root
/
spring-framework
mirror of https://github.com/spring-projects/spring-framework.git
1
0
Fork 0
Code Issues Actions 6 Packages Projects Releases Wiki Activity

Make removal of jsessionid case insensitive 

Issue: SPR-10398
This commit is contained in:
Rossen Stoyanchev 2013-05-14 22:06:59 -04:00
parent 9c194699c7
commit 92bbd8103b
2 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
spring-web/src/main/java/org/springframework/web/util/UrlPathHelper.java
View File

@ -457,7 +457,7 @@ public class UrlPathHelper {
} }
private String removeJsessionid(String requestUri) { private String removeJsessionid(String requestUri) {
int startIndex = requestUri.indexOf(";jsessionid="); int startIndex = requestUri.toLowerCase().indexOf(";jsessionid=");
if (startIndex != -1) { if (startIndex != -1) {
int endIndex = requestUri.indexOf(';', startIndex + 12); int endIndex = requestUri.indexOf(';', startIndex + 12);
String start = requestUri.substring(0, startIndex); String start = requestUri.substring(0, startIndex);

10
spring-web/src/test/java/org/springframework/web/util/UrlPathHelperTests.java
View File

@ -16,9 +16,6 @@
package org.springframework.web.util; package org.springframework.web.util;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNull;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import org.junit.Before; import org.junit.Before;
@ -26,6 +23,8 @@ import org.junit.Ignore;
import org.junit.Test; import org.junit.Test;
import org.springframework.mock.web.test.MockHttpServletRequest; import org.springframework.mock.web.test.MockHttpServletRequest;
import static org.junit.Assert.*;
/** /**
* @author Rob Harrop * @author Rob Harrop
* @author Juergen Hoeller * @author Juergen Hoeller
@ -111,6 +110,11 @@ public class UrlPathHelperTests {
request.setRequestURI("/foo;a=b;jsessionid=c0o7fszeb1;c=d"); request.setRequestURI("/foo;a=b;jsessionid=c0o7fszeb1;c=d");
assertEquals("jsessionid should always be removed", "/foo;a=b;c=d", helper.getRequestUri(request)); assertEquals("jsessionid should always be removed", "/foo;a=b;c=d", helper.getRequestUri(request));
// SPR-10398
request.setRequestURI("/foo;a=b;JSESSIONID=c0o7fszeb1;c=d");
assertEquals("JSESSIONID should always be removed", "/foo;a=b;c=d", helper.getRequestUri(request));
} }
@Test @Test