mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-03-06 21:39:25 +00:00
832f5c39c1
We have an issue where token strings that contain a colon break the existing decoding strategy, which tokenizes on colons. so this change urlencodes the individual tokens when creating the cookie string; and urldecodes them decoding the cookie and extracting the tokens. This also eliminates the need for existing code to deal with openid tokens which contain urls, and thus colons.