Improve HTTP redirect URL encoding.

2004-05-26 22:17:14 +00:00 · 2004-05-26 22:17:14 +00:00 · 0cbea9b452
parent d5c14142d1
commit 0cbea9b452
5 changed files with 10 additions and 7 deletions
--- a/core/src/main/java/org/acegisecurity/securechannel/RetryWithHttpEntryPoint.java
+++ b/core/src/main/java/org/acegisecurity/securechannel/RetryWithHttpEntryPoint.java
@ -117,6 +117,7 @@ public class RetryWithHttpEntryPoint implements InitializingBean,
            logger.debug("Redirecting to: " + redirectUrl);
        }

-        ((HttpServletResponse) response).sendRedirect(redirectUrl);
+        ((HttpServletResponse) response).sendRedirect(((HttpServletResponse) response)
+            .encodeRedirectURL(redirectUrl));
    }
 }
--- a/core/src/main/java/org/acegisecurity/securechannel/RetryWithHttpsEntryPoint.java
+++ b/core/src/main/java/org/acegisecurity/securechannel/RetryWithHttpsEntryPoint.java
@ -117,6 +117,7 @@ public class RetryWithHttpsEntryPoint implements InitializingBean,
            logger.debug("Redirecting to: " + redirectUrl);
        }

-        ((HttpServletResponse) response).sendRedirect(redirectUrl);
+        ((HttpServletResponse) response).sendRedirect(((HttpServletResponse) response)
+            .encodeRedirectURL(redirectUrl));
    }
 }
--- a/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java
+++ b/core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java
@ -224,8 +224,8 @@ public abstract class AbstractProcessingFilter implements Filter,
                    failed);
                httpRequest.getSession().setAttribute(HttpSessionIntegrationFilter.ACEGI_SECURITY_AUTHENTICATION_KEY,
                    null);
-                httpResponse.sendRedirect(httpRequest.getContextPath()
-                    + authenticationFailureUrl);
+                httpResponse.sendRedirect(httpResponse.encodeRedirectURL(httpRequest
+                        .getContextPath() + authenticationFailureUrl));

                return;
            }
@ -252,7 +252,7 @@ public abstract class AbstractProcessingFilter implements Filter,
                    + targetUrl);
            }

-            httpResponse.sendRedirect(targetUrl);
+            httpResponse.sendRedirect(httpResponse.encodeRedirectURL(targetUrl));

            return;
        }
--- a/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterEntryPoint.java
+++ b/core/src/main/java/org/acegisecurity/ui/webapp/AuthenticationProcessingFilterEntryPoint.java
@ -176,6 +176,7 @@ public class AuthenticationProcessingFilterEntryPoint
            logger.debug("Redirecting to: " + redirectUrl);
        }

-        ((HttpServletResponse) response).sendRedirect(redirectUrl);
+        ((HttpServletResponse) response).sendRedirect(((HttpServletResponse) response)
+            .encodeRedirectURL(redirectUrl));
    }
 }
--- a/core/src/test/java/org/acegisecurity/MockHttpServletResponse.java
+++ b/core/src/test/java/org/acegisecurity/MockHttpServletResponse.java
@ -146,7 +146,7 @@ public class MockHttpServletResponse implements HttpServletResponse {
    }

    public String encodeRedirectURL(String arg0) {
-        throw new UnsupportedOperationException("mock method not implemented");
+        return arg0;
    }

    public String encodeRedirectUrl(String arg0) {