fe9786597d
This PR was squashed before being merged into the 7.4 branch.
Discussion
----------
[SecurityBundle] Fix profiler showing ERROR instead of DENIED
The `|default(null)` filter treats boolean `false` as empty and replaces it with `null`, causing the DENIED label to show as ERROR in the Access Decision log.
| Q | A
| ------------- | ---
| Branch? | 7.4
| Bug fix? | yes
| New feature? | no
| Deprecations? | no
| Issues | Fix #63721
| License | MIT
## Description
In `security.html.twig`, the Access Decision log Result column shows **ERROR** instead of **DENIED** when a voter denies access.
**Root cause:** Line 537 uses `decision.result|default(null)`. Twig's `default` filter treats `false` as "empty" and replaces it with `null`. The subsequent `result is same as(false)` check fails, falling through to the ERROR branch.
**Fix:** Replace `|default(null)` with `is defined ?` ternary:
```diff
- {% set result = decision.result|default(null) %}
+ {% set result = decision.result is defined ? decision.result : null %}
```
This preserves the boolean `false` value so `result is same as(false)` correctly evaluates to `true` → displays **DENIED**.
Commits
-------
|
||
|---|---|---|
| .github | ||
| src/Symfony | ||
| .editorconfig | ||
| .git-blame-ignore-revs | ||
| .gitattributes | ||
| .gitignore | ||
| .php-cs-fixer.dist.php | ||
| .twig-cs-fixer.dist.php | ||
| CHANGELOG-7.0.md | ||
| CHANGELOG-7.1.md | ||
| CHANGELOG-7.2.md | ||
| CHANGELOG-7.3.md | ||
| CHANGELOG-7.4.md | ||
| CODE_OF_CONDUCT.md | ||
| composer.json | ||
| CONTRIBUTING.md | ||
| CONTRIBUTORS.md | ||
| LICENSE | ||
| link | ||
| phpunit | ||
| phpunit.xml.dist | ||
| psalm.xml | ||
| README.md | ||
| splitsh.json | ||
| UPGRADE-7.0.md | ||
| UPGRADE-7.1.md | ||
| UPGRADE-7.2.md | ||
| UPGRADE-7.3.md | ||
| UPGRADE-7.4.md | ||
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Symfony is used by thousands of web applications and most of the popular PHP projects.
Installation
- Install Symfony with Composer (see requirements details).
- Symfony follows the semantic versioning strictly, publishes "Long Term Support" (LTS) versions and has a release process that is predictable and business-friendly.
Sponsor
Symfony 7.4 is backed by:
As the creator of Symfony, SensioLabs supports companies using Symfony, with an offering encompassing consultancy, expertise, services, training, and technical assistance to ensure the success of web application development projects.
Private Packagist is a fast, reliable, and secure Composer repository for your private packages. It mirrors all your open-source dependencies for better availability and monitors them for security vulnerabilities.
redirection.io logs all your website’s HTTP traffic, and lets you fix errors with redirect rules in seconds. Give your marketing, SEO and IT teams the right tool to manage your website traffic efficiently!
JoliCode is a team of passionate developers and open-source lovers, with a strong expertise in PHP & Symfony technologies. They can help you build your projects using state-of-the-art practices.
Help Symfony by sponsoring its development!
Documentation
- Read the Getting Started guide if you are new to Symfony.
- Try the Symfony Demo application to learn Symfony in practice.
- Discover Symfony ecosystem in detail with Symfony The Fast Track.
- Master Symfony with the Guides and Tutorials, the Components docs and the Best Practices reference.
Community
- Join the Symfony Community and meet other members at the Symfony events.
- Get Symfony support on GitHub Discussions, Slack, etc.
- Follow us on GitHub, Twitter and Facebook.
- Read our Code of Conduct and meet the CARE Team.
Contributing
Symfony is an Open Source, community-driven project with thousands of contributors. Join them contributing code or contributing documentation.
Security Issues
If you discover a security vulnerability within Symfony, please follow our disclosure procedure.
About Us
Symfony development is led by the Symfony Core Team and supported by Symfony contributors.