From 538e75ce1bb46ec5b301f424604db1b7a9a0d94c Mon Sep 17 00:00:00 2001
From: Luke Taylor <luke.taylor@springsource.com>
Date: Wed, 1 Feb 2012 13:21:16 +0000
Subject: [PATCH] SEC-1903: Use a static CRLF Pattern in FirewalledResponse

The Pattern was being recompiled for every request
when a single instance could be shared for performance
reasons.
---
 .../security/web/firewall/FirewalledResponse.java               | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/src/main/java/org/springframework/security/web/firewall/FirewalledResponse.java b/web/src/main/java/org/springframework/security/web/firewall/FirewalledResponse.java
index 95364af808..b7360091a0 100644
--- a/web/src/main/java/org/springframework/security/web/firewall/FirewalledResponse.java
+++ b/web/src/main/java/org/springframework/security/web/firewall/FirewalledResponse.java
@@ -9,7 +9,7 @@ import java.util.regex.Pattern;
  * @author Luke Taylor
  */
 class FirewalledResponse extends HttpServletResponseWrapper {
-    Pattern CR_OR_LF = Pattern.compile("\\r|\\n");
+    private static final Pattern CR_OR_LF = Pattern.compile("\\r|\\n");
 
     public FirewalledResponse(HttpServletResponse response) {
         super(response);