Skip to content

Commit

Permalink
bug #23291 [Security] Fix Firewall ExceptionListener priority (chalasr)
Browse files Browse the repository at this point in the history 
This PR was merged into the 3.3 branch.

Discussion
----------

[Security] Fix Firewall ExceptionListener priority

| Q             | A
| ------------- | ---
| Branch?       | 3.3
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #23253
| License       | MIT
| Doc PR        | n/a

When making EventDispatcher able to lazy load listeners, we stopped using `ContainerAwareEventDispatcher::addListenerService/addSubcriberService`, we use `EventDispatcher::addListener()` instead. This change makes that the order of listeners is different than before, because `ContainerAwareEventDispatcher` calls `addListener()` tardily so that factories are never stored in `EventDispatcher::$listeners`.

Example diff due to the behavior change in 3.3 (registering an `AppBundle\ExceptionListener::doCatch()` exception listener in the fullstack):

3.2
----

```php
array:5
  0 => "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException"
  1 => "AppBundle\ExceptionListener::doCatch"
  2 => "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelException"
  3 => "Symfony\Bundle\SwiftmailerBundle\EventListener\EmailSenderListener::onException"
  4 => "Symfony\Component\HttpKernel\EventListener\ExceptionListener::onKernelException"
]
```

3.3
----

```php
array:5 [
  0 => "AppBundle\ExceptionListener::doCatch"
  1 => "Symfony\Component\HttpKernel\EventListener\ProfilerListener::onKernelException"
  2 => "Symfony\Bundle\SwiftmailerBundle\EventListener\EmailSenderListener::onException"
  3 => "Symfony\Component\Security\Http\Firewall\ExceptionListener::onKernelException"
  4 => "Symfony\Component\HttpKernel\EventListener\ExceptionListener::onKernelException"
]
```
(that is what breaks #23253, the lazy listener is called before the runtime firewall exception listener on dispatch).

This fixes the order by increasing the security exception listener priority.

Commits
-------

8014b38 [Security] Fix Firewall ExceptionListener priority
  • Loading branch information
@fabpot
fabpot committed Jul 3, 2017
2 parents 10120cf + 8014b38 commit 1b0e920
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -72,7 +72,7 @@ public function __construct(TokenStorageInterface $tokenStorage, AuthenticationT
*/
public function register(EventDispatcherInterface $dispatcher)
{
$dispatcher->addListener(KernelEvents::EXCEPTION, array($this, 'onKernelException'));
$dispatcher->addListener(KernelEvents::EXCEPTION, array($this, 'onKernelException'), 1);
}

/**
Expand Down

0 comments on commit 1b0e920

Please sign in to comment.