mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-07-04 01:32:14 +00:00
SEC-532: Madded FilterinvocationDefinitionSourceMapping package scoped
This commit is contained in:
Luke Taylor
parent
8e5b608ee9
commit
a0ee7fb6fd
@ -29,7 +29,7 @@ import org.springframework.security.ConfigAttribute;
|
|||||||
* @version $Id$
|
* @version $Id$
|
||||||
* @since 1.1
|
* @since 1.1
|
||||||
*/
|
*/
|
||||||
public class FilterInvocationDefinitionSourceMapping {
|
class FilterInvocationDefinitionSourceMapping {
|
||||||
|
|
||||||
private String url;
|
private String url;
|
||||||
|
|
||||||
|
|||||||
@ -54,6 +54,9 @@ public class PathBasedFilterInvocationDefinitionMap extends DefaultFilterInvocat
|
|||||||
public void addSecureUrl(String antPath, String method, ConfigAttributeDefinition attr) {
|
public void addSecureUrl(String antPath, String method, ConfigAttributeDefinition attr) {
|
||||||
// SEC-501: If using lower case comparison, we should convert the paths to lower case
|
// SEC-501: If using lower case comparison, we should convert the paths to lower case
|
||||||
// as any upper case characters included by mistake will prevent the URL from ever being matched.
|
// as any upper case characters included by mistake will prevent the URL from ever being matched.
|
||||||
|
// This shouldn't be needed anymore. The property editor complains if there is upper case text in the URL
|
||||||
|
// and the namespace implementation does the conversion itself, so it is safe to use the parent class
|
||||||
|
// directly.
|
||||||
if (getUrlMatcher().requiresLowerCaseUrl()) {
|
if (getUrlMatcher().requiresLowerCaseUrl()) {
|
||||||
antPath = antPath.toLowerCase();
|
antPath = antPath.toLowerCase();
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user