From 79dafcaf966c607abb2e5e29833e09fde6a48968 Mon Sep 17 00:00:00 2001
From: Javier Eguiluz <javier.eguiluz@gmail.com>
Date: Thu, 20 Jul 2017 09:47:59 +0200
Subject: [PATCH 1/2] Explained the edge-case where the use_referer option
 doesn't work

---
 reference/configuration/security.rst | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/reference/configuration/security.rst b/reference/configuration/security.rst
index 903d07f8fe7..6254b243983 100644
--- a/reference/configuration/security.rst
+++ b/reference/configuration/security.rst
@@ -348,7 +348,9 @@ use_referer
 **type**: ``boolean`` **default**: ``false``
 
 If ``true``, the user is redirected to the value stored in the ``HTTP_REFERER``
-header when no previous URL was stored in the session.
+header when no previous URL was stored in the session. If the referrer URL is
+the same as the one generated with the ``login_path`` route, the user is
+redirected to the ``default_target_path`` to avoid a redirection loop.
 
 .. _reference-security-pbkdf2:
 

From 41ad2add97255d1ffd6d48123927568c03dbb0a2 Mon Sep 17 00:00:00 2001
From: Javier Eguiluz <javier.eguiluz@gmail.com>
Date: Thu, 20 Jul 2017 09:49:59 +0200
Subject: [PATCH 2/2] Added a note about the misspelling of "use_referer"
 option name

---
 reference/configuration/security.rst | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/reference/configuration/security.rst b/reference/configuration/security.rst
index 6254b243983..e4c856ad4bf 100644
--- a/reference/configuration/security.rst
+++ b/reference/configuration/security.rst
@@ -352,6 +352,11 @@ header when no previous URL was stored in the session. If the referrer URL is
 the same as the one generated with the ``login_path`` route, the user is
 redirected to the ``default_target_path`` to avoid a redirection loop.
 
+.. note::
+
+    For historical reasons, and to match the misspelling of the HTTP standard,
+    the option is called ``use_referer`` instead of ``use_referrer``.
+
 .. _reference-security-pbkdf2:
 
 Logout Configuration

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/8199.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/8199.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/8199.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/symfony/symfony-docs/pull/8199.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>