From 48ee1734614d63084501278c5209d72096bf5c3a Mon Sep 17 00:00:00 2001 From: tristan Date: Wed, 24 Jun 2026 10:34:03 +0200 Subject: [PATCH] =?UTF-8?q?refactor(audit)=20:=20alias=20explicite=20+=20b?= =?UTF-8?q?orne=20le=20user-agent=20stock=C3=A9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Claude Opus 4.8 (1M context) --- config/services.yaml | 1 + src/Service/AuditLogger.php | 4 ++++ 2 files changed, 5 insertions(+) diff --git a/config/services.yaml b/config/services.yaml index 9a32ff2..b11d5ed 100644 --- a/config/services.yaml +++ b/config/services.yaml @@ -44,6 +44,7 @@ services: $dataStartDate: '%env(RTT_START_DATE)%' App\Repository\Contract\AbsenceReadRepositoryInterface: '@App\Repository\AbsenceRepository' + App\Repository\Contract\AuditLogReadRepositoryInterface: '@App\Repository\AuditLogRepository' App\Repository\Contract\EmployeeContractPeriodReadRepositoryInterface: '@App\Repository\EmployeeContractPeriodRepository' App\Repository\Contract\EmployeeScopedRepositoryInterface: '@App\Repository\EmployeeRepository' App\Repository\Contract\FormationReadRepositoryInterface: '@App\Repository\FormationRepository' diff --git a/src/Service/AuditLogger.php b/src/Service/AuditLogger.php index a5c638b..4256479 100644 --- a/src/Service/AuditLogger.php +++ b/src/Service/AuditLogger.php @@ -46,6 +46,10 @@ readonly class AuditLogger if (null !== $deviceId) { $deviceId = mb_substr($deviceId, 0, 64); } + // The user agent comes from an untrusted client header; cap it to prevent storage bloat. + if (null !== $userAgent) { + $userAgent = mb_substr($userAgent, 0, 1024); + } } $auditLog = new AuditLog();