ForwardedHeaderFilter.ForwardedHeaderRequestWrapper does not preserve encoding of requestURI [SPR-15422]

[spring-projects-issues]

Bryan Kelly opened SPR-15422 and commented

After adding the ForwardedHeaderFilter to our application we noticed that requests that are wrapped by the ForwardedHeaderRequestWrapper will no longer preserve encoding of the request.getRequestUri() and request.getRequestURL(). This is problematic when injecting a UriComponentsBuilder instance into a controller method because it will throw an Illegal character in path at index if the path contains characters that are expected to be encoded.

---

Affects: 4.3.7, 5.0 M5

Issue Links:

• ForwardedHeaderFilter.ForwardedHeaderRequestWrapper does not preserve ; [SPR-15428] #19989 ForwardedHeaderFilter.ForwardedHeaderRequestWrapper does not preserve ;

[spring-projects-issues]

Rob Winch commented

Thanks for the report! This is now fixed in 4.3.x and master. I also fixed a related issue in which path variables were stripped out. See #19989

[spring-projects-issues]

Bryan Kelly commented

I have been able to confirm that the changes fix the issue that was reported.