[
https://issues.apache.org/jira/browse/WICKET-864?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Matej Knopp resolved WICKET-864.
--------------------------------
Resolution: Fixed
> HttpServletResponse.encodeRedirectURL() missing in WicketFilter
> ---------------------------------------------------------------
>
> Key: WICKET-864
> URL: https://issues.apache.org/jira/browse/WICKET-864
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Affects Versions: 1.3.0-beta2
> Environment: Tomcat 5.5.23, OS X
> Reporter: Roland Foerther
> Fix For: 1.3.0-beta4
>
>
> In class org.apache.wicket.protocol.http.WicketFilter in method doGet a
> redirect URL is not encoded with HttpServletResponse.encodeRedirectUrl():
> 168 // Special-case for home page - we redirect to add a trailing slash.
> if (relativePath.length() == 0
> &&
> !Strings.stripJSessionId(servletRequest.getRequestURI()).endsWith("/"))
> {
> final String redirectUrl =
> servletRequest.getRequestURI() + "/";
> --------> servletResponse.sendRedirect(redirectUrl);
> return;
> }
> From Wicket's perspective this seems to be not necessary here to support
> cookie-less mode. But notice that an application may depend on a session
> outside the wicket scope e.g. by including a ServletFilter in front of
> WicketFilter, which handles data in session scope.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
