minor #17430 [Security] Add form_only option (mdoutreluingne)

javiereguiluz · javiereguiluz · commit b6204290f666 · 2022-11-18T16:36:35.000+01:00
This PR was squashed before being merged into the 5.4 branch. Discussion ---------- [Security] Add form_only option Fixes #16040 Commits ------- 4559b9c [Security] Add form_only option
diff --git a/reference/configuration/security.rst b/reference/configuration/security.rst
@@ -352,6 +352,19 @@ failure_path
 This is the route or path that the user is redirected to after a failed login attempt.
 It can be a relative/absolute URL or a Symfony route name.
 
+form_only
+............
+
+**type**: ``boolean`` **default**: ``false``
+
+By setting this option to ``true``, a content type check will be performed when the login form is submitted
+(i.e. the login form will be processed if it is the form data, so with a
+content type ``application/x-www-form-urlencoded``.
+
+.. versionadded:: 5.4
+
+    The ``form_only`` option was introduced in Symfony 5.4.
+
 use_forward
 ...........
 
