[Security] fixed default target path when referer contains a query string

fabpot · fabpot · commit 9c7a1406cb81 · 2017-07-19T07:57:00.000+02:00
diff --git a/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php b/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php
@@ -118,8 +118,14 @@ protected function determineTargetUrl(Request $request)
             return $targetUrl;
         }
 
-        if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) {
-            return $targetUrl;
+        if ($this->options['use_referer']) {
+            $targetUrl = $request->headers->get('Referer');
+            if (false !== $pos = strpos($targetUrl, '?')) {
+                $targetUrl = substr($targetUrl, 0, $pos);
+            }
+            if ($targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) {
+                return $targetUrl;
+            }
         }
 
         return $this->options['default_target_path'];
