7 years ago · 23dd136efb
--- a/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/ui/DefaultLoginPageGeneratingFilter.java
@@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest;
 
				 import javax.servlet.http.HttpServletResponse;
			
 
				 import javax.servlet.http.HttpSession;
			
 
				 import java.io.IOException;
			
 
				+import java.nio.charset.StandardCharsets;
			
 
				 import java.util.Collections;
			
 
				 import java.util.Map;
			
 
				 import java.util.function.Function;
			
@@ -195,7 +196,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
 
				 			String loginPageHtml = generateLoginPageHtml(request, loginError,
			
 
				 					logoutSuccess);
			
 
				 			response.setContentType("text/html;charset=UTF-8");
			
 
				-			response.setContentLength(loginPageHtml.length());
			
 
				+			response.setContentLength(loginPageHtml.getBytes(StandardCharsets.UTF_8).length);
			
 
				 			response.getWriter().write(loginPageHtml);
			
 
				 
			
 
				 			return;
			
@@ -299,8 +300,7 @@ public class DefaultLoginPageGeneratingFilter extends GenericFilterBean {
 
				 
			
 
				 	private void renderHiddenInputs(StringBuilder sb, HttpServletRequest request) {
			
 
				 		for(Map.Entry<String, String> input : this.resolveHiddenInputs.apply(request).entrySet()) {
			
 
				-			sb.append("	<input name=\"" + input.getKey()
			
 
				-					+ "\" type=\"hidden\" value=\"" + input.getValue() + "\" />\n");
			
 
				+			sb.append("	<input name=\"").append(input.getKey()).append("\" type=\"hidden\" value=\"").append(input.getValue()).append("\" />\n");
			
 
				 		}
			
 
				 	}
			
 
				 
			
--- a/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java
@@ -15,15 +15,6 @@
 
				  */
			
 
				 package org.springframework.security.web.authentication;
			
 
				 
			
 
				-import static org.assertj.core.api.Assertions.assertThat;
			
 
				-import static org.mockito.Mockito.mock;
			
 
				-
			
 
				-import java.util.Locale;
			
 
				-
			
 
				-import javax.servlet.FilterChain;
			
 
				-import javax.servlet.http.HttpServletRequest;
			
 
				-import javax.servlet.http.HttpServletResponse;
			
 
				-
			
 
				 import org.junit.Test;
			
 
				 import org.springframework.context.support.MessageSourceAccessor;
			
 
				 import org.springframework.mock.web.MockHttpServletRequest;
			
@@ -35,13 +26,22 @@ import org.springframework.security.core.SpringSecurityMessageSource;
 
				 import org.springframework.security.web.WebAttributes;
			
 
				 import org.springframework.security.web.authentication.ui.DefaultLoginPageGeneratingFilter;
			
 
				 
			
 
				+import javax.servlet.FilterChain;
			
 
				+import javax.servlet.http.HttpServletRequest;
			
 
				+import javax.servlet.http.HttpServletResponse;
			
 
				+import java.util.Collections;
			
 
				+import java.util.Locale;
			
 
				+
			
 
				+import static org.assertj.core.api.Assertions.assertThat;
			
 
				+import static org.mockito.Mockito.mock;
			
 
				+
			
 
				 /**
			
 
				  *
			
 
				  * @author Luke Taylor
			
 
				  * @since 3.0
			
 
				  */
			
 
				 public class DefaultLoginPageGeneratingFilterTests {
			
 
				-	FilterChain chain = mock(FilterChain.class);
			
 
				+	private FilterChain chain = mock(FilterChain.class);
			
 
				 
			
 
				 	@Test
			
 
				 	public void generatingPageWithAuthenticationProcessingFilterOnlyIsSuccessFul()
			
@@ -116,6 +116,17 @@ public class DefaultLoginPageGeneratingFilterTests {
 
				 		assertThat(response.getContentAsString()).isNotEmpty();
			
 
				 	}
			
 
				 
			
 
				+	@Test
			
 
				+	public void generatesForWithContentLength() throws Exception {
			
 
				+		DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new UsernamePasswordAuthenticationFilter());
			
 
				+		filter.setOauth2LoginEnabled(true);
			
 
				+		filter.setOauth2AuthenticationUrlToClientName(Collections.singletonMap("XYUU","\u8109\u640F\u7F51\u5E10\u6237\u767B\u5F55"));
			
 
				+		MockHttpServletResponse response = new MockHttpServletResponse();
			
 
				+		MockHttpServletRequest request = new MockHttpServletRequest("GET", "/login");
			
 
				+		filter.doFilter(request, response, chain);
			
 
				+		assertThat(response.getContentLength()==response.getContentAsString().getBytes(response.getCharacterEncoding()).length).isTrue();
			
 
				+	}
			
 
				+
			
 
				 	@Test
			
 
				 	public void generatesForWithQueryNoMatch() throws Exception {
			
 
				 		DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(
			
@@ -142,7 +153,7 @@ public class DefaultLoginPageGeneratingFilterTests {
 
				 	@SuppressWarnings("unused")
			
 
				 	private static class MockProcessingFilter extends
			
 
				 			AbstractAuthenticationProcessingFilter {
			
 
				-		protected MockProcessingFilter() {
			
 
				+		MockProcessingFilter() {
			
 
				 			super("/someurl");
			
 
				 		}