diff --git a/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java b/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java index c876fbab98..a0d683e530 100644 --- a/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java +++ b/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java @@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; +import java.nio.charset.StandardCharsets; import java.util.Collections; import java.util.Map; import java.util.function.Function; @@ -195,7 +196,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean { String loginPageHtml = generateLoginPageHtml(request, loginError, logoutSuccess); response.setContentType("text/html;charset=UTF-8"); - response.setContentLength(loginPageHtml.length()); + response.setContentLength(loginPageHtml.getBytes(StandardCharsets.UTF_8).length); response.getWriter().write(loginPageHtml); return; @@ -299,8 +300,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean { private void renderHiddenInputs(StringBuilder sb, HttpServletRequest request) { for(Map.Entry input : this.resolveHiddenInputs.apply(request).entrySet()) { - sb.append(" \n"); + sb.append(" \n"); } } diff --git a/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java b/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java index 8b5b58cb42..2454ac71bb 100644 --- a/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java @@ -15,15 +15,6 @@ */ package org.springframework.security.web.authentication; -import static org.assertj.core.api.Assertions.assertThat; -import static org.mockito.Mockito.mock; - -import java.util.Locale; - -import javax.servlet.FilterChain; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - import org.junit.Test; import org.springframework.context.support.MessageSourceAccessor; import org.springframework.mock.web.MockHttpServletRequest; @@ -35,13 +26,22 @@ import org.springframework.security.core.SpringSecurityMessageSource; import org.springframework.security.web.WebAttributes; import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter; +import javax.servlet.FilterChain; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.util.Collections; +import java.util.Locale; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.Mockito.mock; + /** * * @author Luke Taylor * @since 3.0 */ public class DefaultLoginPageGeneratingFilterTests { - FilterChain chain = mock(FilterChain.class); + private FilterChain chain = mock(FilterChain.class); @Test public void generatingPageWithAuthenticationProcessingFilterOnlyIsSuccessFul() @@ -116,6 +116,17 @@ public class DefaultLoginPageGeneratingFilterTests { assertThat(response.getContentAsString()).isNotEmpty(); } + @Test + public void generatesForWithContentLength() throws Exception { + DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationFilter()); + filter.setOauth2LoginEnabled(true); + filter.setOauth2AuthenticationUrlToClientName(Collections.singletonMap("XYUU","\u8109\u640F\u7F51\u5E10\u6237\u767B\u5F55")); + MockHttpServletResponse response = new MockHttpServletResponse(); + MockHttpServletRequest request = new MockHttpServletRequest("GET", "/login"); + filter.doFilter(request, response, chain); + assertThat(response.getContentLength()==response.getContentAsString().getBytes(response.getCharacterEncoding()).length).isTrue(); + } + @Test public void generatesForWithQueryNoMatch() throws Exception { DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter( @@ -142,7 +153,7 @@ public class DefaultLoginPageGeneratingFilterTests { @SuppressWarnings("unused") private static class MockProcessingFilter extends AbstractAuthenticationProcessingFilter { - protected MockProcessingFilter() { + MockProcessingFilter() { super("/someurl"); }