opendev/gerrit
Code Issues Proposed changes

Merge branch 'stable-2.14'

Browse Source 
* stable-2.14:
  Trim leading slash from redirect after oauth login

Change-Id: I74adaa0717a4de6cb18de10379c0791365f83d68
This commit is contained in:
David Pursehouse
2017-04-25 07:22:58 +02:00
parent 153a469b6e aa0baaecb4
commit 62b1963ee9
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
gerrit-oauth/src/main/java/com/google/gerrit/httpd/auth/oauth/OAuthSession.java
View File

@@ -16,6 +16,7 @@ package com.google.gerrit.httpd.auth.oauth;
import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED; import static javax.servlet.http.HttpServletResponse.SC_UNAUTHORIZED;
import com.google.common.base.CharMatcher;
import com.google.common.base.Strings; import com.google.common.base.Strings;
import com.google.gerrit.extensions.auth.oauth.OAuthServiceProvider; import com.google.gerrit.extensions.auth.oauth.OAuthServiceProvider;
import com.google.gerrit.extensions.auth.oauth.OAuthToken; import com.google.gerrit.extensions.auth.oauth.OAuthToken;
@@ -154,8 +155,9 @@ class OAuthSession {
webSession.get().login(arsp, true); webSession.get().login(arsp, true);
String suffix = redirectToken.substring(OAuthWebFilter.GERRIT_LOGIN.length() + 1); String suffix = redirectToken.substring(OAuthWebFilter.GERRIT_LOGIN.length() + 1);
suffix = CharMatcher.anyOf("/").trimLeadingFrom(Url.decode(suffix));
StringBuilder rdr = new StringBuilder(urlProvider.get(req)); StringBuilder rdr = new StringBuilder(urlProvider.get(req));
rdr.append(Url.decode(suffix)); rdr.append(suffix);
rsp.sendRedirect(rdr.toString()); rsp.sendRedirect(rdr.toString());
} }