Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-05-29 08:12:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

The HttpHeader's ContentLength is a byte unit

Browse Source
This commit is contained in:
XYUU 2018-04-26 11:07:28 +08:00 committed by Rob Winch
parent 44b22e7208
commit 23dd136efb
2 changed files with 25 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java
View File

@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.Collections;
import java.util.Map;
import java.util.function.Function;
@ -195,7 +196,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
String loginPageHtml = generateLoginPageHtml(request, loginError,
logoutSuccess);
response.setContentType("text/html;charset=UTF-8");
response.setContentLength(loginPageHtml.length());
response.setContentLength(loginPageHtml.getBytes(StandardCharsets.UTF_8).length);
response.getWriter().write(loginPageHtml);
return;
@ -299,8 +300,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
private void renderHiddenInputs(StringBuilder sb, HttpServletRequest request) {
for(Map.Entry<String, String> input : this.resolveHiddenInputs.apply(request).entrySet()) {
sb.append(" <input name=\"" + input.getKey()
+ "\" type=\"hidden\" value=\"" + input.getValue() + "\" />\n");
sb.append(" <input name=\"").append(input.getKey()).append("\" type=\"hidden\" value=\"").append(input.getValue()).append("\" />\n");
}
}

33
web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java
View File

@ -15,15 +15,6 @@
*/
package org.springframework.security.web.authentication;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import java.util.Locale;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.junit.Test;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.mock.web.MockHttpServletRequest;
@ -35,13 +26,22 @@ import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.web.WebAttributes;
import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.Collections;
import java.util.Locale;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
/**
*
* @author Luke Taylor
* @since 3.0
*/
public class DefaultLoginPageGeneratingFilterTests {
FilterChain chain = mock(FilterChain.class);
private FilterChain chain = mock(FilterChain.class);
@Test
public void generatingPageWithAuthenticationProcessingFilterOnlyIsSuccessFul()
@ -116,6 +116,17 @@ public class DefaultLoginPageGeneratingFilterTests {
assertThat(response.getContentAsString()).isNotEmpty();
}
@Test
public void generatesForWithContentLength() throws Exception {
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationFilter());
filter.setOauth2LoginEnabled(true);
filter.setOauth2AuthenticationUrlToClientName(Collections.singletonMap("XYUU","\u8109\u640F\u7F51\u5E10\u6237\u767B\u5F55"));
MockHttpServletResponse response = new MockHttpServletResponse();
MockHttpServletRequest request = new MockHttpServletRequest("GET", "/login");
filter.doFilter(request, response, chain);
assertThat(response.getContentLength()==response.getContentAsString().getBytes(response.getCharacterEncoding()).length).isTrue();
}
@Test
public void generatesForWithQueryNoMatch() throws Exception {
DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(
@ -142,7 +153,7 @@ public class DefaultLoginPageGeneratingFilterTests {
@SuppressWarnings("unused")
private static class MockProcessingFilter extends
AbstractAuthenticationProcessingFilter {
protected MockProcessingFilter() {
MockProcessingFilter() {
super("/someurl");
}