composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-28 13:08:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/symfony/web-profiler-bundle/Controller/ExceptionPanelController.php
View File

@@ -28,7 +28,7 @@ class ExceptionPanelController
private HtmlErrorRenderer $errorRenderer;
private ?Profiler $profiler;
public function __construct(HtmlErrorRenderer $errorRenderer, Profiler $profiler = null)
public function __construct(HtmlErrorRenderer $errorRenderer, ?Profiler $profiler = null)
{
$this->errorRenderer = $errorRenderer;
$this->profiler = $profiler;

6
lib/symfony/web-profiler-bundle/Controller/ProfilerController.php
View File

@@ -41,7 +41,7 @@ class ProfilerController
private ?ContentSecurityPolicyHandler $cspHandler;
private ?string $baseDir;
public function __construct(UrlGeneratorInterface $generator, ?Profiler $profiler, Environment $twig, array $templates, ContentSecurityPolicyHandler $cspHandler = null, string $baseDir = null)
public function __construct(UrlGeneratorInterface $generator, ?Profiler $profiler, Environment $twig, array $templates, ?ContentSecurityPolicyHandler $cspHandler = null, ?string $baseDir = null)
{
$this->generator = $generator;
$this->profiler = $profiler;
@@ -127,7 +127,7 @@ class ProfilerController
*
* @throws NotFoundHttpException
*/
public function toolbarAction(Request $request, string $token = null): Response
public function toolbarAction(Request $request, ?string $token = null): Response
{
if (null === $this->profiler) {
throw new NotFoundHttpException('The profiler must be enabled.');
@@ -180,7 +180,7 @@ class ProfilerController
$this->cspHandler?->disableCsp();
$session = null;
if ($request->attributes->getBoolean('_stateless') && $request->hasSession()) {
if (!$request->attributes->getBoolean('_stateless') && $request->hasSession()) {
$session = $request->getSession();
}

10
lib/symfony/web-profiler-bundle/Controller/RouterController.php
View File

@@ -40,7 +40,7 @@ class RouterController
*/
private iterable $expressionLanguageProviders;
public function __construct(?Profiler $profiler, Environment $twig, UrlMatcherInterface $matcher = null, RouteCollection $routes = null, iterable $expressionLanguageProviders = [])
public function __construct(?Profiler $profiler, Environment $twig, ?UrlMatcherInterface $matcher = null, ?RouteCollection $routes = null, iterable $expressionLanguageProviders = [])
{
$this->profiler = $profiler;
$this->twig = $twig;
@@ -83,10 +83,10 @@ class RouterController
*/
private function getTraces(RequestDataCollector $request, string $method): array
{
$traceRequest = Request::create(
$request->getPathInfo(),
$request->getRequestServer(true)->get('REQUEST_METHOD'),
\in_array($request->getMethod(), ['DELETE', 'PATCH', 'POST', 'PUT'], true) ? $request->getRequestRequest()->all() : $request->getRequestQuery()->all(),
$traceRequest = new Request(
$request->getRequestQuery()->all(),
$request->getRequestRequest()->all(),
$request->getRequestAttributes()->all(),
$request->getRequestCookies(true)->all(),
[],
$request->getRequestServer(true)->all()