diff options
Diffstat (limited to 'id/server/idserverlib/src/main')
-rw-r--r-- | id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java | 24 |
1 files changed, 23 insertions, 1 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java index b8b53e7f3..8a7b2a8bd 100644 --- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java +++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/proxy/DefaultConnectionBuilder.java @@ -18,6 +18,9 @@ package at.gv.egovernment.moa.id.proxy; import java.io.IOException; import java.io.UnsupportedEncodingException; import java.net.HttpURLConnection; +import java.net.MalformedURLException; +import java.net.URI; +import java.net.URISyntaxException; import java.net.URL; import java.util.Iterator; import java.util.Vector; @@ -70,7 +73,10 @@ public class DefaultConnectionBuilder implements ConnectionBuilder { Vector parameters) throws IOException { - String requestedURL = req.getRequestURL().toString(); + // Bug [#540] + //String requestedURL = req.getRequestURL().toString(); + String requestedURL = escapeUrl(req.getRequestURL().toString()); + // check whether requested URL starts with publicURLPrefix //Temporary allow http:// urls instead of the https:// in publicURLPrefix @@ -109,6 +115,22 @@ public class DefaultConnectionBuilder implements ConnectionBuilder { return conn; } + private static String escapeUrl(String unescapedUrlString) throws RuntimeException { + try { + URL unescapedUrl = new URL(unescapedUrlString); + String protocol = unescapedUrl.getProtocol(); + String fragment = unescapedUrl.getRef(); + String ssp = unescapedUrlString.substring(protocol.length() + 1, unescapedUrlString.length() - ((fragment == null) ? 0 : fragment.length() + 1)); + + URL url2 = new URI(protocol, ssp, fragment).toURL(); + return url2.toExternalForm(); + } catch (MalformedURLException e) { + throw new RuntimeException(e); + } catch (URISyntaxException e) { + throw new RuntimeException(e); + } + } + /** * Disconnects the HttpURLConnection if necessary. |