[Security] use deep flag when retrieving username + password

symfony · May 10, 2011 · 9408ab3 · 9408ab3
1 parent 411659b
commit 9408ab3
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/AbstractAuthenticationListener.php
@@ -246,7 +246,7 @@ private function determineTargetUrl(Request $request)
             return $this->options['default_target_path'];
         }
 
-        if ($targetUrl = $request->get($this->options['target_path_parameter'])) {
+        if ($targetUrl = $request->get($this->options['target_path_parameter'], null, true)) {
             return $targetUrl;
         }
 

diff --git a/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php b/src/Symfony/Component/Security/Http/Firewall/UsernamePasswordFormAuthenticationListener.php
@@ -70,8 +70,8 @@ protected function attemptAuthentication(Request $request)
             }
         }
 
-        $username = trim($request->get($this->options['username_parameter']));
-        $password = $request->get($this->options['password_parameter']);
+        $username = trim($request->get($this->options['username_parameter'], null, true));
+        $password = $request->get($this->options['password_parameter'], null, true);
 
         $request->getSession()->set(SecurityContextInterface::LAST_USERNAME, $username);