GitHub-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Decode cookie once in AbstractRememberMeServices 

Issue gh-9192
pull/9197/head
zhuang 5 years ago committed by GitHub
parent
34a21cd80c
commit
ff58ac836e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java

4
web/src/main/java/org/springframework/security/web/authentication/rememberme/AbstractRememberMeServices.java
Unescape View File

@ -208,13 +208,13 @@ public abstract class AbstractRememberMeServices
for (int j = 0; j < cookieValue.length() % 4; j++) { for (int j = 0; j < cookieValue.length() % 4; j++) {
cookieValue = cookieValue + "="; cookieValue = cookieValue + "=";
} }
String cookieAsPlainText;
try { try {
Base64.getDecoder().decode(cookieValue.getBytes()); cookieAsPlainText = new String(Base64.getDecoder().decode(cookieValue.getBytes()));
} }
catch (IllegalArgumentException ex) { catch (IllegalArgumentException ex) {
throw new InvalidCookieException("Cookie token was not Base64 encoded; value was '" + cookieValue + "'"); throw new InvalidCookieException("Cookie token was not Base64 encoded; value was '" + cookieValue + "'");
} }
String cookieAsPlainText = new String(Base64.getDecoder().decode(cookieValue.getBytes()));
String[] tokens = StringUtils.delimitedListToStringArray(cookieAsPlainText, DELIMITER); String[] tokens = StringUtils.delimitedListToStringArray(cookieAsPlainText, DELIMITER);
for (int i = 0; i < tokens.length; i++) { for (int i = 0; i < tokens.length; i++) {
try { try {

Write Preview
Loading…
Cancel
Save