Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add guard around debug logging involving string concatenation

This commit is contained in:
Craig Andrews 2021-04-16 12:18:44 -04:00 committed by Rob Winch
parent 0af74ce134
commit 0e6d47b082
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/src/main/java/org/springframework/security/web/session/RequestedUrlRedirectInvalidSessionStrategy.java
View File

@ -46,7 +46,9 @@ public final class RequestedUrlRedirectInvalidSessionStrategy implements Invalid
public void onInvalidSessionDetected(HttpServletRequest request, HttpServletResponse response) throws IOException { public void onInvalidSessionDetected(HttpServletRequest request, HttpServletResponse response) throws IOException {
String destinationUrl = ServletUriComponentsBuilder.fromRequest(request).host(null).scheme(null).port(null) String destinationUrl = ServletUriComponentsBuilder.fromRequest(request).host(null).scheme(null).port(null)
.toUriString(); .toUriString();
if (this.logger.isDebugEnabled()) {
this.logger.debug("Starting new session (if required) and redirecting to '" + destinationUrl + "'"); this.logger.debug("Starting new session (if required) and redirecting to '" + destinationUrl + "'");
}
if (this.createNewSession) { if (this.createNewSession) {
request.getSession(); request.getSession();
} }