Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-27 14:22:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
11,559 Commits 37 Branches 348 Tags
Commit Graph

11559 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Zhivko Delchev
e97c5a533b Reverse content type check 
When MultipartFormData is enabled currently the CsrfWebFilter compares
the content-type header against MULTIPART_FORM_DATA MediaType which
leads to NullPointerExecption when there is no content-type header.
This commit reverse the check to compare the MULTIPART_FORM_DATA
MediaType against the content-type which contains null check and avoids
the exception.

closes gh-11204
Closes gh-11205
 2022-06-06 15:47:35 -05:00
Zhivko Delchev
d882bfcf2b Reverse content type check 
When MultipartFormData is enabled currently the CsrfWebFilter compares
the content-type header against MULTIPART_FORM_DATA MediaType which
leads to NullPointerExecption when there is no content-type header.
This commit reverse the check to compare the MULTIPART_FORM_DATA
MediaType against the content-type which contains null check and avoids
the exception.

closes gh-11204
Closes gh-11205
 2022-06-06 15:47:14 -05:00
shirohoo
e0fa644b08 Fix typo in BasicLookupStrategy Javadoc 
Closes gh-11336
 2022-06-06 14:16:28 -05:00
Rob Winch
592db9180d Enable BackportBot on 5.6.x 2022-06-06 14:16:28 -05:00
Rob Winch
6c3f53ac0a Fix typo in BasicLookupStrategy Javadoc 
Issue gh-11336
 2022-06-06 14:09:24 -05:00
shirohoo
b274431c07 Fix typo in BasicLookupStrategy Javadoc 
Closes gh-11336
 2022-06-06 13:55:43 -05:00
Rob Winch
3d5e5ff556 Enable BackportBot on 5.7.x 2022-06-06 13:54:36 -05:00
sKai.fun
a3e996a66b Fix title render issue of Digest Authentication document 
Closes gh-11272
 2022-06-01 17:33:41 -05:00
André Luis Gomes
aca3fc2412 Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 08:51:44 -03:00
André Luis Gomes
0c31cb21dc Update opaque-token.adoc 
Fixing yaml sample in Servlet and Reactive pages
 2022-06-01 08:50:56 -03:00
Claudio Consolmagno
ff71fcbcad
Use 'md:' prefix in EntityDescriptor XML 
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.

Closes #11283
 2022-05-31 17:12:55 -06:00
Claudio Consolmagno
07f9afe057
Use 'md:' prefix in EntityDescriptor XML 
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.

Closes #11283
 2022-05-31 17:11:02 -06:00
Claudio Consolmagno
c39d39b35f
Use 'md:' prefix in EntityDescriptor XML 
Create the EntityDescriptor object with
EntityDescriptor.DEFAULT_ELEMENT_NAME instead of
EntityDescriptor.ELEMENT_QNAME. That ensures the EntityDescriptor tag
is marshalled to xml with the 'md:' prefix, consistent with all other
metadata tags.

Closes #11283
 2022-05-31 17:08:51 -06:00
Josh Cummings
d7077b441a
Correct access(String) reference 
Closes gh-11280
 2022-05-27 15:00:15 -06:00
Josh Cummings
292585080a
Correct access(String) reference 
Closes gh-11280
 2022-05-27 14:59:06 -06:00
Josh Cummings
101f11ba94
Improve ContextConfiguration Docs 
Point to updated Spring Reference

Issue gh-10934
 2022-05-27 13:12:56 -06:00
Josh Cummings
18b903f6e3
Polish ExtendWith Docs 
Use spring-framework-reference-url placeholder

Issue gh-10934
 2022-05-27 13:12:56 -06:00
nor-ek
038266a94f
Update JUnit 5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 13:12:55 -06:00
Josh Cummings
8690accd57
Improve ContextConfiguration Docs 
Point to updated Spring Reference

Issue gh-10934
 2022-05-27 12:57:57 -06:00
Josh Cummings
e3c15260e7
Polish ExtendWith Docs 
Use spring-framework-reference-url placeholder

Issue gh-10934
 2022-05-27 12:57:57 -06:00
nor-ek
9625382b22
Update JUnit 5 annotations in documentation 
- replace Before with BeforeEach
- replace RunWith with ExtendWith

Closes gh-10934
 2022-05-27 12:57:56 -06:00
Evgeniy Cheban
cf559ab224
Some Security Expressions cause NPE when used within Query annotation 
Added trustResolver, roleHierarchy, permissionEvaluator, defaultRolePrefix
fields to SecurityEvaluationContextExtension.

Closes gh-11196
Closes gh-11290
 2022-05-26 17:44:28 -05:00
Evgeniy Cheban
48ef3f4719
Some Security Expressions cause NPE when used within Query annotation 
Added trustResolver, roleHierarchy, permissionEvaluator, defaultRolePrefix
fields to SecurityEvaluationContextExtension.

Closes gh-11196
Closes gh-11289
 2022-05-26 17:43:50 -05:00
Juny Tse
649428b49a
Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 12:06:27 -06:00
Juny Tse
d0da160007
Use Base64 encoder with no CRLF in output for SAML 2.0 messages 
Closes gh-11262
 2022-05-25 12:02:13 -06:00
Steve Riesenberg
33b74c7893
Next development version 2022-05-18 14:17:03 -05:00
Steve Riesenberg
e70752954a
Release 5.5.8 5.5.8 2022-05-18 11:52:45 -05:00
Steve Riesenberg
0355e960d7
Next development version 2022-05-18 11:52:05 -05:00
Steve Riesenberg
fdad14af63
Release 5.6.5 5.6.5 2022-05-18 11:03:25 -05:00
Rob Winch
4caf53e96d Next Development Version 2022-05-18 10:06:25 -05:00
Rob Winch
22a1c99b9e Release 5.7.1 5.7.1 2022-05-18 10:00:11 -05:00
Rob Winch
cfc057b629 StrictHttpFirewall allows CJKV characters 
Closes gh-11264
 2022-05-18 09:50:10 -05:00
Rob Winch
d94639a1bb StrictHttpFirewall allows CJKV characters 
Closes gh-11264
 2022-05-18 09:49:01 -05:00
Rob Winch
29b2b7a977 StrictHttpFirewall allows CJKV characters 
Closes gh-11264
 2022-05-18 09:14:30 -05:00
Rob Winch
66d1cd592a StrictHttpFirewall allows CJKV characters 
Closes gh-11264
 2022-05-18 09:04:46 -05:00
Rob Winch
077c9e0b3e StrictHttpFirewall allows CJKV characters 
Closes gh-11264
 2022-05-18 08:56:57 -05:00
Rob Winch
e2eed33eca Add StrictHttpFirewall.allow* new lines and separators 
Issue gh-11264
 2022-05-17 22:24:31 -05:00
Rob Winch
5bf478e72e Fix Formatting 
Issue gh-11264
 2022-05-17 16:16:02 -05:00
Rob Winch
e0a6a9efa9 StrictHttpFirewall allows CJKV characters 
Issue gh-11264
 2022-05-17 15:53:18 -05:00
Josh Cummings
084f1fe59c
Release 5.4.11 2022-05-16 14:29:52 -06:00
Josh Cummings
8a64084c82
Add to GitHub Actions CI 2022-05-16 14:29:27 -06:00
Rob Winch
353fac48da Next Development Version 2022-05-16 15:11:34 -05:00
Marcus Da Coregio
b8b0661d73
Lock Dependencies for Release 2022-05-16 14:01:51 -06:00
Josh Cummings
957768310d
Point SAML Sample at Okta 2022-05-16 14:01:51 -06:00
Josh Cummings
5f7fc0eb26
Improve Upgrading 
Closes gh-11259
 2022-05-16 11:08:00 -06:00
Rob Winch
dc648cf79f Next Developement Version 2022-05-16 11:51:06 -05:00
Rob Winch
5155719877 Next Development Version 2022-05-16 11:44:53 -05:00
Rob Winch
ada3337104 Release 5.5.7 5.5.7 2022-05-16 11:37:33 -05:00
Josh Cummings
0bd7daf899 Improve Upgrading 2022-05-16 11:37:33 -05:00
Rob Winch
c2d2914a4f Release 5.6.4 5.6.4 2022-05-16 11:36:26 -05:00