Hey 
,
Using SonarQube v9.5.0.56709, I’m getting the phpsecurity:S5146 security-vulnerability warning on the following Symfony code:
public function __invoke(Request $request) {
...
$response = new RedirectResponse($request->getUri(), 303);
...
return $response;
}
But we are redirecting the user to the same URL as the request came in, not based on a GET/POST variable.
Is there a security issue here I’m overlooking, and if so how should I fix it? Or is this a false positive?
Thanks in advance,