From 3ce8227a9bf1d211475e889e8fd063a72b7cc3b5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Uwe=20Ja=CC=88ger?= <uwej711@googlemail.com>
Date: Thu, 14 Jun 2012 13:33:25 +0200
Subject: [PATCH] [Security] Only redirect to urls called with http method GET

---
 .../Component/Security/Http/Firewall/ExceptionListener.php      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
index f61df81128..2d8de37dd4 100644
--- a/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
+++ b/src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
@@ -172,7 +172,7 @@ class ExceptionListener
     protected function setTargetPath(Request $request)
     {
         // session isn't required when using http basic authentication mechanism for example
-        if ($request->hasSession()) {
+        if ($request->hasSession() && 'GET' == $request->getMethod()) {
             $request->getSession()->set('_security.target_path', $request->getUri());
         }
     }