diff options
| author | Fabien Potencier <fabien.potencier@gmail.com> | 2012-10-28 10:19:54 +0100 |
|---|---|---|
| committer | Fabien Potencier <fabien.potencier@gmail.com> | 2012-10-28 10:19:54 +0100 |
| commit | b20dc084818bf7f59dd4ff937896f4236821055c (patch) | |
| tree | 77f38b39aca66e13bab957252250b36ad041d90d /Http/EntryPoint/BasicAuthenticationEntryPoint.php | |
| parent | c7e238ec401e746a6423687097ca26d7f50d0860 (diff) | |
| parent | 21332f546badf2016da6ab3fe34c61a7a0978c3b (diff) | |
| download | symfony-security-b20dc084818bf7f59dd4ff937896f4236821055c.zip symfony-security-b20dc084818bf7f59dd4ff937896f4236821055c.tar.gz symfony-security-b20dc084818bf7f59dd4ff937896f4236821055c.tar.bz2 | |
merged branch acasademont/tweak_userform_security_listener (PR #5824)
This PR was merged into the master branch.
Commits
-------
3e58893 [Security] Tweak UsernamePasswordFormAuthenticationListener
Discussion
----------
[Security] Tweak UsernamePasswordFormAuthenticationListener
Bug fix: no
Feature addition: no
Backwards compatibility break: no
Symfony2 tests pass: [](http://travis-ci.org/acasademont/symfony)
Fixes the following tickets: -
Todo: -
License of the code: MIT
Documentation PR: -
Improvements:
- Do not check twice for the ```only_post``` condition. The condition in the ```attemptAuthentication``` method is useless as this method will never be called if the previous ```requiresAuthentication``` call returns false.
- If the expected request is ```only_post```, check only the POST variables for the username and password parameters. Otherwise, query params and attributes are checked before.
- Use POST instead of post for correctness
Diffstat (limited to 'Http/EntryPoint/BasicAuthenticationEntryPoint.php')
0 files changed, 0 insertions, 0 deletions