MockHttpServletRequest should honor scheme in isSecure() method [SPR-12098]

[spring-projects-issues]

Eujung Kim opened SPR-12098 and commented

javadoc for ServletRequest.isSecure() is as follow.

Returns a boolean indicating whether this request was made using a secure channel, such as HTTPS.

But isSecure() in MockHttpServletRequest returns only this.secure set by setSecure(boolean) method.

And the method does not refer value of scheme(http or https ...)

I think isSecure() should return "true" if scheme is "https".

---

Affects: 4.0 GA

Referenced from: commits 0b0ddc6

1 votes, 3 watchers

[spring-projects-issues]

Eujung Kim commented

I improve MockHttpServletRequest to solve this issue.

#627

Thanks.

[spring-projects-issues]

Sam Brannen commented

Thanks for suggesting this improvement.

I have implemented the suggestion on master with additional documentation.

Cheers,

Sam

[spring-projects-issues]

Sam Brannen commented

Completed as described in the comments for GitHub commit 0b0ddc6:

Honor scheme in MockHttpServletRequest.isSecure()

Prior to this commit the implementation of isSecure() in
MockHttpServletRequest simply returned the value of the 'secure'
boolean flag. Thus setting the scheme to 'https' had no effect on the
value returned by isSecure() even though most non-mock implementations
(e.g., Tomcat, Jetty, etc.) base the return value on the actual scheme
in the request.

This commit makes the behavior of MockHttpServletRequest.isSecure()
more intuitive by honoring both the 'secure' boolean flag and the
current value of the scheme.