bug #22584 [Security] Avoid unnecessary route lookup for empty logout…

… path (ro0NL)

This PR was merged into the 2.7 branch.

Discussion
----------

[Security] Avoid unnecessary route lookup for empty logout path

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no-ish
| Deprecations? | no
| Tests pass?   | yes/no
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License       | MIT
| Doc PR        | symfony/symfony-docs#... <!--highly recommended for new features-->

i first included this with #22572 where having `logout: { path: ~ }` makes more sense for disabling logout path matching/generation. But currently it's already allowed and causes an unneeded route lookup and url generation.

Commits
-------

2967807 [Security] Avoid unnecessary route lookup for empty logout path

src/Symfony/Component/Security/Http/Firewall/LogoutListener.php

@@ -135,6 +135,6 @@ public function handle(GetResponseEvent $event)
      */
     protected function requiresLogout(Request $request)
     {
-        return $this->httpUtils->checkRequestPath($request, $this->options['logout_path']);
+        return isset($this->options['logout_path']) && $this->httpUtils->checkRequestPath($request, $this->options['logout_path']);
     }
 }

src/Symfony/Component/Security/Http/Logout/LogoutUrlGenerator.php

@@ -112,6 +112,10 @@ private function generateLogoutUrl($key, $referenceType)
 
         list($logoutPath, $csrfTokenId, $csrfParameter, $csrfTokenManager) = $this->listeners[$key];
 
+        if (null === $logoutPath) {
+            throw new \LogicException('Unable to generate the logout URL without a path.');
+        }
+
         $parameters = null !== $csrfTokenManager ? array($csrfParameter => (string) $csrfTokenManager->getToken($csrfTokenId)) : array();
 
         if ('/' === $logoutPath[0]) {