root
/
spring-framework
mirror of https://github.com/spring-projects/spring-framework.git
1
0
Fork 0
Code Issues Actions 6 Packages Projects Releases Wiki Activity

HiddenHttpMethodFilter defensively proceeds with original request in case of error dispatch 

Issue: SPR-15179
(cherry picked from commit a0df36d)
This commit is contained in:
Juergen Hoeller 2017-01-23 21:25:21 +01:00
parent fb3191904a
commit 2024b37e65
1 changed files with 13 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
spring-web/src/main/java/org/springframework/web/filter/HiddenHttpMethodFilter.java
View File

@ -1,5 +1,5 @@
/* /*
* Copyright 2002-2012 the original author or authors. * Copyright 2002-2017 the original author or authors.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -26,6 +26,7 @@ import javax.servlet.http.HttpServletResponse;
import org.springframework.util.Assert; import org.springframework.util.Assert;
import org.springframework.util.StringUtils; import org.springframework.util.StringUtils;
import org.springframework.web.util.WebUtils;
/** /**
* {@link javax.servlet.Filter} that converts posted method parameters into HTTP methods, * {@link javax.servlet.Filter} that converts posted method parameters into HTTP methods,
@ -44,6 +45,7 @@ import org.springframework.util.StringUtils;
* <i>before</i> this HiddenHttpMethodFilter in your {@code web.xml} filter chain. * <i>before</i> this HiddenHttpMethodFilter in your {@code web.xml} filter chain.
* *
* @author Arjen Poutsma * @author Arjen Poutsma
* @author Juergen Hoeller
* @since 3.0 * @since 3.0
*/ */
public class HiddenHttpMethodFilter extends OncePerRequestFilter { public class HiddenHttpMethodFilter extends OncePerRequestFilter {
@ -67,15 +69,16 @@ public class HiddenHttpMethodFilter extends OncePerRequestFilter {
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException { throws ServletException, IOException {
HttpServletRequest requestToUse = request;
if ("POST".equals(request.getMethod()) && request.getAttribute(WebUtils.ERROR_EXCEPTION_ATTRIBUTE) == null) {
String paramValue = request.getParameter(this.methodParam); String paramValue = request.getParameter(this.methodParam);
if ("POST".equals(request.getMethod()) && StringUtils.hasLength(paramValue)) { if (StringUtils.hasLength(paramValue)) {
String method = paramValue.toUpperCase(Locale.ENGLISH); requestToUse = new HttpMethodRequestWrapper(request, paramValue);
HttpServletRequest wrapper = new HttpMethodRequestWrapper(request, method);
filterChain.doFilter(wrapper, response);
} }
else {
filterChain.doFilter(request, response);
} }
filterChain.doFilter(requestToUse, response);
} }
@ -89,7 +92,7 @@ public class HiddenHttpMethodFilter extends OncePerRequestFilter {
public HttpMethodRequestWrapper(HttpServletRequest request, String method) { public HttpMethodRequestWrapper(HttpServletRequest request, String method) {
super(request); super(request);
this.method = method; this.method = method.toUpperCase(Locale.ENGLISH);
} }
@Override @Override