You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by as...@apache.org on 2016/09/14 06:12:26 UTC
svn commit: r1760635 - in /sling/trunk/bundles/auth/core/src:
main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java
Author: asanso
Date: Wed Sep 14 06:12:26 2016
New Revision: 1760635
URL: http://svn.apache.org/viewvc?rev=1760635&view=rev
Log:
SLING-6052 - Broken impersonation
Modified:
sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
sling/trunk/bundles/auth/core/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java
Modified: sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java?rev=1760635&r1=1760634&r2=1760635&view=diff
==============================================================================
--- sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java (original)
+++ sling/trunk/bundles/auth/core/src/main/java/org/apache/sling/auth/core/impl/SlingAuthenticator.java Wed Sep 14 06:12:26 2016
@@ -1488,6 +1488,8 @@ public class SlingAuthenticator implemen
char c = value.charAt(i);
if (c == '"') {
builder.append("\\\"");
+ } else if (c == '@') {
+ builder.append(c);
} else if (c == 127 || (c < 32 && c != '\t')) {
throw new IllegalArgumentException(
"Cookie value may not contain CTL character");
Modified: sling/trunk/bundles/auth/core/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/auth/core/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java?rev=1760635&r1=1760634&r2=1760635&view=diff
==============================================================================
--- sling/trunk/bundles/auth/core/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java (original)
+++ sling/trunk/bundles/auth/core/src/test/java/org/apache/sling/auth/core/impl/SlingAuthenticatorTest.java Wed Sep 14 06:12:26 2016
@@ -45,7 +45,7 @@ public class SlingAuthenticatorTest exte
checkQuote("\"", "\"\\\"\"");
checkQuote("simplevalue", "\"simplevalue\"");
checkQuote("simple value", "\"simple+value\"");
- checkQuote("email@address.com", "\"email%40address.com\"");
+ checkQuote("email@address.com", "\"email@address.com\"");
checkQuote("string\ttab", "\"string%09tab\"");
checkQuote("test中文", "\"test%E4%B8%AD%E6%96%87\"");