(ofbiz-framework) branch release18.12 updated: Fixed: Reject wrong URLs (OFBIZ-13006)

Thu, 11 Apr 2024 06:40:59 -0700 

This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/release18.12 by this push:
     new ff316b6e22 Fixed: Reject wrong URLs (OFBIZ-13006)
ff316b6e22 is described below

commit ff316b6e224b9cb8e3873689f7e6f997af89398a
Author: Jacques Le Roux <jacques.le.r...@les7arts.com>
AuthorDate: Thu Apr 11 15:38:36 2024 +0200

    Fixed: Reject wrong URLs (OFBIZ-13006)
    
    Fixes compile errors when backported from trunk
---
 .../src/main/java/org/apache/ofbiz/webapp/control/ControlFilter.java | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git 
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ControlFilter.java
 
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ControlFilter.java
index c77bd57817..235019f7d4 100644
--- 
a/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ControlFilter.java
+++ 
b/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ControlFilter.java
@@ -21,7 +21,6 @@ package org.apache.ofbiz.webapp.control;
 import java.io.IOException;
 import java.net.URI;
 import java.net.URISyntaxException;
-import java.nio.file.Paths;
 import java.util.HashSet;
 import java.util.Set;
 
@@ -136,8 +135,8 @@ public class ControlFilter implements Filter {
 
             // Reject wrong URLs
             try {
-                String url = new 
URI(req.getRequestURL().toString()).normalize().toString();
-                if (!req.getRequestURL().toString().equals(url)) {
+                String url = new URI(((HttpServletRequest) 
request).getRequestURL().toString()).normalize().toString();
+                if (!((HttpServletRequest) 
request).getRequestURL().toString().equals(url)) {
                     throw new RuntimeException();
                 }
             } catch (URISyntaxException e) {

Reply via email to