GET https://kbin.spritesserver.nl/u/@kaseijin@lemmy.world/comments/commented

Response
200 OK
IP
3.135.219.64
Profiled on
Token
7e178a

Security

Token

There is no security token.

Firewall

main Name
Security enabled
Stateless

Configuration

Key Value
provider security.user.provider.concrete.app_user_provider
context main
entry_point App\Security\KbinAuthenticator
user_checker App\Security\UserChecker
access_denied_handler (none)
access_denied_url (none)
authenticators 
[
  "two_factor"
  "remember_me"
  "App\Security\KbinAuthenticator"
  "App\Security\FacebookAuthenticator"
  "App\Security\GoogleAuthenticator"
  "App\Security\GithubAuthenticator"
  "App\Security\KeycloakAuthenticator"
]

Listeners

Listener Duration Response 
Symfony\Component\Security\Http\Firewall\ChannelListener {#723
  -map: Symfony\Component\Security\Http\AccessMap {#722 …}
  -logger: Monolog\Logger {#783 …}
  -httpPort: 80
  -httpsPort: 443
}
 0.00 ms (none) 
Symfony\Component\Security\Http\Firewall\ContextListener {#706
  -tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage {#1017 …}
  -sessionKey: "_security_main"
  -logger: Monolog\Logger {#783 …}
  -userProviders: Symfony\Component\DependencyInjection\Argument\RewindableGenerator {#705 …}
  -dispatcher: Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher {#747 …}
  -registered: false
  -trustResolver: Scheb\TwoFactorBundle\Security\Authentication\AuthenticationTrustResolver {#780 …}
  -sessionTrackerEnabler: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage::enableUsageTracking(): void {#703 …}
}
 0.17 ms (none) 
Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListener {#584
  -authenticatorManager: Symfony\Component\Security\Http\Authentication\AuthenticatorManager {#595 …}
}
 0.00 ms (none) 
Scheb\TwoFactorBundle\Security\Http\Firewall\TwoFactorAccessListener {#582
  -twoFactorFirewallConfig: Scheb\TwoFactorBundle\Security\TwoFactor\TwoFactorFirewallConfig {#842 …}
  -tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage {#1018 …}
  -twoFactorAccessDecider: Scheb\TwoFactorBundle\Security\Authorization\TwoFactorAccessDecider {#581 …}
}
 0.04 ms (none) 
Symfony\Component\Security\Http\Firewall\AccessListener {#579
  -tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage {#1018 …}
  -accessDecisionManager: Symfony\Component\Security\Core\Authorization\TraceableAccessDecisionManager {#937 …}
  -map: Symfony\Component\Security\Http\AccessMap {#722 …}
}
 0.00 ms (none) 
Symfony\Component\Security\Http\Firewall\LogoutListener {#786
  -tokenStorage: Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage {#1018 …}
  -options: [
    "csrf_parameter" => "_csrf_token"
    "csrf_token_id" => "logout"
    "logout_path" => "app_logout"
  ]
  -httpUtils: Symfony\Component\Security\Http\HttpUtils {#841 …}
  -csrfTokenManager: Symfony\Component\Security\Csrf\CsrfTokenManager {#1015 …}
  -eventDispatcher: Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher {#747 …}
}
 0.00 ms (none)

Authenticators

No authenticators have been recorded. Check previous profiles on your authentication endpoint.

Access Decision

affirmative Strategy
# Voter class
1 
"Symfony\Component\Security\Core\Authorization\Voter\AuthenticatedVoter"
2 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
3 
"Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter"
4 
"Symfony\Component\Security\Core\Authorization\Voter\ExpressionVoter"
5 
"App\Security\Voter\EntryCommentVoter"
6 
"App\Security\Voter\EntryVoter"
7 
"App\Security\Voter\MagazineVoter"
8 
"App\Security\Voter\MessageThreadVoter"
9 
"App\Security\Voter\MessageVoter"
10 
"App\Security\Voter\NotificationVoter"
11 
"App\Security\Voter\OAuth2UserConsentVoter"
12 
"App\Security\Voter\PostCommentVoter"
13 
"App\Security\Voter\PostVoter"
14 
"App\Security\Voter\UserVoter"

Access decision log

# Result Attributes Object
1 DENIED ROLE_USER 
null
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"Symfony\Component\Security\Core\Authorization\Voter\RoleHierarchyVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
2 DENIED moderate 
App\Entity\EntryComment {#2079
  +user: App\Entity\User {#265 …}
  +entry: Proxies\__CG__\App\Entity\Entry {#1907 …}
  +magazine: Proxies\__CG__\App\Entity\Magazine {#2384 …}
  +image: null
  +parent: null
  +root: null
  +body: """
    Third party apps present a username and password field to log into a Lemmy instance. They can easily just steal your credentials. There are standard auth flows to solve this problem. The fact that Lemmy devs have willfully ignored this issue for years, and that they aren’t warning users not to trust third party apps, lead me to believe they don’t really care about security, which is the biggest red flag. There’s finally an open github issue that seems to be acknowledged, but it’ll be some time before this feature (if ever) ever gets implemented.\n
    \n
    -Posted from a third-party app; yea, i gave them my password blindly.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 9
  +score: 0
  +lastActive: DateTime @1688521963 {#2062
    date: 2023-07-05 03:52:43.0 +02:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Scientician@waveform.social"
  ]
  +children: Doctrine\ORM\PersistentCollection {#2379 …}
  +nested: Doctrine\ORM\PersistentCollection {#2383 …}
  +votes: Doctrine\ORM\PersistentCollection {#1906 …}
  +reports: Doctrine\ORM\PersistentCollection {#1926 …}
  +favourites: Doctrine\ORM\PersistentCollection {#2380 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1363 …}
  -id: 7677
  -bodyTs: "'acknowledg':85 'app':3,56,106 'aren':47 'auth':26 'believ':60 'biggest':71 'blind':113 'care':65 'credenti':22 'dev':36 'easili':18 'ever':96,97 'fact':33 'featur':94 'field':9 'final':76 'flag':73 'flow':27 'gave':109 'get':98 'github':79 'ignor':39 'implement':99 'instanc':15 'issu':41,80 'lead':57 'lemmi':14,35 'll':88 'log':11 'open':78 'parti':2,55,105 'password':8,112 'post':100 'present':4 'problem':31 'realli':64 'red':72 'secur':67 'seem':82 'solv':29 'standard':25 'steal':20 'third':1,54,104 'third-parti':103 'time':91 'trust':53 'user':50 'usernam':6 'warn':49 'will':38 'yea':107 'year':43"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.world/comment/797945"
  +editedAt: null
  +createdAt: DateTimeImmutable @1688448653 {#1908
    date: 2023-07-04 07:30:53.0 +02:00
  }
}
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryCommentVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
3 DENIED edit 
App\Entity\EntryComment {#2079
  +user: App\Entity\User {#265 …}
  +entry: Proxies\__CG__\App\Entity\Entry {#1907 …}
  +magazine: Proxies\__CG__\App\Entity\Magazine {#2384 …}
  +image: null
  +parent: null
  +root: null
  +body: """
    Third party apps present a username and password field to log into a Lemmy instance. They can easily just steal your credentials. There are standard auth flows to solve this problem. The fact that Lemmy devs have willfully ignored this issue for years, and that they aren’t warning users not to trust third party apps, lead me to believe they don’t really care about security, which is the biggest red flag. There’s finally an open github issue that seems to be acknowledged, but it’ll be some time before this feature (if ever) ever gets implemented.\n
    \n
    -Posted from a third-party app; yea, i gave them my password blindly.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 9
  +score: 0
  +lastActive: DateTime @1688521963 {#2062
    date: 2023-07-05 03:52:43.0 +02:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Scientician@waveform.social"
  ]
  +children: Doctrine\ORM\PersistentCollection {#2379 …}
  +nested: Doctrine\ORM\PersistentCollection {#2383 …}
  +votes: Doctrine\ORM\PersistentCollection {#1906 …}
  +reports: Doctrine\ORM\PersistentCollection {#1926 …}
  +favourites: Doctrine\ORM\PersistentCollection {#2380 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1363 …}
  -id: 7677
  -bodyTs: "'acknowledg':85 'app':3,56,106 'aren':47 'auth':26 'believ':60 'biggest':71 'blind':113 'care':65 'credenti':22 'dev':36 'easili':18 'ever':96,97 'fact':33 'featur':94 'field':9 'final':76 'flag':73 'flow':27 'gave':109 'get':98 'github':79 'ignor':39 'implement':99 'instanc':15 'issu':41,80 'lead':57 'lemmi':14,35 'll':88 'log':11 'open':78 'parti':2,55,105 'password':8,112 'post':100 'present':4 'problem':31 'realli':64 'red':72 'secur':67 'seem':82 'solv':29 'standard':25 'steal':20 'third':1,54,104 'third-parti':103 'time':91 'trust':53 'user':50 'usernam':6 'warn':49 'will':38 'yea':107 'year':43"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.world/comment/797945"
  +editedAt: null
  +createdAt: DateTimeImmutable @1688448653 {#1908
    date: 2023-07-04 07:30:53.0 +02:00
  }
}
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryCommentVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details
4 DENIED moderate 
App\Entity\EntryComment {#2079
  +user: App\Entity\User {#265 …}
  +entry: Proxies\__CG__\App\Entity\Entry {#1907 …}
  +magazine: Proxies\__CG__\App\Entity\Magazine {#2384 …}
  +image: null
  +parent: null
  +root: null
  +body: """
    Third party apps present a username and password field to log into a Lemmy instance. They can easily just steal your credentials. There are standard auth flows to solve this problem. The fact that Lemmy devs have willfully ignored this issue for years, and that they aren’t warning users not to trust third party apps, lead me to believe they don’t really care about security, which is the biggest red flag. There’s finally an open github issue that seems to be acknowledged, but it’ll be some time before this feature (if ever) ever gets implemented.\n
    \n
    -Posted from a third-party app; yea, i gave them my password blindly.
    """
  +lang: "en"
  +isAdult: false
  +favouriteCount: 9
  +score: 0
  +lastActive: DateTime @1688521963 {#2062
    date: 2023-07-05 03:52:43.0 +02:00
  }
  +ip: null
  +tags: null
  +mentions: [
    "@Scientician@waveform.social"
  ]
  +children: Doctrine\ORM\PersistentCollection {#2379 …}
  +nested: Doctrine\ORM\PersistentCollection {#2383 …}
  +votes: Doctrine\ORM\PersistentCollection {#1906 …}
  +reports: Doctrine\ORM\PersistentCollection {#1926 …}
  +favourites: Doctrine\ORM\PersistentCollection {#2380 …}
  +notifications: Doctrine\ORM\PersistentCollection {#1363 …}
  -id: 7677
  -bodyTs: "'acknowledg':85 'app':3,56,106 'aren':47 'auth':26 'believ':60 'biggest':71 'blind':113 'care':65 'credenti':22 'dev':36 'easili':18 'ever':96,97 'fact':33 'featur':94 'field':9 'final':76 'flag':73 'flow':27 'gave':109 'get':98 'github':79 'ignor':39 'implement':99 'instanc':15 'issu':41,80 'lead':57 'lemmi':14,35 'll':88 'log':11 'open':78 'parti':2,55,105 'password':8,112 'post':100 'present':4 'problem':31 'realli':64 'red':72 'secur':67 'seem':82 'solv':29 'standard':25 'steal':20 'third':1,54,104 'third-parti':103 'time':91 'trust':53 'user':50 'usernam':6 'warn':49 'will':38 'yea':107 'year':43"
  +ranking: 0
  +commentCount: 0
  +upVotes: 0
  +downVotes: 0
  +visibility: "visible             "
  +apId: "https://lemmy.world/comment/797945"
  +editedAt: null
  +createdAt: DateTimeImmutable @1688448653 {#1908
    date: 2023-07-04 07:30:53.0 +02:00
  }
}
 
"Scheb\TwoFactorBundle\Security\Authorization\Voter\TwoFactorInProgressVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\EntryCommentVoter"
 ACCESS DENIED 
"App\Security\Voter\EntryVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MagazineVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageThreadVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\MessageVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\NotificationVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\OAuth2UserConsentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostCommentVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\PostVoter"
 ACCESS ABSTAIN 
"App\Security\Voter\UserVoter"
 ACCESS ABSTAIN
Show voter details