Skip to content

Commit

Permalink
feature #18617 [Security] Allow an array of pattern in firewall confi…
Browse files Browse the repository at this point in the history 
…guration (alexandre-daubois)

This PR was merged into the 6.4 branch.

Discussion
----------

[Security] Allow an array of pattern in firewall configuration

Related to symfony/symfony#51128

Commits
-------

66a7330 [SecurityBundle] Allow an array of pattern in firewall configuration
  • Loading branch information
@OskarStark
OskarStark committed Aug 1, 2023
2 parents 7cc92d5 + 66a7330 commit 393823c
Showing 1 changed file with 49 additions and 0 deletions.
49 changes: 49 additions & 0 deletions security.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -561,6 +561,55 @@ The ``dev`` firewall is really a fake firewall: it makes sure that you
don't accidentally block Symfony's dev tools - which live under URLs like
``/_profiler`` and ``/_wdt``.

.. tip::

Instead of creating one long regex to match all routes you want, you're
also able to use an array of simpler regexes to match routes:

.. configuration-block::

.. code-block:: yaml
# config/packages/security.yaml
security:
# ...
firewalls:
dev:
pattern:
- ^/_profiler/
- ^/_wdt/
- ^/css/
- ^/images/
- ^/js/
# ...
.. code-block:: php
// config/packages/security.php
use Symfony\Config\SecurityConfig;
return static function (SecurityConfig $security): void {
// ...
$security->firewall('dev')
->pattern([
'^/_profiler/',
'^/_wdt/',
'^/css/',
'^/images/',
'^/js/',
])
->security(false)
;
// ...
};
This feature is not supported by the XML configuration format.

.. versionadded:: 6.4

The possibility to use an array of regex was introduced in Symfony 6.4.

All *real* URLs are handled by the ``main`` firewall (no ``pattern`` key means
it matches *all* URLs). A firewall can have many modes of authentication,
in other words, it enables many ways to ask the question "Who are you?".
Expand Down

0 comments on commit 393823c

Please sign in to comment.