We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
1 parent 51be0a3 commit 8aa8defCopy full SHA for 8aa8def
symfony/user.md
@@ -139,6 +139,17 @@ class User implements UserInterface, PasswordAuthenticatedUserInterface
139
{
140
return (string) $this->email;
141
}
142
+
143
+ /**
144
+ * @see UserInterface
145
+ *
146
+ * Required until Symfony 8.0, where eraseCredentials() will be removed from the interface.
147
+ * No-op since plainPassword is cleared manually in the password processor.
148
+ */
149
+ public function eraseCredentials(): void
150
+ {
151
+ // Intentionally left blank
152
+ }
153
154
```
155
@@ -251,6 +262,9 @@ final readonly class UserPasswordHasher implements ProcessorInterface
251
262
);
252
263
$data->setPassword($hashedPassword);
253
264
265
+ // To avoid leaving sensitive data like the plain password in memory or logs, we manually clear it after hashing.
266
+ $data->setPlainPassword(null);
267
254
268
return $this->processor->process($data, $operation, $uriVariables, $context);
255
269
256
270
AltStyle によって変換されたページ (->オリジナル) / アドレス: モード: デフォルト 音声ブラウザ ルビ付き 配色反転 文字拡大 モバイル
0 commit comments