[Security] use deep flag when retrieving username + password
This commit is contained in:
parent
411659bc07
commit
9408ab3010
@ -246,7 +246,7 @@ abstract class AbstractAuthenticationListener implements ListenerInterface
|
||||
return $this->options['default_target_path'];
|
||||
}
|
||||
|
||||
if ($targetUrl = $request->get($this->options['target_path_parameter'])) {
|
||||
if ($targetUrl = $request->get($this->options['target_path_parameter'], null, true)) {
|
||||
return $targetUrl;
|
||||
}
|
||||
|
||||
|
@ -70,8 +70,8 @@ class UsernamePasswordFormAuthenticationListener extends AbstractAuthenticationL
|
||||
}
|
||||
}
|
||||
|
||||
$username = trim($request->get($this->options['username_parameter']));
|
||||
$password = $request->get($this->options['password_parameter']);
|
||||
$username = trim($request->get($this->options['username_parameter'], null, true));
|
||||
$password = $request->get($this->options['password_parameter'], null, true);
|
||||
|
||||
$request->getSession()->set(SecurityContextInterface::LAST_USERNAME, $username);
|
||||
|
||||
|
Reference in New Issue
Block a user