Skip to content

Commit

Permalink
enh: follow desired request scheme when doing redirection
Browse files Browse the repository at this point in the history
  • Loading branch information
lprimak committed Sep 17, 2024
1 parent b3fe8f6 commit 8ece8a3
Showing 1 changed file with 11 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -58,6 +58,7 @@
import org.apache.shiro.web.subject.WebSubjectContext;
import org.apache.shiro.web.util.WebUtils;
import org.omnifaces.util.Servlets;
import org.omnifaces.util.Utils;

/**
* Stops JEE server from interpreting Shiro principal as direct EJB principal,
Expand All @@ -83,7 +84,7 @@ private static class WrappedRequest extends ShiroHttpServletRequest {
@Getter(value = AccessLevel.PRIVATE, lazy = true)
private final boolean httpsNeeded = createHttpButNeedHttps();
@Getter(value = AccessLevel.PRIVATE, lazy = true)
private final StringBuffer secureRequestURL = rewriteHttpToHttps();
private final StringBuffer secureRequestURL = httpsRequestURL();

WrappedRequest(HttpServletRequest wrapped, ServletContext servletContext, boolean httpSessions) {
super(wrapped, servletContext, httpSessions);
Expand Down Expand Up @@ -127,7 +128,7 @@ private boolean createHttpButNeedHttps() {
.getHeader(X_FORWARDED_PROTO));
}

private StringBuffer rewriteHttpToHttps() {
private StringBuffer httpsRequestURL() {
return new StringBuffer(HTTP_TO_HTTPS.matcher(super.getRequestURL())
.replaceFirst(HTTPS_SCHEME + "$1"));
}
Expand All @@ -147,6 +148,14 @@ public void addCookie(Cookie cookie) {
super.addCookie(cookie);
}
}

@Override
public void sendRedirect(String location) throws IOException {
if (!Utils.startsWithOneOf(location, new String[]{"http://", "https://"})) {
location = Servlets.getRequestDomainURL(WebUtils.toHttp(request)) + location;
}
super.sendRedirect(location);
}
}

@RequiredArgsConstructor
Expand Down

0 comments on commit 8ece8a3

Please sign in to comment.