Minor rewords

javiereguiluz · javiereguiluz · commit 75ab793bcc1a · 2024-04-12T11:50:48.000+02:00
diff --git a/routing.rst b/routing.rst
@@ -2694,9 +2694,10 @@ service, which you can inject in your services or controllers::
         }
     }
 
-You can make the signed URI expire. To do so, you can pass a value to the `$expiration` argument
-of :phpmethod:`Symfony\\Component\\HttpFoundation\\UriSigner::sign`. This optional argument is `null` by default. You can
-specify an expiration date by several ways::
+For security reasons, it's common to make signed URIs expire after some time
+(e.g. when using them to reset user credentials). By default, signed URIs don't
+expire, but you can define an expiration date/time using the ``$expiration``
+argument of :phpmethod:`Symfony\\Component\\HttpFoundation\\UriSigner::sign`::
 
     // src/Service/SomeService.php
     namespace App\Service;
@@ -2718,46 +2719,27 @@ specify an expiration date by several ways::
             $url = 'https://example.com/foo/bar?sort=desc';
 
             // sign the URL with an explicit expiration date
-            $signedUrl = $this->uriSigner->sign($url, new \DateTime('2050-01-01'));
+            $signedUrl = $this->uriSigner->sign($url, new \DateTimeImmutable('2050-01-01'));
             // $signedUrl = 'https://example.com/foo/bar?sort=desc&_expiration=2524608000&_hash=e4a21b9'
 
-            // check the URL signature
-            $uriSignatureIsValid = $this->uriSigner->check($signedUrl);
-            // $uriSignatureIsValid = true
-
-            // if given a \DateInterval, it will be added from now to get the expiration date
+            // if you pass a \DateInterval, it will be added from now to get the expiration date
             $signedUrl = $this->uriSigner->sign($url, new \DateInterval('PT10S'));  // valid for 10 seconds from now
             // $signedUrl = 'https://example.com/foo/bar?sort=desc&_expiration=1712414278&_hash=e4a21b9'
 
-            // check the URL signature
-            $uriSignatureIsValid = $this->uriSigner->check($signedUrl);
-            // $uriSignatureIsValid = true
-
-            sleep(30); // wait 30 seconds...
-
-            // the URL signature has expired
-            $uriSignatureIsValid = $this->uriSigner->check($signedUrl);
-            // $uriSignatureIsValid = false
-
             // you can also use a timestamp in seconds
             $signedUrl = $this->uriSigner->sign($url, 4070908800); // timestamp for the date 2099-01-01
             // $signedUrl = 'https://example.com/foo/bar?sort=desc&_expiration=4070908800&_hash=e4a21b9'
-
         }
     }
 
-.. caution::
-
-    `null` means no expiration for the signed URI.
-
 .. note::
 
-    When making the URI expire, an `_expiration` query parameter is added to the URL and the expiration date is
-    converted into a timestamp
+    The expiration date/time is included in the signed URIs as a timestamp via
+    the ``_expiration`` query parameter.
 
 .. versionadded:: 7.1
 
-    The possibility to add an expiration date for a signed URI was introduced in Symfony 7.1.
+    The feature to add an expiration date for a signed URI was introduced in Symfony 7.1.
 
 Troubleshooting
 ---------------
