You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by mg...@apache.org on 2020/12/09 15:23:10 UTC
[wicket] branch master updated: WICKET-6858 Do not lower case the
session cookie name
This is an automated email from the ASF dual-hosted git repository.
mgrigorov pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/master by this push:
new ae02106 WICKET-6858 Do not lower case the session cookie name
ae02106 is described below
commit ae02106ba1f53d854d99a93163141a20dace07a0
Author: Martin Tzvetanov Grigorov <mg...@apache.org>
AuthorDate: Wed Dec 9 17:22:18 2020 +0200
WICKET-6858 Do not lower case the session cookie name
---
.../org/apache/wicket/util/string/Strings.java | 2 +-
.../org/apache/wicket/util/string/StringsTest.java | 22 +++++++++++++++++++++-
2 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/wicket-util/src/main/java/org/apache/wicket/util/string/Strings.java b/wicket-util/src/main/java/org/apache/wicket/util/string/Strings.java
index 8427566..d0cda0f 100755
--- a/wicket-util/src/main/java/org/apache/wicket/util/string/Strings.java
+++ b/wicket-util/src/main/java/org/apache/wicket/util/string/Strings.java
@@ -915,7 +915,7 @@ public final class Strings
}
// http://.../abc;jsessionid=...?param=...
- int ixSemiColon = url.toLowerCase(Locale.ROOT).indexOf(SESSION_ID_PARAM);
+ int ixSemiColon = url.indexOf(SESSION_ID_PARAM);
if (ixSemiColon == -1)
{
return url;
diff --git a/wicket-util/src/test/java/org/apache/wicket/util/string/StringsTest.java b/wicket-util/src/test/java/org/apache/wicket/util/string/StringsTest.java
index 4797d94..3a0ce9a 100644
--- a/wicket-util/src/test/java/org/apache/wicket/util/string/StringsTest.java
+++ b/wicket-util/src/test/java/org/apache/wicket/util/string/StringsTest.java
@@ -24,6 +24,8 @@ import static org.junit.jupiter.api.Assertions.assertThrows;
import static org.junit.jupiter.api.Assertions.assertTrue;
import java.io.UnsupportedEncodingException;
+import java.lang.reflect.Field;
+import java.lang.reflect.Modifier;
import java.util.Arrays;
import java.util.List;
@@ -33,7 +35,7 @@ import org.junit.jupiter.api.Test;
public class StringsTest
{
@Test
- void stripJSessionId()
+ void stripJSessionId() throws Exception
{
String url = "http://localhost/abc";
assertEquals(url, Strings.stripJSessionId(url));
@@ -50,6 +52,24 @@ public class StringsTest
assertEquals(url + ";a=b;c=d", Strings.stripJSessionId(url + ";a=b;c=d;jsessionid=12345"));
assertEquals(url + ";a=b;c=d?param=a;b",
Strings.stripJSessionId(url + ";a=b;c=d;jsessionid=12345?param=a;b"));
+
+ // WICKET-6858
+ final Field sessionIdParamField = Strings.class.getDeclaredField("SESSION_ID_PARAM");
+ sessionIdParamField.setAccessible(true);
+ Field modifiersField = Field.class.getDeclaredField( "modifiers");
+ modifiersField.setAccessible(true);
+ try {
+ final String customSessionIdParam = ";Custom seSsion - ид=";
+ modifiersField.setInt(sessionIdParamField, sessionIdParamField.getModifiers() & ~Modifier.FINAL );
+ sessionIdParamField.set(null, customSessionIdParam);
+ assertEquals(url + ";a=b;c=d?param=a;b",
+ Strings.stripJSessionId(url + ";a=b;c=d" + customSessionIdParam + "12345?param=a;b"));
+ } finally {
+ sessionIdParamField.set(null, "jsessionid");
+ modifiersField.setInt(sessionIdParamField, sessionIdParamField.getModifiers() & Modifier.FINAL );
+ modifiersField.setAccessible(false);
+ sessionIdParamField.setAccessible(false);
+ }
}
@Test