diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[Security] use deep flag when retrieving username + password

Browse Source
This commit is contained in:
Johannes Schmitt 2011-05-10 11:22:28 +02:00
parent 411659bc07
commit 9408ab3010
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
View File

@ -246,7 +246,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
return $this->options['default_target_path'];
}
if ($targetUrl = $request->get($this->options['target_path_parameter'])) {
if ($targetUrl = $request->get($this->options['target_path_parameter'], null, true)) {
return $targetUrl;
}

4
src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php
View File

@ -70,8 +70,8 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL
}
}
$username = trim($request->get($this->options['username_parameter']));
$password = $request->get($this->options['password_parameter']);
$username = trim($request->get($this->options['username_parameter'], null, true));
$password = $request->get($this->options['password_parameter'], null, true);
$request->getSession()->set(SecurityContextInterface::LAST_USERNAME, $username);