geronimo-scm mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From genspr...@apache.org
Subject svn commit: r1024477 - /geronimo/server/trunk/plugins/console/console-filter/src/main/java/org/apache/geronimo/console/filter/XSRFHandler.java
Date Wed, 20 Oct 2010 01:21:28 GMT
Author: genspring
Date: Wed Oct 20 01:21:28 2010
New Revision: 1024477

URL: http://svn.apache.org/viewvc?rev=1024477&view=rev
Log:
GERONIMO-5407 XSSXSRFFilter error in G 3.0-M1 jetty build when trying to list plugins in admin
console.   jetty's request.getQueryString() will return a zero length string instead of null
for a request like this "http://localhost:8080/console/xxx?"

Modified:
    geronimo/server/trunk/plugins/console/console-filter/src/main/java/org/apache/geronimo/console/filter/XSRFHandler.java

Modified: geronimo/server/trunk/plugins/console/console-filter/src/main/java/org/apache/geronimo/console/filter/XSRFHandler.java
URL: http://svn.apache.org/viewvc/geronimo/server/trunk/plugins/console/console-filter/src/main/java/org/apache/geronimo/console/filter/XSRFHandler.java?rev=1024477&r1=1024476&r2=1024477&view=diff
==============================================================================
--- geronimo/server/trunk/plugins/console/console-filter/src/main/java/org/apache/geronimo/console/filter/XSRFHandler.java
(original)
+++ geronimo/server/trunk/plugins/console/console-filter/src/main/java/org/apache/geronimo/console/filter/XSRFHandler.java
Wed Oct 20 01:21:28 2010
@@ -85,7 +85,9 @@ public class XSRFHandler
             return false;
         }
 
-        if ((hreq.getQueryString() != null) || (hreq.getParameterNames().hasMoreElements()))
{
+        if ((hreq.getQueryString() != null && hreq.getQueryString().length() >
0)
+                || (hreq.getParameterNames().hasMoreElements())) {
+            
             
             if (hreq.getParameterMap().keySet().size() == 1 && hreq.getParameter(NOXSS_SHOW_TREE)
!= null) {
 



Mime
View raw message