You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Svein Otto Solem (JIRA)" <ji...@apache.org> on 2016/08/01 10:03:20 UTC

[jira] [Created] (CXF-6985) parameter state may contain spaces, it must be urlencoded in response.

Svein Otto Solem created CXF-6985:
-------------------------------------

             Summary: parameter state may contain spaces, it must be urlencoded in response.
                 Key: CXF-6985
                 URL: https://issues.apache.org/jira/browse/CXF-6985
             Project: CXF
          Issue Type: Bug
          Components: JAX-RS Security
    Affects Versions: 3.1.6
            Reporter: Svein Otto Solem
            Priority: Minor


In org.apache.cxf.rs.security.oauth2.services.AbstractImplicitGrantService the state parameter is not queryEncoded. Since it could contain spaces (as of RFC 6749 https://tools.ietf.org/html/rfc6749#page-72) it should be queryEncoded in method finalizeResponse.









--
This message was sent by Atlassian JIRA
(v6.3.4#6332)