diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

merged branch helmer/target_path (PR #2228)

Browse Source 
Commits
-------

022a9a7 [Security] Make saving target_path extendible

Discussion
----------

[Security] Make saving target_path extendible

The problem lies in how Security component handles ``target_path`` - the latest request URI is always stored. This can lead to problems in following scenarios:
a) The response type of the request is not HTML (think JSON, XML ..)
b) The URI matches a route that does not listen to HTTP GET

I opened a [PR](https://github.com/symfony/symfony/pull/604) months ago, to partly solve scenario A, which did not make it. Now I am proposing a different solution - user can extend ``ExceptionListener`` and override the logic behind setting the ``target_path`` to match his precise needs.

In my simplified scenario, I would be using:

```
protected function setTargetPath(Request $request)
{
    if ($request->isXmlHttpRequest() || 'GET' !== $request->getMethod()) {
        return;
    }

    $request->getSession()->set('_security.target_path', $request->getUri());
}
```

@Seldaek, @schmittjoh, @lsmith77, thoughts?

---------------------------------------------------------------------------

by Seldaek at 2011/09/21 02:37:02 -0700

Seems like a better solution for flexibility's sake. Would be quite awesome if you could add a cookbook entry to symfony/symfony-docs about this, otherwise I'm afraid we'll have to explain it over and over again :)

---------------------------------------------------------------------------

by helmer at 2011/09/21 03:38:57 -0700

[Cookbook](b22c5e666e) entry done. Perhaps though I rushed ahead ..

---------------------------------------------------------------------------

by Seldaek at 2011/09/21 03:52:01 -0700

Thanks. You can already do a pull request against symfony-docs, just reference this pull request in it so it's not merged before this is merged.
This commit is contained in:
Fabien Potencier 2011-09-22 18:43:18 +02:00
commit 798cf5272b
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
View File

@ -157,11 +157,16 @@ class ExceptionListener
$this->logger->debug('Calling Authentication entry point');
}
$this->setTargetPath($request);
return $this->authenticationEntryPoint->start($request, $authException);
}
protected function setTargetPath(Request $request)
{
// session isn't required when using http basic authentication mechanism for example
if ($request->hasSession()) {
$request->getSession()->set('_security.target_path', $request->getUri());
}
return $this->authenticationEntryPoint->start($request, $authException);
}
}