From 20a7e795009d942db4031ad2d8a42f972a913091 Mon Sep 17 00:00:00 2001 From: Alexandre Daubois Date: Tue, 30 May 2023 12:01:25 +0200 Subject: [PATCH] [Security] Use POST method for logout route --- security.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/security.rst b/security.rst index 9fe3801d01b..ad62fed4ba8 100644 --- a/security.rst +++ b/security.rst @@ -1686,7 +1686,7 @@ Next, you need to create a route for this URL (but not a controller): class SecurityController extends AbstractController { /** - * @Route("/logout", name="app_logout", methods={"GET"}) + * @Route("/logout", name="app_logout", methods={"POST"}) */ public function logout(): void { @@ -1705,7 +1705,7 @@ Next, you need to create a route for this URL (but not a controller): class SecurityController extends AbstractController { - #[Route('/logout', name: 'app_logout', methods: ['GET'])] + #[Route('/logout', name: 'app_logout', methods: ['POST'])] public function logout() { // controller can be blank: it will never be called! @@ -1718,7 +1718,7 @@ Next, you need to create a route for this URL (but not a controller): # config/routes.yaml app_logout: path: /logout - methods: GET + methods: POST .. code-block:: xml @@ -1729,7 +1729,7 @@ Next, you need to create a route for this URL (but not a controller): xsi:schemaLocation="http://symfony.com/schema/routing https://symfony.com/schema/routing/routing-1.0.xsd"> - + .. code-block:: php @@ -1739,7 +1739,7 @@ Next, you need to create a route for this URL (but not a controller): return function (RoutingConfigurator $routes) { $routes->add('app_logout', '/logout') - ->methods(['GET']) + ->methods(['POST']) ; };