inteligr8/alfresco-keycloak
1
0
Fork 0
mirror of https://github.com/bmlong137/alfresco-keycloak.git synced 2025-09-17 14:21:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Ensure parameter value is not directly written to response

Browse Source
This commit is contained in:
AFaust
2020-06-05 16:48:17 +02:00
parent 7ee498154c
commit 6298c898e2
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
share/src/main/java/de/acosix/alfresco/keycloak/share/web/KeycloakAuthenticationFilter.java
View File

@@ -74,6 +74,7 @@ import org.springframework.extensions.surf.mvc.PageViewResolver;
import org.springframework.extensions.surf.site.AuthenticationUtil; import org.springframework.extensions.surf.site.AuthenticationUtil;
import org.springframework.extensions.surf.types.Page; import org.springframework.extensions.surf.types.Page;
import org.springframework.extensions.surf.types.PageType; import org.springframework.extensions.surf.types.PageType;
import org.springframework.extensions.surf.util.URLEncoder;
import org.springframework.extensions.webscripts.Description.RequiredAuthentication; import org.springframework.extensions.webscripts.Description.RequiredAuthentication;
import org.springframework.extensions.webscripts.Status; import org.springframework.extensions.webscripts.Status;
import org.springframework.extensions.webscripts.connector.ConnectorService; import org.springframework.extensions.webscripts.connector.ConnectorService;
@@ -998,7 +999,7 @@ public class KeycloakAuthenticationFilter implements DependencyInjectedFilter, I
error = req.getParameter(ERROR_PARAMETER); error = req.getParameter(ERROR_PARAMETER);
} }
final String redirectUrl = req.getContextPath() + "/page?pt=login" final String redirectUrl = req.getContextPath() + "/page?pt=login"
+ (error == null ? "" : "&" + ERROR_PARAMETER + "=" + error); + (error == null ? "" : "&" + ERROR_PARAMETER + "=" + URLEncoder.encode(error));
res.sendRedirect(redirectUrl); res.sendRedirect(redirectUrl);
} }
} }