Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 637f5ca

Browse files
nicolas-grekasnicolas-grekas
committed
Merge branch '6.4' into 7.4
* 6.4: Allow defining security provider factories without config [FrameworkBundle] Bump Request/Session value resolver priority above EntityValueResolver [Security] Remove the legacy nested unserialize() call from token and exception classes [Yaml] Reject non-stringables when using "!!binary" [Messenger][Amqp] delayed quorum queues [Notifier] Use `hash_equals()` to compare webhook signatures for Vonage [Inflector][String] Fixed singularize `traces` > `trace` [AssetMapper] Warn on missing bare CSS and JSON imports When pushing, run GHA only on "*.*" branches [Console] Fix signal handler scoping [Security] Preserve webserver base URL in HttpUtils::createRequest()
2 parents 4b9cb20 + a9cd7d7 commit 637f5ca

2 files changed

Lines changed: 21 additions & 2 deletions

File tree

Resources/config/web.php

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -83,10 +83,13 @@
8383
->tag('controller.argument_value_resolver', ['priority' => 100, 'name' => RequestAttributeValueResolver::class])
8484

8585
->set('argument_resolver.request', RequestValueResolver::class)
86-
->tag('controller.argument_value_resolver', ['priority' => 50, 'name' => RequestValueResolver::class])
86+
// Run before EntityValueResolver (DoctrineBundle, priority 110) so type-hinted
87+
// Request arguments do not trigger entity-manager bootstrap. Keep this above
88+
// DoctrineBundle's EntityValueResolver priority if it ever changes.
89+
->tag('controller.argument_value_resolver', ['priority' => 120, 'name' => RequestValueResolver::class])
8790

8891
->set('argument_resolver.session', SessionValueResolver::class)
89-
->tag('controller.argument_value_resolver', ['priority' => 50, 'name' => SessionValueResolver::class])
92+
->tag('controller.argument_value_resolver', ['priority' => 120, 'name' => SessionValueResolver::class])
9093

9194
->set('argument_resolver.service', ServiceValueResolver::class)
9295
->args([

Tests/DependencyInjection/FrameworkExtensionTestCase.php

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -181,6 +181,22 @@ public function testPropertyAccessCacheWithDebug()
181181
$this->assertSame(ArrayAdapter::class, $cache->getClass(), 'ArrayAdapter should be used in debug mode');
182182
}
183183

184+
public function testRequestAndSessionValueResolversRunBeforeEntityValueResolver()
185+
{
186+
$container = $this->createContainerFromFile('full');
187+
188+
// DoctrineBundle ships EntityValueResolver at priority 110. Lower priorities trigger an
189+
// entity-manager bootstrap on every Request/Session controller argument before the
190+
// dedicated resolver is asked, costing tens of ms per request.
191+
$entityValueResolverPriority = 110;
192+
193+
$requestTag = $container->getDefinition('argument_resolver.request')->getTag('controller.argument_value_resolver');
194+
$this->assertGreaterThan($entityValueResolverPriority, $requestTag[0]['priority']);
195+
196+
$sessionTag = $container->getDefinition('argument_resolver.session')->getTag('controller.argument_value_resolver');
197+
$this->assertGreaterThan($entityValueResolverPriority, $sessionTag[0]['priority']);
198+
}
199+
184200
public function testCsrfProtectionNeedsSessionToBeEnabled()
185201
{
186202
$this->expectException(\LogicException::class);

0 commit comments

Comments
 (0)