SEC-3032: Correct documented logout-success-url default

config/src/main/resources/org/springframework/security/config/spring-security-4.0.rnc

@@ -389,7 +389,7 @@ logout.attlist &=
 	## Specifies the URL that will cause a logout. Spring Security will initialize a filter that responds to this particular URL. Defaults to /logout if unspecified.
 	attribute logout-url {xsd:token}?
 logout.attlist &=
-	## Specifies the URL to display once the user has logged out. If not specified, defaults to /.
+	## Specifies the URL to display once the user has logged out. If not specified, defaults to <form-login-login-page>/?logout (i.e. /login?logout).
 	attribute logout-success-url {xsd:token}?
 logout.attlist &=
 	## Specifies whether a logout also causes HttpSession invalidation, which is generally desirable. If unspecified, defaults to true.

config/src/main/resources/org/springframework/security/config/spring-security-4.0.xsd

@@ -1355,7 +1355,7 @@
       <xs:attribute name="logout-success-url" type="xs:token">
          <xs:annotation>
             <xs:documentation>Specifies the URL to display once the user has logged out. If not specified, defaults to
-                /.
+                &lt;form-login-login-page&gt;/?logout (i.e. /login?logout).
                 </xs:documentation>
          </xs:annotation>
       </xs:attribute>

docs/manual/src/docs/asciidoc/index.adoc

@@ -7492,7 +7492,7 @@ Maps to the `invalidateHttpSession` of the `SecurityContextLogoutHandler`. Defau
 
 [[nsa-logout-logout-success-url]]
 * **logout-success-url**
-The destination URL which the user will be taken to after logging out. Defaults to "/".
+The destination URL which the user will be taken to after logging out. Defaults to <form-login-login-page>/?logout (i.e. /login?logout)
 
 +