diff --git a/system/Security/Security.php b/system/Security/Security.php index c96ff56efb80..33a9ba002b2d 100644 --- a/system/Security/Security.php +++ b/system/Security/Security.php @@ -233,46 +233,6 @@ private function configureCookie(CookieConfig $cookie): void Cookie::setDefaults($cookie); } - /** - * CSRF Verify - * - * @return $this|false - * - * @throws SecurityException - * - * @deprecated Use `CodeIgniter\Security\Security::verify()` instead of using this method. - * - * @codeCoverageIgnore - */ - public function CSRFVerify(RequestInterface $request) - { - return $this->verify($request); - } - - /** - * Returns the CSRF Token. - * - * @deprecated Use `CodeIgniter\Security\Security::getHash()` instead of using this method. - * - * @codeCoverageIgnore - */ - public function getCSRFHash(): ?string - { - return $this->getHash(); - } - - /** - * Returns the CSRF Token Name. - * - * @deprecated Use `CodeIgniter\Security\Security::getTokenName()` instead of using this method. - * - * @codeCoverageIgnore - */ - public function getCSRFTokenName(): string - { - return $this->getTokenName(); - } - /** * CSRF Verify * @@ -446,18 +406,6 @@ public function getCookieName(): string return $this->config->cookieName; } - /** - * Check if CSRF cookie is expired. - * - * @deprecated - * - * @codeCoverageIgnore - */ - public function isExpired(): bool - { - return $this->cookie->isExpired(); - } - /** * Check if request should be redirect on failure. */ @@ -590,40 +538,6 @@ private function saveHashInCookie(): void $response->setCookie($this->cookie); } - /** - * CSRF Send Cookie - * - * @return false|Security - * - * @deprecated Set cookies to Response object instead. - */ - protected function sendCookie(RequestInterface $request) - { - assert($request instanceof IncomingRequest); - - if ($this->cookie->isSecure() && ! $request->isSecure()) { - return false; - } - - $this->doSendCookie(); - log_message('info', 'CSRF cookie sent.'); - - return $this; - } - - /** - * Actual dispatching of cookies. - * Extracted for this to be unit tested. - * - * @codeCoverageIgnore - * - * @deprecated Set cookies to Response object instead. - */ - protected function doSendCookie(): void - { - cookies([$this->cookie], false)->dispatch(); - } - private function saveHashInSession(): void { $this->session->set($this->config->tokenName, $this->hash); diff --git a/system/Security/SecurityInterface.php b/system/Security/SecurityInterface.php index a4124b803198..1460cf0e6a00 100644 --- a/system/Security/SecurityInterface.php +++ b/system/Security/SecurityInterface.php @@ -50,13 +50,6 @@ public function getHeaderName(): string; */ public function getCookieName(): string; - /** - * Check if CSRF cookie is expired. - * - * @deprecated - */ - public function isExpired(): bool; - /** * Check if request should be redirect on failure. */ diff --git a/user_guide_src/source/changelogs/v4.5.0.rst b/user_guide_src/source/changelogs/v4.5.0.rst index 1997260dd4da..4be91284d68a 100644 --- a/user_guide_src/source/changelogs/v4.5.0.rst +++ b/user_guide_src/source/changelogs/v4.5.0.rst @@ -184,6 +184,17 @@ Response - ``ResponseTrait::$cookieSameSite`` - ``ResponseTrait::$cookies`` +Security +-------- + +- ``SecurityInterface::isExpired()`` +- ``Security::isExpired()`` +- ``Security::CSRFVerify()`` +- ``Security::getCSRFHash()`` +- ``Security::getCSRFTokenName()`` +- ``Security::sendCookie()`` +- ``Security::doSendCookie()`` + CodeIgniter -----------