diff options
| author | Fabien Potencier <fabien.potencier@gmail.com> | 2016-12-14 09:11:55 +0100 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2016-12-14 09:11:55 +0100 |
| commit | e396644d91c69dd7844f83735832e896e6ed4bf3 (patch) | |
| tree | 8e5e01eb5837ca779e8af5fc27076ed278ef192c /Http/Tests/HttpUtilsTest.php | |
| parent | 457ab5ad8b4e2f4bb1db7ed3b967ce55f4e9a0ae (diff) | |
| parent | 17973679c2d85c2ee5bd2e093ce9d9428a9d00ac (diff) | |
| download | symfony-security-e396644d91c69dd7844f83735832e896e6ed4bf3.zip symfony-security-e396644d91c69dd7844f83735832e896e6ed4bf3.tar.gz symfony-security-e396644d91c69dd7844f83735832e896e6ed4bf3.tar.bz2 | |
bug #20734 [Security] AbstractVoter->supportsAttribute gives false positive if attribute is zero (0) (martynas-foodpanda)
This PR was merged into the 2.7 branch.
Discussion
----------
[Security] AbstractVoter->supportsAttribute gives false positive if attribute is zero (0)
| Q | A
| ------------- | ---
| Branch? | 2.7
| Bug fix? | yes
| New feature? | no
| BC breaks? | no
| Deprecations? | no
| Tests pass? | yes
| Fixed tickets |
| License | MIT
| Doc PR |
Issue is easy to reproduce with test giving negative data set.
0 should not pass as supported attribute for any set of attributes but it does as in_array in the method does not use flag 'strict' set to true.
As this is abstract voter and is used by users with their code flag 'strict' should be set to true.
Since is there in 2.7 and 2.8 (LTS) IMHO it should be fixed.
Commits
-------
8306530 [Security] AbstractVoter method supportsAttribute gives false positive if attribute is zero (0)
Diffstat (limited to 'Http/Tests/HttpUtilsTest.php')
0 files changed, 0 insertions, 0 deletions