Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

[Security] fixed automatic registration of the response listener when…

… creating the listener

This is not a problem with Symfony, but when using the component
standalone (Silex for instance), the context listener might be
instantiated even if the firewall does not need to be fired. In that
case, the handle() method is not called, but the response listener is
called, which means that en empty token is stored in the session.

For Silex, it means that when authenticated, if you visit a 404 page,
you would be disconnected automatically.
  • Loading branch information...
commit b0257cd46a78251a25c17b91acb4dbbf6890590a 1 parent 2f1d9c0
Fabien Potencier fabpot authored

Showing 1 changed file with 6 additions and 4 deletions. Show diff stats Hide diff stats

  1. +6 4 Http/Firewall/ContextListener.php
10 Http/Firewall/ContextListener.php
@@ -37,6 +37,7 @@ class ContextListener implements ListenerInterface
37 37 private $contextKey;
38 38 private $logger;
39 39 private $userProviders;
  40 + private $dispatcher;
40 41
41 42 public function __construct(SecurityContextInterface $context, array $userProviders, $contextKey, LoggerInterface $logger = null, EventDispatcherInterface $dispatcher = null)
42 43 {
@@ -54,10 +55,7 @@ public function __construct(SecurityContextInterface $context, array $userProvid
54 55 $this->userProviders = $userProviders;
55 56 $this->contextKey = $contextKey;
56 57 $this->logger = $logger;
57   -
58   - if (null !== $dispatcher) {
59   - $dispatcher->addListener(KernelEvents::RESPONSE, array($this, 'onKernelResponse'));
60   - }
  58 + $this->dispatcher = $dispatcher;
61 59 }
62 60
63 61 /**
@@ -67,6 +65,10 @@ public function __construct(SecurityContextInterface $context, array $userProvid
67 65 */
68 66 public function handle(GetResponseEvent $event)
69 67 {
  68 + if (null !== $this->dispatcher && HttpKernelInterface::MASTER_REQUEST === $event->getRequestType()) {
  69 + $this->dispatcher->addListener(KernelEvents::RESPONSE, array($this, 'onKernelResponse'));
  70 + }
  71 +
70 72 $request = $event->getRequest();
71 73
72 74 $session = $request->hasPreviousSession() ? $request->getSession() : null;

0 comments on commit b0257cd

Please sign in to comment.
Something went wrong with that request. Please try again.