diff options
| author | Albert Casademont <albertcasademont@gmail.com> | 2012-07-24 17:37:00 +0200 |
|---|---|---|
| committer | Albert Casademont <albertcasademont@gmail.com> | 2012-07-24 17:37:00 +0200 |
| commit | 5a80d59ba5e77e523fe6560723cd00d0e744f57f (patch) | |
| tree | 08a38ec4c8c741af4e7c10fe64ac69b3d9cdb30a | |
| parent | 02230bbdff18f9c993d1ce42dcc3d17e26a0af1c (diff) | |
| download | symfony-security-5a80d59ba5e77e523fe6560723cd00d0e744f57f.zip symfony-security-5a80d59ba5e77e523fe6560723cd00d0e744f57f.tar.gz symfony-security-5a80d59ba5e77e523fe6560723cd00d0e744f57f.tar.bz2 | |
[Security] Fixed use_referer option not working properly when login_path is a route name
When use_referer is set to true and the request comes from the login page,
the user should not be redirected to the login form again (the referer) but
to the default_target_path. The problem arises when our login_path option
is not a path but a route name, as the ```getUriForPath()``` method is not
made to create routes from route names.
| -rw-r--r-- | Http/Authentication/DefaultAuthenticationSuccessHandler.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Http/Authentication/DefaultAuthenticationSuccessHandler.php b/Http/Authentication/DefaultAuthenticationSuccessHandler.php index 66d6bda..dc7cbe5 100644 --- a/Http/Authentication/DefaultAuthenticationSuccessHandler.php +++ b/Http/Authentication/DefaultAuthenticationSuccessHandler.php @@ -102,7 +102,7 @@ class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandle return $targetUrl; } - if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $request->getUriForPath($this->options['login_path'])) { + if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) { return $targetUrl; } |