diff options
| author | Uwe Jäger <uwej711@googlemail.com> | 2012-06-14 13:33:25 +0200 |
|---|---|---|
| committer | Uwe Jäger <uwej711@googlemail.com> | 2012-06-14 13:45:10 +0200 |
| commit | e45d3158c61acf37ecd0b970901e76f0024fd633 (patch) | |
| tree | 885ce767fb1d6360cd70ff23e5272e2dc5bc93e9 | |
| parent | 6af38d348f3b04a619e4044d71c9ea4378ac1fd6 (diff) | |
| download | symfony-security-e45d3158c61acf37ecd0b970901e76f0024fd633.zip symfony-security-e45d3158c61acf37ecd0b970901e76f0024fd633.tar.gz symfony-security-e45d3158c61acf37ecd0b970901e76f0024fd633.tar.bz2 | |
[Security] Only redirect to urls called with http method GET
| -rw-r--r-- | Http/Firewall/ExceptionListener.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php index f61df81..2d8de37 100644 --- a/Http/Firewall/ExceptionListener.php +++ b/Http/Firewall/ExceptionListener.php @@ -172,7 +172,7 @@ class ExceptionListener protected function setTargetPath(Request $request) { // session isn't required when using http basic authentication mechanism for example - if ($request->hasSession()) { + if ($request->hasSession() && 'GET' == $request->getMethod()) { $request->getSession()->set('_security.target_path', $request->getUri()); } } |