Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-08 21:22:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1803: Add check in AbstractAuthenticationTargetUrlRequestHandler for null targetUrlParameter before attempting to read it from the request. Prevents NPE when targetUrlParameter is not set.

Browse Source
This commit is contained in:
Luke Taylor 2011-08-29 13:47:31 +01:00
parent 102027a44c
commit ee74c4ced2
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java
View File

@ -83,7 +83,11 @@ public abstract class AbstractAuthenticationTargetUrlRequestHandler {
} }
// Check for the parameter and use that if available // Check for the parameter and use that if available
String targetUrl = request.getParameter(targetUrlParameter); String targetUrl = null;
if (targetUrlParameter != null) {
targetUrl = request.getParameter(targetUrlParameter);
}
if (StringUtils.hasText(targetUrl)) { if (StringUtils.hasText(targetUrl)) {
try { try {