Tree:
82cd72768d
1.0.x
2.0.x
3.0.x
3.1.x
3.2.x
4.0.x
4.1.x
4.2.x
5.0.x
5.1.x
5.2.x
5.3.x
5.4.x
5.5.x
5.6.x
5.7.x
5.8.x
6.0.x
6.1.x
6.2.x
6.3.x
6.4.x
6.5.x
dependabot/gradle/6.5.x/org.assertj-assertj-core-3.27.6
dependabot/gradle/main/org.assertj-assertj-core-3.27.6
docs-build
gh-16886
gh-pages
kotlin22
main
wrapperbot/spring-security/gradle-wrapper-8.10
wrapperbot/spring-security/gradle-wrapper-8.10.1
wrapperbot/spring-security/gradle-wrapper-8.10.2
wrapperbot/spring-security/gradle-wrapper-8.11
wrapperbot/spring-security/gradle-wrapper-8.11.1
wrapperbot/spring-security/gradle-wrapper-8.12
wrapperbot/spring-security/gradle-wrapper-8.12.1
wrapperbot/spring-security/gradle-wrapper-8.13
wrapperbot/spring-security/gradle-wrapper-8.14
wrapperbot/spring-security/gradle-wrapper-8.9
6.4.11
6.5.5
7.0.0-M3
6.5.4
6.4.10
7.0.0-M2
6.5.3
6.4.9
6.4.8
6.5.2
7.0.0-M1
6.4.7
6.3.10
6.5.1
6.4.6
6.5.0
6.5.0-RC1
6.4.5
6.3.9
6.4.4
6.5.0-M3
6.3.8
6.4.3
6.3.7
6.5.0-M2
6.5.0-M1
6.4.2
6.3.6
6.4.1
5.7.14
6.3.5
5.8.16
6.2.8
6.4.0
6.4.0-RC1
5.7.13
5.8.15
6.3.4
6.2.7
6.4.0-M4
6.4.0-M3
6.3.3
6.3.2
6.4.0-M2
5.8.14
6.2.6
6.4.0-M1
5.8.13
6.2.5
6.3.1
6.3.0
5.8.12
6.1.9
6.2.4
6.3.0-RC1
5.7.12
5.8.11
6.1.8
6.3.0-M3
6.2.3
5.8.10
6.1.7
6.3.0-M2
6.2.2
6.3.0-M1
5.8.9
6.1.6
6.2.1
6.2.0
6.2.0-RC2
5.8.8
6.0.8
6.1.5
6.2.0-RC1
6.2.0-M3
5.7.11
5.8.7
6.1.4
6.0.7
6.1.3
5.8.6
6.0.6
6.2.0-M2
5.7.10
5.8.5
5.6.12
6.2.0-M1
6.1.2
6.0.5
5.6.11
5.7.9
6.0.4
5.8.4
6.1.1
6.1.0
5.8.3
5.7.8
6.0.3
6.1.0-RC1
5.4.11
6.1.0-M2
5.7.7
5.8.2
6.0.2
6.1.0-M1
5.6.10
6.0.1
5.8.1
5.7.6
5.8.0
6.0.0
6.0.0-RC2
5.6.9
5.7.5
6.0.0-RC1
5.8.0-RC1
5.7.4
5.6.8
5.8.0-M3
6.0.0-M7
5.6.7
5.7.3
5.8.0-M2
6.0.0-M6
5.8.0-M1
5.6.6
5.7.2
5.5.8
5.6.5
6.0.0-M5
5.7.1
6.0.0-M4
5.5.7
5.6.4
5.7.0
5.7.0-RC1
5.5.6
5.6.3
6.0.0-M3
6.0.0-M2
5.7.0-M3
5.7.0-M2
5.6.2
5.5.5
6.0.0-M1
5.7.0-M1
5.6.1
5.3.13.RELEASE
5.4.10
5.2.15.RELEASE
5.5.4
5.2.14.RELEASE
5.6.0
5.6.0-RC1
5.4.9
5.5.3
5.2.13.RELEASE
5.3.12.RELEASE
5.6.0-M3
5.6.0-M2
5.5.2
5.4.8
5.3.11.RELEASE
5.2.12.RELEASE
5.6.0-M1
5.3.10.RELEASE
5.5.1
5.4.7
5.2.11.RELEASE
5.5.0
5.5.0-RC2
5.5.0-RC1
5.3.9.RELEASE
5.4.6
5.2.10.RELEASE
5.5.0-M3
5.4.5
5.4.4
5.4.3
5.5.0-M2
5.3.8.RELEASE
5.2.9.RELEASE
5.3.7.RELEASE
4.2.20.RELEASE
5.4.2
5.3.6.RELEASE
5.2.8.RELEASE
5.5.0-M1
5.4.1
5.3.5.RELEASE
4.2.19.RELEASE
5.2.7.RELEASE
5.1.13.RELEASE
5.0.19.RELEASE
5.4.0
5.4.0-RC1
5.3.4.RELEASE
5.1.12.RELEASE
5.0.18.RELEASE
5.2.6.RELEASE
4.2.18.RELEASE
5.4.0-M2
5.0.17.RELEASE
5.1.11.RELEASE
5.2.5.RELEASE
5.3.3.RELEASE
4.2.17.RELEASE
5.4.0-M1
5.0.16.RELEASE
5.1.10.RELEASE
5.2.4.RELEASE
5.3.2.RELEASE
4.2.16.RELEASE
5.0.15.RELEASE
4.2.15.RELEASE
5.1.9.RELEASE
5.2.3.RELEASE
5.3.1.RELEASE
5.3.0.RELEASE
4.2.14.RELEASE
5.2.2.RELEASE
5.1.8.RELEASE
5.3.0.RC1
5.0.14.RELEASE
5.3.0.M1
5.1.7.RELEASE
5.2.1.RELEASE
5.2.0.RELEASE
5.2.0.RC1
5.1.6.RELEASE
5.2.0.M4
5.0.13.RELEASE
4.2.13.RELEASE
5.2.0.M3
5.2.0.M2
4.2.12.RELEASE
5.0.12.RELEASE
5.1.5.RELEASE
5.1.4.RELEASE
5.2.0.M1
4.2.11.RELEASE
5.0.11.RELEASE
5.1.3.RELEASE
4.2.10.RELEASE
5.0.10.RELEASE
5.1.2.RELEASE
4.2.9.RELEASE
5.0.9.RELEASE
5.1.1.RELEASE
5.1.0.RELEASE
4.2.8.RELEASE
5.0.8.RELEASE
5.1.0.RC2
5.1.0.RC1
5.0.7.RELEASE
5.1.0.M2
4.2.7.RELEASE
5.0.6.RELEASE
5.1.0.M1
4.2.6.RELEASE
5.0.5.RELEASE
5.0.4.RELEASE
4.2.5.RELEASE
5.0.3.RELEASE
5.0.2.RELEASE
4.1.5.RELEASE
4.2.4.RELEASE
5.0.1.RELEASE
5.0.0.RELEASE
5.0.0.RC1
5.0.0.M5
5.0.0.M4
5.0.0.M3
5.0.0.M2
4.2.3.RELEASE
5.0.0.M1
4.2.2.RELEASE
3.2.10.RELEASE
4.2.1.RELEASE
4.1.4.RELEASE
4.2.0.RELEASE
4.2.0.RC1
4.2.0.M1
4.1.3.RELEASE
4.1.2.RELEASE
4.1.1.RELEASE
4.1.0.RELEASE
4.1.0.RC2
4.1.0.RC1
4.0.4.RELEASE
4.0.3.RELEASE
3.2.9.RELEASE
4.0.2.RELEASE
3.2.8.RELEASE
4.0.1.RELEASE
3.2.7.RELEASE
4.0.0.RELEASE
4.0.0.RC2
3.2.6.RELEASE
4.0.0.RC1
4.0.0.M2
3.1.7.RELEASE
3.2.5.RELEASE
3.2.4.RELEASE
4.0.0.M1
3.2.3.RELEASE
3.2.2.RELEASE
3.1.6.RELEASE
3.2.1.RELEASE
3.1.5.RELEASE
3.2.0.RELEASE
3.2.0.RC2
3.2.0.RC1
3.2.0.M2
3.1.4.RELEASE
3.2.0.M1
2.0.8.RELEASE
3.0.8.RELEASE
3.1.3.RELEASE
3.1.2.RELEASE
3.1.1.RELEASE
3.1.0.RELEASE
3.0.7.RELEASE
3.1.0.RC3
2.0.7.RELEASE
3.0.6.RELEASE
3.1.0.RC2
3.1.0.RC1
3.1.0.M2
3.0.5.RELEASE
3.0.4.RELEASE
2.0.6.RELEASE
3.1.0.M1
3.0.3.RELEASE
3.0.2.RELEASE
3.0.1.RELEASE
3.0.0.RELEASE
3.0.0.RC2
3.0.0.RC1
3.0.0.M2
2.0.5.RELEASE
3.0.0.M1
2.5.0.M1
2.0.4
2.0.3
2.0.2
2.0.1
1.0.7
2.0.0
2.0.0.RC1
2.0.0.M2
2.0.0.M1
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0
Luke Taylor
ed9411c660
SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/".
|
15 years ago | |
|---|---|---|
| .. | ||
| src | ed9411c660 SEC-1584: Addition of HttpFirewall strategy to FilterChainProxy to reject un-normalized requests and wrap the incoming request object before processing by the security filter chain to provide a more consistent representation of paths than is guaranteed by the servlet spec. The wrapper strips path parameters from pathInfo and servletPath to provide consistency of URL matching across servlet containers and protect against bypassing security constraints by the malicious addition of such parameters to the URL. The paths are canonicalized further by replacing of multiple sequences of "/" characters with a single "/". | 15 years ago |
| pom.xml | 25d222208d Switch version to 3.0.4-CI-SNAPSHOT. | 15 years ago |
| template.mf | e64866ae6a Updated bundlor templates and introduced spring.version variable | 15 years ago |
| web.gradle | 1872d94aa1 Porting gradle changes from master | 15 years ago |