Strona główna Odkrywaj Pomoc
Zarejestruj się Zaloguj się
VendorSoftware
/
symfony
2
0
Forkuj 0
Pliki Problemy 0 Oczekujące zmiany 0 Wiki
Przeglądaj źródła

merged branch helmer/target_path (PR #2228)

Commits
-------

022a9a7 [Security] Make saving target_path extendible

Discussion
----------

[Security] Make saving target_path extendible

The problem lies in how Security component handles ``target_path`` - the latest request URI is always stored. This can lead to problems in following scenarios:
a) The response type of the request is not HTML (think JSON, XML ..)
b) The URI matches a route that does not listen to HTTP GET

I opened a [PR](https://github.com/symfony/symfony/pull/604) months ago, to partly solve scenario A, which did not make it. Now I am proposing a different solution - user can extend ``ExceptionListener`` and override the logic behind setting the ``target_path`` to match his precise needs.

In my simplified scenario, I would be using:

```
protected function setTargetPath(Request $request)
{
    if ($request->isXmlHttpRequest() || 'GET' !== $request->getMethod()) {
        return;
    }

    $request->getSession()->set('_security.target_path', $request->getUri());
}
```

@Seldaek, @schmittjoh, @lsmith77, thoughts?

---------------------------------------------------------------------------

by Seldaek at 2011/09/21 02:37:02 -0700

Seems like a better solution for flexibility's sake. Would be quite awesome if you could add a cookbook entry to symfony/symfony-docs about this, otherwise I'm afraid we'll have to explain it over and over again :)

---------------------------------------------------------------------------

by helmer at 2011/09/21 03:38:57 -0700

[Cookbook](https://github.com/helmer/symfony-docs/commit/b22c5e666edb2586840884e32f8209425125c30d) entry done. Perhaps though I rushed ahead ..

---------------------------------------------------------------------------

by Seldaek at 2011/09/21 03:52:01 -0700

Thanks. You can already do a pull request against symfony-docs, just reference this pull request in it so it's not merged before this is merged.
Fabien Potencier 13 lat temu
rodzic
4983f0a18e
commit
6b367d1e3d
1 zmienionych plików z 7 dodań i 2 usunięć
Zunifikowany widok Pokaż statystyki zmian
  1. 7 2
      src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php

+ 7 - 2
src/Symfony/Component/Security/Http/Firewall/ExceptionListener.php
Wyświetl plik 

@@ -157,11 +157,16 @@ class ExceptionListener
 
             $this->logger->debug('Calling Authentication entry point');
 
             $this->logger->debug('Calling Authentication entry point');
 
         }
 
         }
 
 
 
+        $this->setTargetPath($request);
 
+
 
+        return $this->authenticationEntryPoint->start($request, $authException);
 
+    }
 
+
 
+    protected function setTargetPath(Request $request)
 
+    {
 
         // session isn't required when using http basic authentication mechanism for example
 
         // session isn't required when using http basic authentication mechanism for example
 
         if ($request->hasSession()) {
 
         if ($request->hasSession()) {
 
             $request->getSession()->set('_security.target_path', $request->getUri());
 
             $request->getSession()->set('_security.target_path', $request->getUri());
 
         }
 
         }
 
-
 
-        return $this->authenticationEntryPoint->start($request, $authException);
 
     }
 
     }
 
 }
 
 }