Skip to content

Commit

Permalink
Fix CookieRequestCache for URL encoded query parameters
Browse files Browse the repository at this point in the history 
Avoid populating the saved request parameters with encoded values. Since the query strings of the request and saved URL are compared and must be equal, we can just use the parameters from the incoming request.

Closes gh-9203
  • Loading branch information
@eleftherias
eleftherias committed Nov 26, 2020
1 parent 8b71d21 commit 1d96579
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 6 deletions.
6 changes: 0 additions & 6 deletions web/src/main/java/org/springframework/security/web/savedrequest/CookieRequestCache.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,6 @@
package org.springframework.security.web.savedrequest;

import java.util.Base64;
import java.util.HashMap;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
Expand Down Expand Up @@ -79,11 +78,6 @@ public SavedRequest getRequest(HttpServletRequest request, HttpServletResponse r
DefaultSavedRequest.Builder builder = new DefaultSavedRequest.Builder();
int port = getPort(uriComponents);
MultiValueMap<String, String> queryParams = uriComponents.getQueryParams();
if (!queryParams.isEmpty()) {
HashMap<String, String[]> parameters = new HashMap<>(queryParams.size());
queryParams.forEach((key, value) -> parameters.put(key, value.toArray(new String[] {})));
builder.setParameters(parameters);
}
return builder.setScheme(uriComponents.getScheme()).setServerName(uriComponents.getHost())
.setRequestURI(uriComponents.getPath()).setQueryString(uriComponents.getQuery()).setServerPort(port)
.setMethod(request.getMethod()).build();
Expand Down
19 changes: 19 additions & 0 deletions web/src/test/java/org/springframework/security/web/savedrequest/CookieRequestCacheTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,25 @@ public void requestWhenDoesNotMatchSavedRequestThenDoesNotClearCookie() {
assertThat(expiredCookie).isNull();
}

@Test
public void matchingRequestWhenUrlEncodedQueryParametersThenDoesNotDuplicate() {
CookieRequestCache cookieRequestCache = new CookieRequestCache();
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServerPort(443);
request.setSecure(true);
request.setScheme("https");
request.setServerName("abc.com");
request.setRequestURI("/destination");
request.setQueryString("goto=https%3A%2F%2Fstart.spring.io");
request.setParameter("goto", "https://start.spring.io");
String redirectUrl = "https://abc.com/destination?goto=https%3A%2F%2Fstart.spring.io";
request.setCookies(new Cookie(DEFAULT_COOKIE_NAME, encodeCookie(redirectUrl)));
MockHttpServletResponse response = new MockHttpServletResponse();
final HttpServletRequest matchingRequest = cookieRequestCache.getMatchingRequest(request, response);
assertThat(matchingRequest).isNotNull();
assertThat(matchingRequest.getParameterValues("goto")).containsExactly("https://start.spring.io");
}

@Test
public void removeRequestWhenInvokedThenSetsAnExpiredCookieOnResponse() {
CookieRequestCache cookieRequestCache = new CookieRequestCache();
Expand Down

0 comments on commit 1d96579

Please sign in to comment.