Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: symfony/symfony
base: 4e1e08eff7
...
head fork: symfony/symfony
compare: cd0aa3781b
  • 3 commits
  • 1 file changed
  • 0 commit comments
  • 2 contributors
Commits on Jun 14, 2012
@uwej711 uwej711 [Security] Only redirect to urls called with http method GET 3ce8227
Commits on Jun 16, 2012
@fabpot fabpot merged branch uwej711/only_redirect_on_get (PR #4580)
Commits
-------

3ce8227 [Security] Only redirect to urls called with http method GET

Discussion
----------

[Security] Only redirect to urls called with http method GET

Bug fix: [yes]
Feature addition: [no]
Backwards compatibility break: [no]
Symfony2 tests pass: [yes]
License of the code: MIT

---------------------------------------------------------------------------

by travisbot at 2012-06-14T12:01:32Z

This pull request [passes](http://travis-ci.org/symfony/symfony/builds/1619029) (merged 3ce8227 into 4e1e08e).
a07f4f5
@fabpot fabpot tweaked the previous commit cd0aa37
View
2  src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
@@ -172,7 +172,7 @@ private function startAuthentication(Request $request, AuthenticationException $
protected function setTargetPath(Request $request)
{
// session isn't required when using http basic authentication mechanism for example
- if ($request->hasSession()) {
+ if ($request->hasSession() && $request->isMethodSafe()) {
$request->getSession()->set('_security.target_path', $request->getUri());
}
}

No commit comments for this range

Something went wrong with that request. Please try again.