[Security] TokenBasedRememberMeServices test to show why encoding username is required

author: Dawid Nowak <code@dnowak.pl> 2015-05-16 18:06:19 +0200
committer: Fabien Potencier <fabien.potencier@gmail.com> 2015-05-21 06:29:39 +0200
commit: fc2175946153bee537787dc1b6d8854c827f5e36 (patch)
tree: 2736724fbee28a77f98420c78b89512e9f50ce7e /Http
parent: c7a417a9e3a9712ddd2f8650193232fcf370e3c8 (diff)
download: symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.zip
symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.tar.gz
symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.tar.bz2
1 files changed, 2 insertions, 0 deletions
diff --git a/Http/RememberMe/TokenBasedRememberMeServices.php b/Http/RememberMe/TokenBasedRememberMeServices.php
index 3d2cf12..605b359 100644
--- a/Http/RememberMe/TokenBasedRememberMeServices.php
+++ b/Http/RememberMe/TokenBasedRememberMeServices.php
@@ -125,6 +125,8 @@ class TokenBasedRememberMeServices extends AbstractRememberMeServices
      */
     protected function generateCookieValue($class, $username, $expires, $password)
     {
+        // $username is encoded because it might contain COOKIE_DELIMITER,
+        // we assume other values don't
         return $this->encodeCookie(array(
             $class,
             base64_encode($username),
author	Dawid Nowak <code@dnowak.pl>	2015-05-16 18:06:19 +0200
committer	Fabien Potencier <fabien.potencier@gmail.com>	2015-05-21 06:29:39 +0200
commit	fc2175946153bee537787dc1b6d8854c827f5e36 (patch)
tree	2736724fbee28a77f98420c78b89512e9f50ce7e /Http
parent	c7a417a9e3a9712ddd2f8650193232fcf370e3c8 (diff)
download	symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.zip symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.tar.gz symfony-security-fc2175946153bee537787dc1b6d8854c827f5e36.tar.bz2