spring-boot

mirror of https://github.com/spring-projects/spring-boot.git synced 2024-08-29 03:06:45 +08:00

History

Madhura Bhave 3460c24a16 Ignore context path when calling privilege evaluator Previously, the error page security filter passed the request's URI to the privilege evaluator. This was incorrect in applications with a custom context path as the privilege evaluator must be passed a path that does not include the context path and the request URI includes the context path. This commit updates the filter to use UrlPathHelper's pathWithinApplication instead. The path within the application does not include the context path. In addition, pathWithinAppliation also correctly handles applications configured with a servlet mapping other than the default of /. Closes gh-29299 Co-Authored-By: Andy Wilkinson <wilkinsona@vmware.com>	2022-01-20 12:36:18 +00:00
..
src	Ignore context path when calling privilege evaluator	2022-01-20 12:36:18 +00:00
build.gradle	Remove use of Thymeleaf from smoke tests	2021-11-23 12:13:05 -06:00

Madhura Bhave 3460c24a16 Ignore context path when calling privilege evaluator

Previously, the error page security filter passed the request's URI
to the privilege evaluator. This was incorrect in applications with
a custom context path as the privilege evaluator must be passed a
path that does not include the context path and the request URI
includes the context path.

This commit updates the filter to use UrlPathHelper's
pathWithinApplication instead. The path within the application does
not include the context path. In addition, pathWithinAppliation
also correctly handles applications configured with a servlet
mapping other than the default of /.

Closes gh-29299

Co-Authored-By: Andy Wilkinson <wilkinsona@vmware.com>

2022-01-20 12:36:18 +00:00

src

Ignore context path when calling privilege evaluator

2022-01-20 12:36:18 +00:00

build.gradle

Remove use of Thymeleaf from smoke tests

2021-11-23 12:13:05 -06:00