Trying to cast a HiddenString to string when not allowed should fail
willemstuursma opened this issue · comments
We ran into a situation where casting a HiddenString
was not allowed, but it was cast anyway.
The object was then (silently) cast to an empty string.
I know that in current versions of PHP it is not allowed to throw from a __toString
method, but we would have preferred an E_ERROR
to be triggered over the silent failure.
As these objects are often used to hide passwords, passphrases et cetera any silent string comparisons should fail very loudly as it opens up all kinds of failure scenarios that are not very obvious.
Throwing in __toString()
is allowed since PHP 7.4: https://wiki.php.net/rfc/tostring_exceptions
We'll probably release a PHP 7.4+-only major version that throws in __toString()
.
Thanks, I appreciate that.