Description
To customize how URL encoding in a web app occurs, we should have a UrlEncoder component. More specifically, this can be used to customize how JSESSIONID is appended to a URL (if at all, depending on security preferences).
The solution could be resolved as follows:
Create a new UrlEncoder interface:
public interface UrlEncoder { String encodeUrl(EncodeUrlRequest request); }
The EncodeUrlRequest:
public interface EncodeUrlRequest { String getUrl(); HttpServletRequest getHttpServletRequest(); HttpServletResponse getHttpServletResponse(); ServletContext getServletContext(); }
Update WebEnvironment to have a new property:
UrlEncoder getUrlEncoder();
Attachments
Issue Links
- is depended upon by
-
SHIRO-361 HttpServletResponse.encodeURL: only append JSESSIONID when necessary
- Resolved