[Security] Fixed use_referer option not working properly when login_path is a route name
When use_referer is set to true and the request comes from the login page, the user should not be redirected to the login form again (the referer) but to the default_target_path. The problem arises when our login_path option is not a path but a route name, as the ```getUriForPath()``` method is not made to create routes from route names.
This commit is contained in:
parent
2aaa4ed84e
commit
307d99c8f6
@ -102,7 +102,7 @@ class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandle
|
|||||||
return $targetUrl;
|
return $targetUrl;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $request->getUriForPath($this->options['login_path'])) {
|
if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) {
|
||||||
return $targetUrl;
|
return $targetUrl;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Reference in New Issue
Block a user