cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/2] cxf-fediz git commit: Loosen the scheme restriction for the IdP
Date Fri, 22 Jan 2016 15:49:07 GMT
Loosen the scheme restriction for the IdP


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/a9e8f8e5
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/a9e8f8e5
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/a9e8f8e5

Branch: refs/heads/master
Commit: a9e8f8e53ae8cbeb72dc46db965cd543066341d6
Parents: 6a8e7a7
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Fri Jan 22 13:58:14 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Fri Jan 22 15:49:01 2016 +0000

----------------------------------------------------------------------
 .../org/apache/cxf/fediz/service/idp/beans/STSClientAction.java  | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/a9e8f8e5/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
index fcd3f8e..dcbcc53 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/beans/STSClientAction.java
@@ -316,8 +316,8 @@ public class STSClientAction {
             (String)WebUtils.getAttributeFromFlowScope(context, FederationConstants.PARAM_REPLY);
         
         // Validate it first using commons-validator
-        String[] schemes = {"https"};
-        UrlValidator urlValidator = new UrlValidator(schemes, UrlValidator.ALLOW_LOCAL_URLS);
+        UrlValidator urlValidator = new UrlValidator(UrlValidator.ALLOW_LOCAL_URLS
+                                                     + UrlValidator.ALLOW_ALL_SCHEMES);
         if (!urlValidator.isValid(wreply)) {
             LOG.warn("The given wreply parameter {} is not a valid URL", wreply);
             throw new ProcessingException(TYPE.BAD_REQUEST);


Mime
View raw message