Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Javadoc correction.

This commit is contained in:
Luke Taylor 2011-05-24 12:01:04 +01:00
parent b53d430798
commit 84902ebb50
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java
View File

@ -30,9 +30,8 @@ import org.springframework.util.StringUtils;
* will be used for the destination.
* </li>
* <li>
* If {@code useTargetUrlparameter} is {@code true}, and a parameter matching the {@code targetUrlParameter} has been
* set on the request, the value will be used as the destination. The default parameter name is
* {@code spring-security-redirect}. If you are enabling this functionality, then you should ensure that the parameter
* If a parameter matching the value of {@code targetUrlParameter} has been set on the request, the value will be used
* as the destination. If you are enabling this functionality, then you should ensure that the parameter
* cannot be used by an attacker to redirect the user to a malicious site (by clicking on a URL with the parameter
* included, for example). Typically it would be used when the parameter is included in the login form and submitted with
* the username and password.