Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-08 11:32:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-229: Allow external URLs from AbstractProcessingFilter.

Browse Source
This commit is contained in:
Ben Alex 2006-04-26 04:36:54 +00:00
parent 97ac9f7e98
commit 540c7b2e6a
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
core/src/main/java/org/acegisecurity/ui/AbstractProcessingFilter.java
View File

@ -350,6 +350,17 @@ public abstract class AbstractProcessingFilter implements Filter,
return uri.endsWith(request.getContextPath() + filterProcessesUrl); return uri.endsWith(request.getContextPath() + filterProcessesUrl);
} }
protected void sendRedirect(HttpServletRequest request,
HttpServletResponse response, String failureUrl)
throws IOException {
if (!failureUrl.startsWith("http://")
&& !failureUrl.startsWith("https://")) {
failureUrl = request.getContextPath() + failureUrl;
}
response.sendRedirect(response.encodeRedirectURL(failureUrl));
}
public void setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl) { public void setAlwaysUseDefaultTargetUrl(boolean alwaysUseDefaultTargetUrl) {
this.alwaysUseDefaultTargetUrl = alwaysUseDefaultTargetUrl; this.alwaysUseDefaultTargetUrl = alwaysUseDefaultTargetUrl;
} }
@ -466,7 +477,6 @@ public abstract class AbstractProcessingFilter implements Filter,
rememberMeServices.loginFail(request, response); rememberMeServices.loginFail(request, response);
response.sendRedirect(response.encodeRedirectURL(request.getContextPath() sendRedirect(request, response, failureUrl);
+ failureUrl));
} }
} }