Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-28 14:52:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1772: remote URL decoding of targetUrlParameter in AbstractAuthenticationTargetUrlRequestHandler.

Browse Source
This commit is contained in:
Luke Taylor 2011-07-13 22:13:52 +01:00
parent de97bac85b
commit 700fa9e0b6
1 changed files with 0 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java
View File

@ -91,12 +91,6 @@ public abstract class AbstractAuthenticationTargetUrlRequestHandler {
targetUrl = request.getParameter(targetUrlParameter); targetUrl = request.getParameter(targetUrlParameter);
if (StringUtils.hasText(targetUrl)) { if (StringUtils.hasText(targetUrl)) {
try {
targetUrl = URLDecoder.decode(targetUrl, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new IllegalStateException("UTF-8 not supported. Shouldn't be possible");
}
logger.debug("Found targetUrlParameter in request: " + targetUrl); logger.debug("Found targetUrlParameter in request: " + targetUrl);
return targetUrl; return targetUrl;