Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-07 19:22:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1333: Added error message for invalid redirect URL assertion

Browse Source
This commit is contained in:
Luke Taylor 2009-12-18 19:29:36 +00:00
parent aeed49393c
commit 97a31cae04
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
web/src/main/java/org/springframework/security/web/authentication/SimpleUrlAuthenticationFailureHandler.java
View File

@ -66,7 +66,8 @@ public class SimpleUrlAuthenticationFailureHandler implements AuthenticationFail
* @param defaultFailureUrl the failure URL, for example "/loginFailed.jsp". * @param defaultFailureUrl the failure URL, for example "/loginFailed.jsp".
*/ */
public void setDefaultFailureUrl(String defaultFailureUrl) { public void setDefaultFailureUrl(String defaultFailureUrl) {
Assert.isTrue(UrlUtils.isValidRedirectUrl(defaultFailureUrl)); Assert.isTrue(UrlUtils.isValidRedirectUrl(defaultFailureUrl),
"'" + defaultFailureUrl + "' is not a valid redirect URL");
this.defaultFailureUrl = defaultFailureUrl; this.defaultFailureUrl = defaultFailureUrl;
} }