CakePHP: the rapid development php framework: CakeBot

Log message #4199611

#	At	Username	Text
#	Aug 22nd 2019, 13:30	slackebot2	Action: lorenzo hides behind a facade
#	Aug 22nd 2019, 13:30	neon1024	Saying the guy who failed the PHP quiz :bow:
#	Aug 22nd 2019, 13:30	neon1024	I don’t think they’re clever at all, it’s just a facade! A static facade! :,)
#	Aug 22nd 2019, 13:29	neon1024	Bah, I think it’s a ruse
#	Aug 22nd 2019, 13:29	spriz	I'm just grateful to be in user-land :)
#	Aug 22nd 2019, 13:29	spriz	Haha, I'd have to spend quite a few hundred hours on internals before I'd be somewhere near the lower boundary of skills of those peeps
#	Aug 22nd 2019, 13:29	neon1024	Here you are @admad actual proof. If you call doing a quiz on LinkedIn proof :,)
#	Aug 22nd 2019, 13:28	neon1024	:thinking_face:
#	Aug 22nd 2019, 13:23	neon1024	“Make Cake Danish again!”
#	Aug 22nd 2019, 13:23	neon1024	Spriz for the core team!
#	Aug 22nd 2019, 13:23	spriz	and I have yet to find a use case for the `Cross Controller Communication` myself :slightly_smiling_face:
#	Aug 22nd 2019, 13:22	spriz	and don't put things in hidden formfields that should really be hidden in first place
#	Aug 22nd 2019, 13:22	spriz	much rather avoid mass-assignment of entities and use modelless forms and be gone with it
#	Aug 22nd 2019, 13:21	spriz	I don't think that's really worth it though
#	Aug 22nd 2019, 13:21	spriz	core members told me just to disable it if not using the form tampering prevention
#	Aug 22nd 2019, 13:21	neon1024	It does do form tampering
#	Aug 22nd 2019, 13:20	spriz	It's the conclusion I was given after having some troubles with it after putting our app behind CF
#	Aug 22nd 2019, 13:20	spriz	Then you don't care craps about SSL :)
#	Aug 22nd 2019, 13:20	neon1024	Jusst me and my Macbook! :beers:
#	Aug 22nd 2019, 13:19	neon1024	Who knows, I don’t have a server yet
#	Aug 22nd 2019, 13:19	spriz	if your only usage of `Security` is : `$this->Security->setConfig('blackHoleCallback', 'fooBar');` then just kill it right away
#	Aug 22nd 2019, 13:19	spriz	chances are you only use it to enforce https which is quite a lot easier in your LB/webserver
#	Aug 22nd 2019, 13:18	neon1024	Well “default”
#	Aug 22nd 2019, 13:18	spriz	just before I add `crud` :)
#	Aug 22nd 2019, 13:18	neon1024	https://github.com/cakephp/app/blob/master/src/Controller/AppController.php#L53
#	Aug 22nd 2019, 13:18	spriz	Yurp, and it's one of the first things I kill :)
#	Aug 22nd 2019, 13:18	neon1024	It’s loaded by default in the skeleton
#	Aug 22nd 2019, 13:17	spriz	only caused my troubles
#	Aug 22nd 2019, 13:17	spriz	What are you using the `SecurityComponent` for ? O_o
#	Aug 22nd 2019, 13:17	neon1024	If this application goes live to the world I may re-vitist the CSRF
#	Aug 22nd 2019, 13:16	neon1024	I think I can trust our team in India
#	Aug 22nd 2019, 13:15	neon1024	The CsrfProtectionMiddleware took me more than an hour and I still couldn’t get it working. So I removed it to carry on building my application
#	Aug 22nd 2019, 13:15	neon1024	I’m still using the SecurityComponent
#	Aug 22nd 2019, 13:11	spriz	I remember some warnings that helped me when updating to 3.7.0 though
#	Aug 22nd 2019, 13:08	spriz	;P
#	Aug 22nd 2019, 13:08	spriz	@neon1024 Had issues as well, ended up removing security and csrf - problem solved!
#	Aug 22nd 2019, 12:59	admad	good of you to accept it's still a dev mistake, unlike you know who :P
#	Aug 22nd 2019, 12:55	challgren	But in reality its a failure on our part since we arent using the correct skeleton after a version update
#	Aug 22nd 2019, 12:54	challgren	Yeah I looked through the app and Im pretty sure most of us here built our apps before Dec 8th so its a hodge podge of everything
#	Aug 22nd 2019, 12:53	admad	@challgren ah that might be it, regarding csrf middleware. Earlier the whitelisting feature was not available that it why it was moved to router in skeleton app
#	Aug 22nd 2019, 12:53	challgren	Bugger