composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-25 11:38:44 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°8017 - Security - dependabot - Symfony's VarDumper vulnerable to un… (#731)

Browse Source 
Upgrade all Symfony components to last security fix (~6.4.0)
This commit is contained in:
Benjamin Dalsass
2025-08-06 08:54:56 +02:00
committed by GitHub
parent 603340b852
commit cdbcd14767
608 changed files with 5020 additions and 3793 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/symfony/web-profiler-bundle/Controller/ProfilerController.php
View File

@@ -41,7 +41,7 @@ class ProfilerController
private ?ContentSecurityPolicyHandler $cspHandler;
private ?string $baseDir;
public function __construct(UrlGeneratorInterface $generator, ?Profiler $profiler, Environment $twig, array $templates, ContentSecurityPolicyHandler $cspHandler = null, string $baseDir = null)
public function __construct(UrlGeneratorInterface $generator, ?Profiler $profiler, Environment $twig, array $templates, ?ContentSecurityPolicyHandler $cspHandler = null, ?string $baseDir = null)
{
$this->generator = $generator;
$this->profiler = $profiler;
@@ -127,7 +127,7 @@ class ProfilerController
*
* @throws NotFoundHttpException
*/
public function toolbarAction(Request $request, string $token = null): Response
public function toolbarAction(Request $request, ?string $token = null): Response
{
if (null === $this->profiler) {
throw new NotFoundHttpException('The profiler must be enabled.');
@@ -180,7 +180,7 @@ class ProfilerController
$this->cspHandler?->disableCsp();
$session = null;
if ($request->attributes->getBoolean('_stateless') && $request->hasSession()) {
if (!$request->attributes->getBoolean('_stateless') && $request->hasSession()) {
$session = $request->getSession();
}