Merge branch '2.8'

Conflicts: CHANGELOG-2.3.md CHANGELOG-2.7.md composer.json src/Symfony/Bridge/Twig/composer.json src/Symfony/Bundle/FrameworkBundle/composer.json src/Symfony/Bundle/SecurityBundle/composer.json src/Symfony/Component/Console/Tests/Helper/LegacyProgressHelperTest.php src/Symfony/Component/Console/Tests/Helper/LegacyTableHelperTest.php src/Symfony/Component/Console/composer.json src/Symfony/Component/DomCrawler/composer.json src/Symfony/Component/Form/Tests/FormRegistryTest.php src/Symfony/Component/Form/composer.json src/Symfony/Component/HttpFoundation/composer.json src/Symfony/Component/HttpKernel/Tests/Profiler/MongoDbProfilerStorageTest.php src/Symfony/Component/Intl/composer.json src/Symfony/Component/Ldap/composer.json src/Symfony/Component/Security/Core/composer.json src/Symfony/Component/Security/Csrf/composer.json src/Symfony/Component/Security/Http/composer.json src/Symfony/Component/Security/composer.json src/Symfony/Component/Serializer/Encoder/JsonEncoder.php src/Symfony/Component/Serializer/composer.json src/Symfony/Component/Templating/PhpEngine.php src/Symfony/Component/Translation/composer.json src/Symfony/Component/VarDumper/Tests/HtmlDumperTest.php src/Symfony/Component/VarDumper/composer.json
author: Tobias Schultze <webmaster@tubo-world.de> 2015-10-29 13:12:54 +0100
committer: Tobias Schultze <webmaster@tubo-world.de> 2015-10-29 13:12:54 +0100
commit: f77c39f9f724d776f97bb8187173e0815271e55b (patch)
tree: 365253b833e06a31e20f00722db369c1e3343d73 /Csrf
parent: fe0053f6ff87a470547a1898b9bf36a32e73ae7e (diff)
parent: 7c51b1c6f08ea0bfd4a44e8d0f202c6423a39587 (diff)
download: symfony-security-f77c39f9f724d776f97bb8187173e0815271e55b.zip
symfony-security-f77c39f9f724d776f97bb8187173e0815271e55b.tar.gz
symfony-security-f77c39f9f724d776f97bb8187173e0815271e55b.tar.bz2
2 files changed, 4 insertions, 4 deletions
diff --git a/Csrf/CsrfTokenManager.php b/Csrf/CsrfTokenManager.php
index e129502..cdda543 100644
--- a/Csrf/CsrfTokenManager.php
+++ b/Csrf/CsrfTokenManager.php
@@ -11,7 +11,6 @@
 
 namespace Symfony\Component\Security\Csrf;
 
-use Symfony\Component\Security\Core\Util\StringUtils;
 use Symfony\Component\Security\Csrf\TokenGenerator\UriSafeTokenGenerator;
 use Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface;
 use Symfony\Component\Security\Csrf\TokenStorage\NativeSessionTokenStorage;
@@ -92,6 +91,6 @@ class CsrfTokenManager implements CsrfTokenManagerInterface
             return false;
         }
 
-        return StringUtils::equals($this->storage->getToken($token->getId()), $token->getValue());
+        return hash_equals($this->storage->getToken($token->getId()), $token->getValue());
     }
 }
diff --git a/Csrf/composer.json b/Csrf/composer.json
index 7366b02..376db29 100644
--- a/Csrf/composer.json
+++ b/Csrf/composer.json
@@ -17,8 +17,9 @@
     ],
     "require": {
         "php": ">=5.5.9",
-        "symfony/security-core": "~2.8|~3.0",
-        "paragonie/random_compat": "~1.0"
+        "symfony/polyfill-php56": "~1.0",
+        "symfony/polyfill-php70": "~1.0",
+        "symfony/security-core": "~2.8|~3.0"
     },
     "require-dev": {
         "symfony/http-foundation": "~2.8|~3.0"
author	Tobias Schultze <webmaster@tubo-world.de>	2015-10-29 13:12:54 +0100
committer	Tobias Schultze <webmaster@tubo-world.de>	2015-10-29 13:12:54 +0100
commit	f77c39f9f724d776f97bb8187173e0815271e55b (patch)
tree	365253b833e06a31e20f00722db369c1e3343d73 /Csrf
parent	fe0053f6ff87a470547a1898b9bf36a32e73ae7e (diff)
parent	7c51b1c6f08ea0bfd4a44e8d0f202c6423a39587 (diff)
download	symfony-security-f77c39f9f724d776f97bb8187173e0815271e55b.zip symfony-security-f77c39f9f724d776f97bb8187173e0815271e55b.tar.gz symfony-security-f77c39f9f724d776f97bb8187173e0815271e55b.tar.bz2