This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git
The following commit(s) were added to refs/heads/trunk by this push:
new 0d9ac6e4b2 Improved: Normalize contextPath in hasBasePermission
(OFBIZ-12887)
0d9ac6e4b2 is described below
commit 0d9ac6e4b22d1e0ba84913c43afe7243847ea833
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Sun Feb 4 10:41:33 2024 +0100
Improved: Normalize contextPath in hasBasePermission (OFBIZ-12887)
Better have a normalized contextPath in LoginWorker::hasBasePermission
---
.../main/java/org/apache/ofbiz/webapp/control/LoginWorker.java | 9 +++++++++
1 file changed, 9 insertions(+)
diff --git
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
index cd10879cf6..7cee010415 100644
---
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
+++
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/LoginWorker.java
@@ -21,6 +21,8 @@ package org.apache.ofbiz.webapp.control;
import static org.apache.ofbiz.base.util.UtilGenerics.checkMap;
import java.math.BigInteger;
+import java.net.URI;
+import java.net.URISyntaxException;
import java.security.cert.X509Certificate;
import java.sql.Timestamp;
import java.util.ArrayList;
@@ -1372,6 +1374,13 @@ public final class LoginWorker {
if (UtilValidate.isEmpty(contextPath)) {
contextPath = "/";
}
+
+ try {
+ contextPath = new URI(contextPath).normalize().toString();
+ } catch (URISyntaxException e) {
+ throw new RuntimeException(e);
+ }
+
ComponentConfig.WebappInfo info =
ComponentConfig.getWebAppInfo(serverId, contextPath);
if (info != null) {
return hasApplicationPermission(info, security, userLogin);
