Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-6985

parameter state may contain spaces, it must be urlencoded in response.

          Details

          • Type: Bug
          • Status: Closed
          • Priority: Minor
          • Resolution: Fixed
          • Affects Version/s: 3.1.6
          • Fix Version/s: 3.1.8, 3.2.0
          • Component/s: JAX-RS Security
          • Labels:
            None
          • Estimated Complexity:
            Unknown

            Description

            In org.apache.cxf.rs.security.oauth2.services.AbstractImplicitGrantService the state parameter is not queryEncoded. Since it could contain spaces (as of RFC 6749 https://tools.ietf.org/html/rfc6749#page-72) it should be queryEncoded in method finalizeResponse.

              Attachments

                Activity

                  People

                  • Assignee:
                    sergey_beryozkin Sergey Beryozkin
                    Reporter:
                    svein.otto.solem@kantega.no Svein Otto Solem
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    2 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: