Get Url from which the Redirection has been made

  http-referer, php, redirect, referer, symfony

I am using the symfony framework, with FOS User Bundle.

I have a URL https://my-domain/article/view/articleId on my website to display the content of an article. For this url, I have a security check with the ArticleVoter, that throws an AccessDenied Exception if the user is not logged in.

(You may ne asking yourself “Why didn’t I just put the url behind my main firewall ?”. Because, for some articles, the url is accessible for non logged-in users, it depends on some attributes of my article entities, and this is when the ArticleVoter comes in, in order to check these attributes).

Then I have an AccessDeniedSubscriber that implements EventSubscriberInterface and that goes like this (simplified version for the sake of clarity) :

public function onKernelException(GetResponseForExceptionEvent $event): void
    $exception = $event->getException();

    if ($exception instanceof AccessDeniedException && !self::isThrownByFirewall($exception)) {
        $redirectRoute = 'my_login';

        // Create your own response like in a custom access denied handler
        $response = new RedirectResponse($this->router->generate($redirectRoute));

public static function getSubscribedEvents()
    return [
        // Define the priority to execute our subscriber before the one from the security component
        KernelEvents::EXCEPTION => ['onKernelException', 1],

So what happens is that an anonymous (non connected) user tries to access the url https://my-domain/article/view/articleId, an AccessDeniedExpetion is thrown by the ArticleVoter whose vote method will return an access denied, then the user is redirected to my_login route.

On the my login route, I am trying to determine from which route the user was redirected intially. The associated controller method for the login route goes like this :

public function loginAction(Request $request, AuthenticationUtils $authenticationUtils)
     $referer = $request->headers->get('referer');

     ... handle login rendering ...

Unfotunately, the referer is always null. Which I do understand because it is a server-side redirection, and not a redirection made by some clicking on a link, or by javascript.

So my question is, how do I manage to get the initial url that the user tried to access before being redirected to the login page ?
In my case, that would be https://my-domain/article/view/articleId with the correct article id.

Precision: To reply to @RyanNerd’s answer, please find below the result of var_dump($request->headers) :

object(SymfonyComponentHttpFoundationHeaderBag)#73 (2) { ["headers":protected]=> array(13) { ["host"]=> array(1) { [0]=> string(9) "localhost" } ["connection"]=> array(1) { [0]=> string(10) "keep-alive" } ["upgrade-insecure-requests"]=> array(1) { [0]=> string(1) "1" } ["user-agent"]=> array(1) { [0]=> string(121) "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" } ["accept"]=> array(1) { [0]=> string(124) "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9" } ["sec-fetch-site"]=> array(1) { [0]=> string(4) "none" } ["sec-fetch-mode"]=> array(1) { [0]=> string(8) "navigate" } ["sec-fetch-user"]=> array(1) { [0]=> string(2) "?1" } ["sec-fetch-dest"]=> array(1) { [0]=> string(8) "document" } ["accept-encoding"]=> array(1) { [0]=> string(17) "gzip, deflate, br" } ["accept-language"]=> array(1) { [0]=> string(23) "fr,en-US;q=0.9,en;q=0.8" } ["cookie"]=> array(1) { [0]=> string(561) “MY_SESSION_NAME_SESS=qih0m4nlmi5enljsni5lphkf9m; sf_redirect=%7B%22token%22%3A%22821c13%22%2C%22route%22%3A%22article_view%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22AllArticle%5C%5CWebBundle%5C%5CController%5C%5CArticle%5C%5CArticleController%22%2C%22method%22%3A%22viewAction%22%2C%22file%22%3A%22%5C%2FUsers%5C%2Fjohn_fly%5C%2FallArticle%5C%2Fsrc%5C%2FAllArticle%5C%2FWebBundle%5C%2FController%5C%2FArticle%5C%2FArticleController.php%22%2C%22line%22%3A244%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D" } ["x-php-ob-level"]=> array(1) { [0]=> string(1) "1" } } ["cacheControl":protected]=> array(0) { } }

As you can see, in the ‘cookie’ value, there is a mention of ‘sf_redirect’, maybe there is somehow a way to retrieve the previous URL as the previous route is written in this string (“%22article_view%”) ?

Source: Symfony Questions