Firewall that allows authentication with HTTP GET parameter error #26109
Labels
Comments
Bomere
referenced
this issue
Feb 9, 2018
* 2.7: [appveyor] set memory_limit=-1 [Router] Skip anonymous classes when loading annotated routes Fixed Request::__toString ignoring cookies [Security] Fix fatal error on non string username
|
This looks like a merge mistake to me 😢 The original change by @chalasr : https://github.com/symfony/symfony/pull/25657/files#diff-e07c3e5653e210d017545d47c1bd7e76R111 |
|
See #26111 |
chalasr
added a commit
that referenced
this issue
Feb 9, 2018
…cher) This PR was merged into the 2.8 branch. Discussion ---------- [Security] fix merge of 2.7 into 2.8 + add test case | Q | A | ------------- | --- | Branch? | 2.8 | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #26109 | License | MIT | Doc PR | - This fixes the merge mistake done in 899bf99 that caused this fail with the added test case: ``` There was 1 failure: 1) Symfony\Component\Security\Tests\Http\Firewall\UsernamePasswordFormAuthenticationListenerTest::testHandleNonStringUsername with data set #1 (false) Failed asserting that exception of type "TypeError" matches expected exception "\Symfony\Component\HttpKernel\Exception\BadRequestHttpException". Message was: "Argument 1 passed to Symfony\Component\Security\Http\ParameterBagUtils::getParameterBagValue() must be an instance of Symfony\Component\HttpFoundation\ParameterBag, instance of Symfony\Component\HttpFoundation\Request given, called in /var/www/symfony/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php on line 100" at /var/www/symfony/src/Symfony/Component/Security/Http/ParameterBagUtils.php:39 /var/www/symfony/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php:100 /var/www/symfony/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php:140 /var/www/symfony/src/Symfony/Component/Security/Http/Tests/Firewall/UsernamePasswordFormAuthenticationListenerTest.php:102 ``` Original fix in 2.7: https://github.com/symfony/symfony/pull/25657/files#diff-e07c3e5653e210d017545d47c1bd7e76R111 Commits ------- 51d9008 [Security] fix merge of 2.7 into 2.8 + add test case
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi @nicolas-grekas ,
I'm getting an error since changes (commit 899bf99) to the vendor/symfony/symfony/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php.
The value of post_only parameter in the firewall config is false.
Since the update to 2.8.34, I get this error:
TY!
The text was updated successfully, but these errors were encountered: