首頁 探索 說明
註冊 登入
github
/
spring-security
镜像来自 https://github.com/spring-projects/spring-security
2
0
複刻 0
檔案 問題管理 0 Wiki
瀏覽代碼

SEC-1772: remote URL decoding of targetUrlParameter in AbstractAuthenticationTargetUrlRequestHandler.

Luke Taylor 14 年之前
父節點
de97bac85b
當前提交
700fa9e0b6
共有 1 個文件被更改,包括 0 次插入6 次删除
分割檢視 顯示文件統計
  1. 0 6
      web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java

+ 0 - 6
web/src/main/java/org/springframework/security/web/authentication/AbstractAuthenticationTargetUrlRequestHandler.java
查看文件 

@@ -91,12 +91,6 @@ public abstract class AbstractAuthenticationTargetUrlRequestHandler {
 
             targetUrl = request.getParameter(targetUrlParameter);
 
 
             if (StringUtils.hasText(targetUrl)) {
 
-                try {
 
-                    targetUrl = URLDecoder.decode(targetUrl, "UTF-8");
 
-                } catch (UnsupportedEncodingException e) {
 
-                    throw new IllegalStateException("UTF-8 not supported. Shouldn't be possible");
 
-                }
 
-
 
                 logger.debug("Found targetUrlParameter in request: " + targetUrl);
 
 
                 return targetUrl;