I have added a pull request(include testcase) to fix this vulnerability
https://github.com/apache/sling/pull/12 On Thu, Mar 6, 2014 at 4:32 PM, bond <[email protected]> wrote: > I got this on one of the scans as well. The problem lies in > > http://svn.apache.org/repos/asf/sling/trunk/bundles/auth/form/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java > , > FYI in my case > > Code in trunk: > if (resource != null) { > try { > response.sendRedirect(resource); > } catch (IOException ioe) { > log.error("Failed to send redirect to: " + > resource, ioe); > } > > // terminate request, all done > result = true; > } > > Suggested code change, change response.sendRedirect to senRedirect(This > method url encodes the resource parameter): > if (resource != null) { > try { > sendRedirect(resource); > } catch (IOException ioe) { > log.error("Failed to send redirect to: " + > resource, ioe); > } > > // terminate request, all done > result = true; > } > > > > -- > View this message in context: > http://apache-sling.73963.n3.nabble.com/Sling-redirect-as-a-security-vulnerability-tp4031637p4031741.html > Sent from the Sling - Users mailing list archive at Nabble.com. > -- *Ravi Teja Lokineni* | Software Engineer Oracle India Pvt. Ltd. E: [email protected] <https://www.linkedin.com/in/ravitejalokineni>
