Sākums Izpētīt Palīdzība
Reģistrēties Pierakstīties
github
/
spring-security
spogulis no https://github.com/spring-projects/spring-security
2
0
Atdalīts 0
Faili Problēmas 0 Vikivietne
Pārlūkot izejas kodu

Merge branch '5.6.x' into 5.7.x

Closes gh-12221
Marcus Da Coregio 2 gadi atpakaļ
vecāks
79483b2bc9 53148dc7b5
revīzija
8441e755d3
2 mainītis faili ar 18 papildinājumiem un 2 dzēšanām
Dalītais skats Rādīt salīdzināšanas statistiku
  1. 2 1
      saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/Saml2MetadataFilter.java
  2. 16 1
      saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2MetadataFilterTests.java

+ 2 - 1
saml2/saml2-service-provider/src/main/java/org/springframework/security/saml2/provider/service/web/Saml2MetadataFilter.java
Parādīt failu 

@@ -1,5 +1,5 @@
 
 /*
 
- * Copyright 2002-2021 the original author or authors.
 
+ * Copyright 2002-2022 the original author or authors.
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -105,6 +105,7 @@ public final class Saml2MetadataFilter extends OncePerRequestFilter {
 
 		String format = "attachment; filename=\"%s\"; filename*=UTF-8''%s";
 
 		response.setHeader(HttpHeaders.CONTENT_DISPOSITION, String.format(format, fileName, encodedFileName));
 
 		response.setContentLength(metadata.length());
 
+		response.setCharacterEncoding(StandardCharsets.UTF_8.name());
 
 		response.getWriter().write(metadata);
 
 	}

+ 16 - 1
saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/web/Saml2MetadataFilterTests.java
Parādīt failu 

@@ -1,5 +1,5 @@
 
 /*
 
- * Copyright 2002-2021 the original author or authors.
 
+ * Copyright 2002-2022 the original author or authors.
 
  *
 
  * Licensed under the Apache License, Version 2.0 (the "License");
 
  * you may not use this file except in compliance with the License.
 
@@ -153,6 +153,21 @@ public class Saml2MetadataFilterTests {
 
 		verify(this.repository).findByRegistrationId("registration-id");
 
 	}
 
 
+	// gh-12026
 
+	@Test
 
+	public void doFilterWhenCharacterEncodingThenEncodeSpecialCharactersCorrectly() throws Exception {
 
+		RelyingPartyRegistration validRegistration = TestRelyingPartyRegistrations.full().build();
 
+		String testMetadataFilename = "test-{registrationId}-metadata.xml";
 
+		String generatedMetadata = "<xml>testäöü</xml>";
 
+		this.request.setPathInfo("/saml2/service-provider-metadata/registration-id");
 
+		given(this.resolver.resolve(validRegistration)).willReturn(generatedMetadata);
 
+		this.filter = new Saml2MetadataFilter((req, id) -> validRegistration, this.resolver);
 
+		this.filter.setMetadataFilename(testMetadataFilename);
 
+		this.filter.doFilter(this.request, this.response, this.chain);
 
+		assertThat(this.response.getCharacterEncoding()).isEqualTo(StandardCharsets.UTF_8.name());
 
+		assertThat(new String(this.response.getContentAsByteArray())).isEqualTo(generatedMetadata);
 
+	}
 
+
 
 	@Test
 
 	public void setRequestMatcherWhenNullThenIllegalArgument() {
 
 		assertThatIllegalArgumentException().isThrownBy(() -> this.filter.setRequestMatcher(null));