Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Polish HTTP Response Splitting 

Issue gh-3910
This commit is contained in:
Rob Winch 2016-09-23 12:49:01 -05:00
parent 9ae163e92d
commit 6fb564a629
2 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
web/src/main/java/org/springframework/security/web/firewall/FirewalledResponse.java
View File

@ -40,35 +40,35 @@ class FirewalledResponse extends HttpServletResponseWrapper {
public void sendRedirect(String location) throws IOException { public void sendRedirect(String location) throws IOException {
// TODO: implement pluggable validation, instead of simple blacklisting. // TODO: implement pluggable validation, instead of simple blacklisting.
// SEC-1790. Prevent redirects containing CRLF // SEC-1790. Prevent redirects containing CRLF
validateCRLF(LOCATION_HEADER, location); validateCrlf(LOCATION_HEADER, location);
super.sendRedirect(location); super.sendRedirect(location);
} }
@Override @Override
public void setHeader(String name, String value) { public void setHeader(String name, String value) {
validateCRLF(name, value); validateCrlf(name, value);
super.setHeader(name, value); super.setHeader(name, value);
} }
@Override @Override
public void addHeader(String name, String value) { public void addHeader(String name, String value) {
validateCRLF(name, value); validateCrlf(name, value);
super.addHeader(name, value); super.addHeader(name, value);
} }
@Override @Override
public void addCookie(Cookie cookie) { public void addCookie(Cookie cookie) {
if(cookie != null) { if(cookie != null) {
validateCRLF(SET_COOKIE_HEADER, cookie.getName()); validateCrlf(SET_COOKIE_HEADER, cookie.getName());
validateCRLF(SET_COOKIE_HEADER, cookie.getValue()); validateCrlf(SET_COOKIE_HEADER, cookie.getValue());
validateCRLF(SET_COOKIE_HEADER, cookie.getPath()); validateCrlf(SET_COOKIE_HEADER, cookie.getPath());
validateCRLF(SET_COOKIE_HEADER, cookie.getDomain()); validateCrlf(SET_COOKIE_HEADER, cookie.getDomain());
validateCRLF(SET_COOKIE_HEADER, cookie.getComment()); validateCrlf(SET_COOKIE_HEADER, cookie.getComment());
} }
super.addCookie(cookie); super.addCookie(cookie);
} }
void validateCRLF(String name, String value) { void validateCrlf(String name, String value) {
if (hasCrlf(name) || hasCrlf(value)) { if (hasCrlf(name) || hasCrlf(value)) {
throw new IllegalArgumentException( throw new IllegalArgumentException(
"Invalid characters (CR/LF) in header " + name); "Invalid characters (CR/LF) in header " + name);

2
web/src/test/java/org/springframework/security/web/firewall/FirewalledResponseTests.java
View File

@ -180,7 +180,7 @@ public class FirewalledResponseTests {
private void validateLineEnding(String name, String value) { private void validateLineEnding(String name, String value) {
try { try {
fwResponse.validateCRLF(name, value); fwResponse.validateCrlf(name, value);
fail("IllegalArgumentException should have thrown"); fail("IllegalArgumentException should have thrown");
} }
catch (IllegalArgumentException expected) { catch (IllegalArgumentException expected) {