From ce012a46613fffb6a68d5bbcd71fefa7c2d4e750 Mon Sep 17 00:00:00 2001 From: Marcus Da Coregio Date: Tue, 12 Sep 2023 16:21:27 +0100 Subject: [PATCH] CookieRequestCache Should Preserve Request Locale Closes gh-13792 --- .../web/savedrequest/CookieRequestCache.java | 5 ++-- .../savedrequest/CookieRequestCacheTests.java | 24 ++++++++++++++++++- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/web/src/main/java/org/springframework/security/web/savedrequest/CookieRequestCache.java b/web/src/main/java/org/springframework/security/web/savedrequest/CookieRequestCache.java index 9999cc2ee7..9676025514 100644 --- a/web/src/main/java/org/springframework/security/web/savedrequest/CookieRequestCache.java +++ b/web/src/main/java/org/springframework/security/web/savedrequest/CookieRequestCache.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2023 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,6 +17,7 @@ package org.springframework.security.web.savedrequest; import java.util.Base64; +import java.util.Collections; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; @@ -78,7 +79,7 @@ public class CookieRequestCache implements RequestCache { int port = getPort(uriComponents); return builder.setScheme(uriComponents.getScheme()).setServerName(uriComponents.getHost()) .setRequestURI(uriComponents.getPath()).setQueryString(uriComponents.getQuery()).setServerPort(port) - .setMethod(request.getMethod()).build(); + .setMethod(request.getMethod()).setLocales(Collections.list(request.getLocales())).build(); } private int getPort(UriComponents uriComponents) { diff --git a/web/src/test/java/org/springframework/security/web/savedrequest/CookieRequestCacheTests.java b/web/src/test/java/org/springframework/security/web/savedrequest/CookieRequestCacheTests.java index 320a273181..409da91e36 100644 --- a/web/src/test/java/org/springframework/security/web/savedrequest/CookieRequestCacheTests.java +++ b/web/src/test/java/org/springframework/security/web/savedrequest/CookieRequestCacheTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2020 the original author or authors. + * Copyright 2002-2023 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,7 +16,10 @@ package org.springframework.security.web.savedrequest; +import java.util.Arrays; import java.util.Base64; +import java.util.Collections; +import java.util.Locale; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; @@ -183,6 +186,25 @@ public class CookieRequestCacheTests { assertThat(expiredCookie.getMaxAge()).isZero(); } + // gh-13792 + @Test + public void matchingRequestWhenMatchThenKeepOriginalRequestLocale() { + CookieRequestCache cookieRequestCache = new CookieRequestCache(); + MockHttpServletRequest request = new MockHttpServletRequest(); + request.setServerPort(443); + request.setSecure(true); + request.setScheme("https"); + request.setServerName("example.com"); + request.setRequestURI("/destination"); + request.setPreferredLocales(Arrays.asList(Locale.FRENCH, Locale.GERMANY)); + String redirectUrl = "https://example.com/destination"; + request.setCookies(new Cookie(DEFAULT_COOKIE_NAME, encodeCookie(redirectUrl))); + MockHttpServletResponse response = new MockHttpServletResponse(); + HttpServletRequest matchingRequest = cookieRequestCache.getMatchingRequest(request, response); + assertThat(matchingRequest).isNotNull(); + assertThat(Collections.list(matchingRequest.getLocales())).contains(Locale.FRENCH, Locale.GERMANY); + } + private static String encodeCookie(String cookieValue) { return Base64.getEncoder().encodeToString(cookieValue.getBytes()); }