Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CookieRequestCache handles URL encoded query parameters incorrectly #9203

Closed
mengelbrecht opened this issue Nov 13, 2020 · 1 comment
Closed

CookieRequestCache handles URL encoded query parameters incorrectly #9203

mengelbrecht opened this issue Nov 13, 2020 · 1 comment
Assignees
@eleftherias
Labels
in: web An issue in web modules (web, webmvc) status: backported An issue that has been backported to maintenance branches type: bug A general bug
Milestone
5.5.0-M2

Comments

@mengelbrecht
Copy link
Contributor

mengelbrecht commented Nov 13, 2020
edited
Loading

Describe the bug
CookieRequestCache is used to save a request which contains an URL encoded query parameter. After restoring the saved request the request contains two values for this query parameter, the URL encoded and decoded form. If HttpSessionRequestCache is used, the query parameter is only present once, in decoded form.

Tested with Spring-Security 5.4.1.

To Reproduce

  1. Run the sample project
  2. Visit the url: http://localhost:8080/?goto=https%3A%2F%2Fstart.spring.io
  3. The output is: https://start.spring.io,https%3A%2F%2Fstart.spring.io

Optional steps to see the difference to HttpSessionRequestCache:
4. Change the used RequestCache in RequestCacheConfiguration to HttpSessionRequestCache (in the sample project)
5. Visit the url from step 2
6. The output is: https://start.spring.io

Expected behavior
The query parameter should only be present in decoded form. Therefore the output in step 3 should be https://start.spring.io.

Sample
demo.zip
@mengelbrecht mengelbrecht added status: waiting-for-triage An issue we've not yet triaged type: bug A general bug labels Nov 13, 2020
@jzheaux jzheaux added in: web An issue in web modules (web, webmvc) and removed status: waiting-for-triage An issue we've not yet triaged labels Nov 24, 2020
@eleftherias eleftherias added this to the 5.5.0-M2 milestone Nov 26, 2020
@eleftherias
Copy link
Contributor

Thanks for the detailed report @mengelbrecht!
This is fixed in 7f482ed and I will be backporting it to the 5.4.x branch as well.

eleftherias added a commit that referenced this issue Nov 26, 2020
@eleftherias
Fix CookieRequestCache for URL encoded query parameters
1d96579 
Avoid populating the saved request parameters with encoded values. Since the query strings of the request and saved URL are compared and must be equal, we can just use the parameters from the incoming request.

Closes gh-9203
@jzheaux jzheaux added the for: backport-to-5.4.x Designates an issue for backport to 5.4.x label Dec 2, 2020
@spring-projects-issues spring-projects-issues added status: backported An issue that has been backported to maintenance branches and removed for: backport-to-5.4.x Designates an issue for backport to 5.4.x labels Dec 2, 2020
Closed
jzheaux pushed a commit that referenced this issue Dec 18, 2020
@zeeshanadnan @jzheaux
Remove unused code
848bd44 
Issue gh-9203
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@eleftherias eleftherias

Labels
in: web An issue in web modules (web, webmvc) status: backported An issue that has been backported to maintenance branches type: bug A general bug
Projects
None yet
Milestone
5.5.0-M2
Development

No branches or pull requests
4 participants
@mengelbrecht @jzheaux @eleftherias @spring-projects-issues