Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security] Validate that CSRF token in form login is string similar to username/password #54059

Merged
merged 1 commit into from
Apr 12, 2024
Merged

[Security] Validate that CSRF token in form login is string similar to username/password #54059

merged 1 commit into from
Apr 12, 2024

Conversation

glaubinix
Copy link
Contributor

Q A
Branch? 5.4
Bug fix? yes
New feature? no
Deprecations? no
Issues See exception output below
License MIT

Fixes

Uncaught Error: Symfony\Component\Security\Http\Authenticator\Passport\Badge\CsrfTokenBadge::__construct(): Argument #2 ($csrfToken) must be of type ?string, array given, called in /vendor/symfony/security-http/Authenticator/FormLoginAuthenticator.php on line 88

@carsonbot carsonbot added this to the 7.1 milestone Feb 26, 2024
@glaubinix glaubinix changed the base branch from 7.1 to 5.4 February 26, 2024 11:00
@glaubinix glaubinix force-pushed the login-csrf-token-invalid-type branch 2 times, most recently from 5f7ceef to 5fe6415 Compare February 26, 2024 11:06
@OskarStark OskarStark changed the title [Security] validate that csrf token in form login is string similar to username/password [Security] validate that CSRF token in form login is string similar to username/password Feb 27, 2024
@symfony symfony deleted a comment from carsonbot Feb 27, 2024
@OskarStark OskarStark changed the title [Security] validate that CSRF token in form login is string similar to username/password [Security] Validate that CSRF token in form login is string similar to username/password Feb 29, 2024
@nicolas-grekas nicolas-grekas modified the milestones: 7.1, 5.4 Apr 12, 2024
@nicolas-grekas
Copy link
Member

Thank you @glaubinix.

@nicolas-grekas nicolas-grekas merged commit a52bbe7 into symfony:5.4 Apr 12, 2024
8 checks passed
This was referenced Apr 29, 2024
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@xabbuh xabbuh xabbuh approved these changes

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

Assignees
No one assigned
Labels
Bug Security Status: Reviewed
Projects
None yet
Milestone
5.4
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@glaubinix @nicolas-grekas @xabbuh @1047524396 @carsonbot