merged branch uwej711/only_redirect_on_get (PR #4580)

Commits ------- 3ce8227 [Security] Only redirect to urls called with http method GET Discussion ---------- [Security] Only redirect to urls called with http method GET Bug fix: [yes] Feature addition: [no] Backwards compatibility break: [no] Symfony2 tests pass: [yes] License of the code: MIT --------------------------------------------------------------------------- by travisbot at 2012-06-14T12:01:32Z This pull request [passes](http://travis-ci.org/symfony/symfony/builds/1619029) (merged 3ce8227a into 4e1e08ef).
2012-06-16 18:27:18 +02:00 · 2012-06-16 18:27:18 +02:00 · a07f4f5f5f
commit a07f4f5f5f
parent 4e1e08eff7 3ce8227a9b
1 changed files with 1 additions and 1 deletions
--- a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
@ -172,7 +172,7 @@ class ExceptionListener
    protected function setTargetPath(Request $request)
    {
        // session isn't required when using http basic authentication mechanism for example
-        if ($request->hasSession()) {
+        if ($request->hasSession() && 'GET' == $request->getMethod()) {
            $request->getSession()->set('_security.target_path', $request->getUri());
        }
    }