On 17.01.2011, at 09:52, Lukas Kahwe Smith wrote: > > On 17.01.2011, at 09:51, Lukas Kahwe Smith wrote: > >> Hi, >> >> Here are the open issues I see in the security layer: >> 1) rememberme >> https://github.com/fabpot/symfony/pull/254 >> >> 2) csrf missing in form_login >> http://groups.google.com/group/symfony-devs/browse_thread/thread/a6050244c09a42ea/f306a4241aa18e8c?#f306a4241aa18e8c >> >> 3) password in clear text in the session >> http://groups.google.com/group/symfony-devs/browse_thread/thread/268c603699a7e0b5/56f5b7eed853d413 >> >> 4) Extension refactoring >> http://groups.google.com/group/symfony-devs/browse_thread/thread/a1252a0f232c6692# >> http://groups.google.com/group/symfony-devs/browse_thread/thread/c4e6ffc7ecbcf708# >> >> 5) other pull requests >> https://github.com/fabpot/symfony/pull/386 >> https://github.com/fabpot/symfony/pull/395 >> >> 6) open tickets >> http://trac.symfony-project.org/ticket/9301 >> http://trac.symfony-project.org/ticket/9300 >> http://trac.symfony-project.org/ticket/9275 > http://trac.symfony-project.org/ticket/9350 >> >> 7) not sure if we want to include it here, but there are a couple tickets >> about listeners in general >> http://trac.symfony-project.org/ticket/9250 >> http://trac.symfony-project.org/ticket/9249 >> http://trac.symfony-project.org/ticket/9248
8) controller support in the firewall config http://groups.google.com/group/symfony-devs/msg/6df6a61a6346816c BTW: should be maybe make a wiki page for each focus area where we track this stuff? regards, Lukas Kahwe Smith [email protected] -- If you want to report a vulnerability issue on symfony, please send it to security at symfony-project.com You received this message because you are subscribed to the Google Groups "symfony developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/symfony-devs?hl=en
