Some says that Symfony2, as every complex framework, is a slow one. Our answer’s that everything depends on you 😉 In that post, we’ll reveal some software architecture details of the Symfony2 based application running more than 1 000 000 000 requests every week.
Symfony2 is said to be slow. Nothing can be further from the truth! Our Symfony2 instances handle more than 600 req/s and are working great. To have such results, everything needs some performance optimizations.
Doctrine ORM is a powerful tool which can facilitate an access to the database layer providing mapping the source data to objects. Unfortunately, as every next abstraction layer, such possibilities come with a performance overhead.
The CSRF, after XSS and SQL Injections, is one of the most common vulnerability. At the same time it can cause very dangerous effects such as performing actions without the user’s knowledge.
CSRF is a method of attack on a website, based on impersonating a specific user and performing specific actions on his behalf.
Continuous Integration can automate your whole development workflow. Beyond the standard tasks like running automated unit tests, checking quality of the code and at the end, building your code, it can do anything you can imagine.
In the article I’ll show you how to integrate security testing into your CI. Automatic checks will find out if libraries you are using in your project are affected to the known security vulnerabilities.
Creating custom validation constraint could be tricky for new Symfony2 developers. Based on the idea of validating Twig syntax I’ll show you how to create custom validator with DI dependencies.
Imagine that you want to allow to edit templates through your administration panel – it’s common task in CMS, E-shop engines. To avoid errors while compiling templates (source syntax errors) you have to validate posted template source.
To accomplish that we’ll create our own configurable Validation Constraint.