[Security] Only redirect to urls called with http method GET
This commit is contained in:
parent
4e1e08eff7
commit
3ce8227a9b
@ -172,7 +172,7 @@ class ExceptionListener
|
||||
protected function setTargetPath(Request $request)
|
||||
{
|
||||
// session isn't required when using http basic authentication mechanism for example
|
||||
if ($request->hasSession()) {
|
||||
if ($request->hasSession() && 'GET' == $request->getMethod()) {
|
||||
$request->getSession()->set('_security.target_path', $request->getUri());
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user