16 лет назад · 6b3d0eac40
--- a/web/src/main/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilter.java
+++ b/web/src/main/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilter.java
@@ -77,7 +77,7 @@ public class DefaultLoginPageGeneratingFilter extends SpringSecurityFilter {
 
				             String loginPageHtml = generateLoginPageHtml(request);
			
 
				             response.setContentType("text/html;charset=UTF-8");
			
 
				             response.setContentLength(loginPageHtml.length());
			
 
				-            response.getOutputStream().print(loginPageHtml);
			
 
				+            response.getWriter().write(loginPageHtml);
			
 
				 
			
 
				             return;
			
 
				         }
			
--- a/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java
+++ b/web/src/test/java/org/springframework/security/web/authentication/DefaultLoginPageGeneratingFilterTests.java
@@ -2,15 +2,22 @@ package org.springframework.security.web.authentication;
 
				 
			
 
				 import static org.mockito.Mockito.mock;
			
 
				 
			
 
				+import java.io.IOException;
			
 
				+import java.util.Locale;
			
 
				+
			
 
				 import javax.servlet.FilterChain;
			
 
				+import javax.servlet.ServletException;
			
 
				 import javax.servlet.http.HttpServletRequest;
			
 
				 import javax.servlet.http.HttpServletResponse;
			
 
				 
			
 
				 import org.junit.Test;
			
 
				+import org.springframework.context.support.MessageSourceAccessor;
			
 
				 import org.springframework.mock.web.MockHttpServletRequest;
			
 
				 import org.springframework.mock.web.MockHttpServletResponse;
			
 
				+import org.springframework.security.authentication.BadCredentialsException;
			
 
				 import org.springframework.security.core.Authentication;
			
 
				 import org.springframework.security.core.AuthenticationException;
			
 
				+import org.springframework.security.core.SpringSecurityMessageSource;
			
 
				 import org.springframework.security.web.FilterChainOrder;
			
 
				 import org.springframework.security.web.authentication.AbstractProcessingFilter;
			
 
				 import org.springframework.security.web.authentication.AuthenticationProcessingFilter;
			
@@ -57,4 +64,19 @@ public class DefaultLoginPageGeneratingFilterTests {
 
				             return "unused";
			
 
				         }
			
 
				     }
			
 
				+
			
 
				+    /* SEC-1111 */
			
 
				+    @Test
			
 
				+    public void handlesNonIso8859CharsInErrorMessage() throws Exception {
			
 
				+        DefaultLoginPageGeneratingFilter filter = new DefaultLoginPageGeneratingFilter(new AuthenticationProcessingFilter());
			
 
				+        MockHttpServletRequest request = new MockHttpServletRequest("GET", "/spring_security_login");
			
 
				+        request.addParameter("login_error", "true");
			
 
				+        MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
			
 
				+        String message = messages.getMessage(
			
 
				+                "AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials", Locale.KOREA);
			
 
				+        System.out.println("Message: " + message);
			
 
				+        request.getSession().setAttribute(AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY, new BadCredentialsException(message));
			
 
				+
			
 
				+        filter.doFilter(request, new MockHttpServletResponse(), chain);
			
 
				+    }
			
 
				 }