summaryrefslogtreecommitdiffstats
path: root/Csrf
diff options
context:
space:
mode:
Diffstat (limited to 'Csrf')
-rw-r--r--Csrf/CsrfTokenManager.php3
-rw-r--r--Csrf/composer.json5
2 files changed, 4 insertions, 4 deletions
diff --git a/Csrf/CsrfTokenManager.php b/Csrf/CsrfTokenManager.php
index e129502..cdda543 100644
--- a/Csrf/CsrfTokenManager.php
+++ b/Csrf/CsrfTokenManager.php
@@ -11,7 +11,6 @@
namespace Symfony\Component\Security\Csrf;
-use Symfony\Component\Security\Core\Util\StringUtils;
use Symfony\Component\Security\Csrf\TokenGenerator\UriSafeTokenGenerator;
use Symfony\Component\Security\Csrf\TokenGenerator\TokenGeneratorInterface;
use Symfony\Component\Security\Csrf\TokenStorage\NativeSessionTokenStorage;
@@ -92,6 +91,6 @@ class CsrfTokenManager implements CsrfTokenManagerInterface
return false;
}
- return StringUtils::equals($this->storage->getToken($token->getId()), $token->getValue());
+ return hash_equals($this->storage->getToken($token->getId()), $token->getValue());
}
}
diff --git a/Csrf/composer.json b/Csrf/composer.json
index 7366b02..376db29 100644
--- a/Csrf/composer.json
+++ b/Csrf/composer.json
@@ -17,8 +17,9 @@
],
"require": {
"php": ">=5.5.9",
- "symfony/security-core": "~2.8|~3.0",
- "paragonie/random_compat": "~1.0"
+ "symfony/polyfill-php56": "~1.0",
+ "symfony/polyfill-php70": "~1.0",
+ "symfony/security-core": "~2.8|~3.0"
},
"require-dev": {
"symfony/http-foundation": "~2.8|~3.0"
generated by cgit v1.1 at 2025-05-11 12:45:02 +0000