Skip to content

Commit 8036319

Browse files
javiereguiluzjaviereguiluz
committed
Merge branch '6.2' into 6.3
* 6.2: Update link to HAL specification Add SensitiveParameter attribute in the security hardening list Fix "Login Programmatically" code example
2 parents 4e9ec99 + 755033a commit 8036319

File tree

3 files changed

+7
-7
lines changed

3 files changed

+7
-7
lines changed

contributing/code/security.rst

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,8 +22,8 @@ email for confirmation):
2222
is set to ``true`` or ``APP_ENV`` set to anything but ``prod``);
2323

2424
* Any fix that can be classified as **security hardening** like route
25-
enumeration, login throttling bypasses, denial of service attacks, or timing
26-
attacks.
25+
enumeration, login throttling bypasses, denial of service attacks, timing
26+
attacks, or lack of ``SensitiveParameter`` attributes.
2727

2828
In any case, the core team has the final decision on which issues are
2929
considered security vulnerabilities.

security.rst

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1648,16 +1648,16 @@ You can log in a user programmatically using the `login()` method of the
16481648
$user = ...;
16491649

16501650
// log the user in on the current firewall
1651-
$this->security->login($user);
1651+
$security->login($user);
16521652

16531653
// if the firewall has more than one authenticator, you must pass it explicitly
16541654
// by using the name of built-in authenticators...
1655-
$this->security->login($user, 'form_login');
1655+
$security->login($user, 'form_login');
16561656
// ...or the service id of custom authenticators
1657-
$this->security->login($user, ExampleAuthenticator::class);
1657+
$security->login($user, ExampleAuthenticator::class);
16581658

16591659
// you can also log in on a different firewall
1660-
$this->security->login($user, 'form_login', 'other_firewall');
1660+
$security->login($user, 'form_login', 'other_firewall');
16611661

16621662
// ... redirect the user to its account page for instance
16631663
}

serializer.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -529,4 +529,4 @@ take a look at how this bundle works.
529529
.. _`OpenAPI`: https://www.openapis.org
530530
.. _`GraphQL`: https://graphql.org
531531
.. _`JSON:API`: https://jsonapi.org
532-
.. _`HAL`: http://stateless.co/hal_specification.html
532+
.. _`HAL`: https://stateless.group/hal_specification.html

0 commit comments

Comments
 (0)