File tree Expand file tree Collapse file tree 1 file changed +9
-2
lines changed Expand file tree Collapse file tree 1 file changed +9
-2
lines changed Original file line number Diff line number Diff line change @@ -54,7 +54,14 @@ to work correctly. Just pass a file name to enable it::
5454
5555.. note ::
5656
57- If you're using the Symfony Framework, you can access a secure random
58- instance directly from the container: its name is ``security.secure_random ``.
57+ If you're using the Symfony Framework, you can get a secure random number
58+ generator via the ``security.secure_random `` service.
59+
60+ .. tip ::
61+
62+ The ``nextBytes() `` method returns a binary string which may contain the
63+ ``\0 `` character. If you store this value in a database or include it as
64+ part of the URL, make sure to hash the value returned by ``nextBytes() ``
65+ (to do that, you can use a simple ``md5() `` PHP function).
5966
6067.. _`Timing attack` : http://en.wikipedia.org/wiki/Timing_attack
You can’t perform that action at this time.
0 commit comments