Avoid redirection to XHR URIs

asiragusa · fabpot · commit a9a1d5007c71 · 2015-05-20T10:40:29.000+02:00
diff --git a/Http/Firewall/ExceptionListener.php b/Http/Firewall/ExceptionListener.php
@@ -194,7 +194,7 @@ private function startAuthentication(Request $request, AuthenticationException $
     protected function setTargetPath(Request $request)
     {
         // session isn't required when using HTTP basic authentication mechanism for example
-        if ($request->hasSession() && $request->isMethodSafe()) {
+        if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {
             $request->getSession()->set('_security.'.$this->providerKey.'.target_path', $request->getUri());
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -194,7 +194,7 @@ private function startAuthentication(Request $request, AuthenticationException $`
`194`	`194`	`protected function setTargetPath(Request $request)`
`195`	`195`	`{`
`196`	`196`	`// session isn't required when using HTTP basic authentication mechanism for example`
`197`		`- if ($request->hasSession() && $request->isMethodSafe()) {`
	`197`	`+ if ($request->hasSession() && $request->isMethodSafe() && !$request->isXmlHttpRequest()) {`
`198`	`198`	`$request->getSession()->set('_security.'.$this->providerKey.'.target_path', $request->getUri());`
`199`	`199`	`}`
`200`	`200`	`}`