This repository has been archived by the owner on May 31, 2024. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Security] fixed automatic registration of the response listener when…
… creating the listener This is not a problem with Symfony, but when using the component standalone (Silex for instance), the context listener might be instantiated even if the firewall does not need to be fired. In that case, the handle() method is not called, but the response listener is called, which means that en empty token is stored in the session. For Silex, it means that when authenticated, if you visit a 404 page, you would be disconnected automatically.
- Loading branch information