Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-27 14:22:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Changed AuthorizeTag to use StringUtils.deleteAny(), instead of replace()

Browse Source
This commit is contained in:
Luke Taylor 2008-01-18 17:12:21 +00:00
parent a40bb11be3
commit 48620f3550
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
core/src/main/java/org/springframework/security/taglibs/authz/AuthorizeTag.java
View File

@ -151,10 +151,7 @@ public class AuthorizeTag extends TagSupport {
// Remove the role's whitespace characters without depending on JDK 1.4+ // Remove the role's whitespace characters without depending on JDK 1.4+
// Includes space, tab, new line, carriage return and form feed. // Includes space, tab, new line, carriage return and form feed.
String role = authority.trim(); // trim, don't use spaces, as per SEC-378 String role = authority.trim(); // trim, don't use spaces, as per SEC-378
role = StringUtils.replace(role, "\t", ""); role = StringUtils.deleteAny(role, "\t\n\r\f");
role = StringUtils.replace(role, "\r", "");
role = StringUtils.replace(role, "\n", "");
role = StringUtils.replace(role, "\f", "");
requiredAuthorities.add(new GrantedAuthorityImpl(role)); requiredAuthorities.add(new GrantedAuthorityImpl(role));
} }