Page MenuHomePhabricator

D13151.id31802.diff
No OneTemporary

D13151.id31802.diff

diff --git a/src/applications/people/storage/PhabricatorUser.php b/src/applications/people/storage/PhabricatorUser.php
--- a/src/applications/people/storage/PhabricatorUser.php
+++ b/src/applications/people/storage/PhabricatorUser.php
@@ -59,6 +59,7 @@
private $authorities = array();
private $handlePool;
+ private $csrfSalt;
protected function readField($field) {
switch ($field) {
@@ -342,16 +343,14 @@
self::CSRF_TOKEN_LENGTH);
}
- /**
- * @phutil-external-symbol class PhabricatorStartup
- */
public function getCSRFToken() {
- $salt = PhabricatorStartup::getGlobal('csrf.salt');
- if (!$salt) {
- $salt = Filesystem::readRandomCharacters(self::CSRF_SALT_LENGTH);
- PhabricatorStartup::setGlobal('csrf.salt', $salt);
+ if ($this->csrfSalt === null) {
+ $this->csrfSalt = Filesystem::readRandomCharacters(
+ self::CSRF_SALT_LENGTH);
}
+ $salt = $this->csrfSalt;
+
// Generate a token hash to mitigate BREACH attacks against SSL. See
// discussion in T3684.
$token = $this->getRawCSRFToken();

File Metadata

Mime Type
text/plain
Expires
Fri, Dec 20, 5:40 PM (8 h, 4 m)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6911400
Default Alt Text
D13151.id31802.diff (1 KB)

Event Timeline