merged branch uwej711/only_redirect_on_get (PR #4580)
Commits -------3ce8227
[Security] Only redirect to urls called with http method GET Discussion ---------- [Security] Only redirect to urls called with http method GET Bug fix: [yes] Feature addition: [no] Backwards compatibility break: [no] Symfony2 tests pass: [yes] License of the code: MIT --------------------------------------------------------------------------- by travisbot at 2012-06-14T12:01:32Z This pull request [passes](http://travis-ci.org/symfony/symfony/builds/1619029) (merged3ce8227a
into4e1e08ef
).
This commit is contained in:
commit
a07f4f5f5f
@ -172,7 +172,7 @@ class ExceptionListener
|
||||
protected function setTargetPath(Request $request)
|
||||
{
|
||||
// session isn't required when using http basic authentication mechanism for example
|
||||
if ($request->hasSession()) {
|
||||
if ($request->hasSession() && 'GET' == $request->getMethod()) {
|
||||
$request->getSession()->set('_security.target_path', $request->getUri());
|
||||
}
|
||||
}
|
||||
|
Reference in New Issue
Block a user