Symfony – Target path is null when bot like user access an url

  authentication, facebook-opengraph, referer, symfony

I have an application with restricted access to the whole site, except for login and password recovery.
I’m trying to add to the login view open graph meta tags with data based on the referer address. To do that, I use the SymfonyComponentSecurityHttpUtilTargetPathTrait in the login action like this:

$referer = $this->getTargetPath($request->getSession(), 'main');

Locally, I use Open Graph Preview chrome add-on, and it works perfectly. As an anonymous user, I try to acces to a page, and then redirected to the login page. Here $referer is not null and I can retieve data I need to generate meta tags.

Now on test environment on my production server, with open graph chrome add-on, it still working. Share a link through Telegram, the preview is displayed as expected. But when I share the same link through Facebook messenger, I don’t get what I want.
Edit: doesn’t work with Discord and WhatsApp either.

I’ve made some test with the Facebook debugger, it appears that $referer is null and I don’t understand why. It looks like Symfony access control have a particular behavior when a Facebook service try to see a page, as no session data seems to be manage by the symfony security components.

The login feature of the application is quite simple as it follows the basics step described in the Symfony documentation.

Is anyone has a clue on what can I do to fix that? Meanwhile, I’m trying to find a workaround with Symfony events.

Source: Symfony Questions