diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Security] Fixed use_referer option not working properly when login_path is a route name

Browse Source 
When use_referer is set to true and the request comes from the login page,
the user should not be redirected to the login form again (the referer) but
to the default_target_path. The problem arises when our login_path option
is not a path but a route name, as the ```getUriForPath()``` method is not
made to create routes from route names.
This commit is contained in:
Albert Casademont 2012-07-24 17:37:00 +02:00
parent 2aaa4ed84e
commit 307d99c8f6
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php
View File

@ -102,7 +102,7 @@ class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandle
return $targetUrl;
}
if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $request->getUriForPath($this->options['login_path'])) {
if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) {
return $targetUrl;
}