed - Opened by 94noni over 3 years ago - 8 comments
Labels: Security, Feature, Status: Reviewed

#46320 - [Security] Allow disabling redirect on logout

Pull Request - State: open - Opened by jvasseur over 3 years ago - 2 comments
Labels: Security, Feature, Status: Needs Work

#46312 - BackedEnum support for voters

Issue - State: open - Opened by tarlepp over 3 years ago - 3 comments
Labels: Security, Feature, Stalled

#45827 - [RFC][Security] Reduce authentication usage "magic"?

Issue - State: open - Opened by wouterj over 3 years ago - 10 comments
Labels: Security, RFC, Stalled

#45074 - [Security] access_control not working with POST request

Issue - State: closed - Opened by creiner almost 4 years ago - 8 comments
Labels: Security, Bug, Status: Needs Review, Stalled

#44968 - [Security] Login link with custom router params and query params

Pull Request - State: closed - Opened by samuelvi almost 4 years ago - 5 comments
Labels: Security, Feature, Status: Needs Review

#44968 - [Security] Login link with custom router params and query params

Pull Request - State: closed - Opened by samuelvi almost 4 years ago - 5 comments
Labels: Security, Feature, Status: Needs Review

#44459 - [Security] Allow RememberMeHandler to use a custom RememberMeDetails class

Pull Request - State: open - Opened by tyrelcher about 4 years ago - 5 comments
Labels: Security, Feature, Status: Needs Review, Deprecation

#44320 - REMEMBER_ME cookie has path '/' by default even when application lives under directory

Issue - State: open - Opened by php4fan about 4 years ago - 14 comments
Labels: Security, Bug, Status: Needs Review, Stalled

#44308 - Class xxx used for service yyy cannot be found. Symfony completely broken after composer require security.

Issue - State: closed - Opened by php4fan about 4 years ago - 6 comments
Labels: Security, Bug, Status: Needs Review, Status: Waiting feedback

#43674 - [Security] Deprecate LogoutListener being returned as 3rd element by FirewallMapInterface::getListeners

Pull Request - State: closed - Opened by scheb about 4 years ago - 8 comments
Labels: Security, Status: Needs Work, Deprecation

#43674 - [Security] Deprecate LogoutListener being returned as 3rd element by FirewallMapInterface::getListeners

Pull Request - State: closed - Opened by scheb about 4 years ago - 8 comments
Labels: Security, Status: Needs Work, Deprecation

#43548 - [Security] Remove sorting of security listeners at runtime from Firewall

Pull Request - State: closed - Opened by scheb about 4 years ago - 6 comments
Labels: Security, Status: Needs Review

#43548 - [Security] Remove sorting of security listeners at runtime from Firewall

Pull Request - State: closed - Opened by scheb about 4 years ago - 6 comments
Labels: Security, Status: Needs Review

#43372 - Using isGranted() without a Session

Issue - State: closed - Opened by natewiebe13 about 4 years ago - 9 comments
Labels: Security, Feature

#43317 - [Security][Validator] Add missing translations for Norwegian (no)

Pull Request - State: closed - Opened by riadhlaabidi about 4 years ago - 2 comments
Labels: Validator, Security, Bug, Status: Needs Review

#43049 - TraceableFirewallListener very slow with multiple concurrent ajax request on same user

Issue - State: closed - Opened by moebiusband73 about 4 years ago - 9 comments
Labels: Security, Bug, Status: Needs Review

#42920 - Broken login throttling

Issue - State: closed - Opened by Gemorroj over 4 years ago - 4 comments
Labels: Security, Bug, Status: Needs Review, Stalled

#42793 - Disabled account is shown "Bad credentials" error

Issue - State: closed - Opened by fmonts over 4 years ago - 10 comments
Labels: Security, Bug, Status: Needs Review, Stalled

#42349 - RememberMe cookie should only contain the bare minimum of details

Issue - State: closed - Opened by zerkms over 4 years ago - 17 comments
Labels: Security

#41892 - `json_login_ldap` in chain with `json_login` and new authenticator

Issue - State: closed - Opened by oliverreese over 4 years ago - 30 comments
Labels: Security, Bug, Status: Reviewed, Help wanted, Stalled

#41853 - Use the new Authentication Manager to refresh User Token with new roles

Issue - State: open - Opened by bastien70 over 4 years ago - 9 comments
Labels: Security, Feature, Keep open

#41339 - [Security] Add an option to allow path instead of service for firewalls entry points (#39520)

Pull Request - State: closed - Opened by johnkrovitch over 4 years ago - 6 comments
Labels: Security, Feature, Status: Needs Work

#40918 - Allow Remember Me cookie with JSON Login

Issue - State: closed - Opened by fbnlsr over 4 years ago - 18 comments
Labels: Security, Feature

#40571 - [New authenticator manager] - Seems to be a bug between @isGranted and @Security annotations

Issue - State: closed - Opened by bastien70 over 4 years ago - 7 comments
Labels: Security, Bug, Status: Needs Review, Keep open

#39345 - [Security][Validator] Add missing Portuguese translations

Pull Request - State: closed - Opened by NicolasJourdan about 5 years ago - 2 comments
Labels: Validator, Security, Status: Reviewed, Missing translations

#37325 - Fix the supports() method argument type of the security voter

Pull Request - State: closed - Opened by francoispluchino over 5 years ago - 39 comments
Labels: Security, Bug, Status: Reviewed

#37033 - new security authenticator fails

Issue - State: closed - Opened by bitgandtter over 5 years ago - 5 comments
Labels: Security, Bug, Status: Needs Review

#37008 - [Security] Fixed AbstractToken::hasUserChanged()

Pull Request - State: closed - Opened by wouterj over 5 years ago - 12 comments
Labels: Security, Bug, Status: Reviewed

#36814 - CSRF exception for LogoutListener Firewall isn't handled

Issue - State: closed - Opened by davispuh over 5 years ago - 6 comments
Labels: Security, Bug, Status: Needs Review

#36668 - [DX][Security] Add (de)authentication information to the profiler

Issue - State: open - Opened by wouterj over 5 years ago - 2 comments
Labels: Security, Feature, SecurityBundle, DX, Help wanted, Keep open

#35102 - Symfony 4.2 upgrade and migration to Guard

Issue - State: closed - Opened by umpirsky almost 6 years ago - 7 comments
Labels: Security

#34958 - Change PHPSESSID on each request

Issue - State: closed - Opened by cristobal85 almost 6 years ago - 12 comments
Labels: Security, Bug, Status: Needs Review, Status: Waiting feedback

#34589 - Symfony 4.3 encode password failed, unable to fetch the response from the backend: unexpected EOF.

Issue - State: closed - Opened by lijunhaoabroad about 6 years ago - 13 comments
Labels: Security, Bug, Status: Needs Review, Status: Waiting feedback

#33171 - [Security][CSRF] Added CSRF CookieStorageInterface

Pull Request - State: closed - Opened by jderusse over 6 years ago - 15 comments
Labels: Security, Feature, Status: Needs Review

#29946 - [Security][BUG] Security final class can not be mocked in unit tests

Issue - State: closed - Opened by anitadavid almost 7 years ago - 5 comments
Labels: Security

#28461 - Add event for pre-authentication

Issue - State: closed - Opened by umulmrum about 7 years ago - 9 comments
Labels: Security, Feature

#27995 - [Security][DX] Be able to know why exactly SecurityVoter returns false

Issue - State: closed - Opened by stephanvierkant over 7 years ago - 12 comments
Labels: Security, Feature, DX, Keep open

#27961 - UsernamePasswordFormAuthenticationListener cant handle missing field "_username"

Issue - State: closed - Opened by ghost over 7 years ago - 19 comments
Labels: Security, Bug, Status: Needs Review

#27440 - Authentication exceptions logged before having the chance to get handled

Issue - State: closed - Opened by spantaleev over 7 years ago - 11 comments
Labels: Security, Bug, HttpKernel, Status: Needs Review

#16026 - Redirect authenticated with RememberMeToken user to login form after access check in controller

Issue - State: closed - Opened by wiistriker about 10 years ago - 40 comments
Labels: Security, Enhancement, Status: Waiting feedback, Stalled

#13464 - CSRF Protection without starting session

Issue - State: closed - Opened by Koc almost 11 years ago - 16 comments
Labels: Security, Feature

#6538 - Check if a route is accessible for a ROLE or a list of ROLE

Issue - State: closed - Opened by raziel057 almost 13 years ago - 21 comments
Labels: Security, Feature

#2494 - [SecurityBundle] Role prefix with a dedicated Role class

Issue - State: closed - Opened by maxailloud about 14 years ago - 5 comments
Labels: Security