javiereguiluz
commented
1 month ago I read again the issue #17978 and I think this proposal is correct.
But, let me ping smart folks like @nicolas-grekas @chalasr and @stof so they can double check this. Thanks!
Fixes https://github.com/symfony/symfony-docs/issues/17978
The warning I am removing was created after https://github.com/symfony/symfony-docs/issues/8259 but the issue used an incorrect regex to show a potential problem which doesn't exist.
In my issue I show that it's not actually possible to inject control characters. I would still suggest for someone more involved in symfony development to investigate further, if the expression language is used in the security component this would need more than just a warning