added fix for proper UTF matching

author maxcooper <maxcooper>

Sun, 30 Mar 2003 10:33:02 +0000 (10:33 +0000)

committer maxcooper <maxcooper>

Sun, 30 Mar 2003 10:33:02 +0000 (10:33 +0000)
author maxcooper <maxcooper>
Sun, 30 Mar 2003 10:33:02 +0000 (10:33 +0000)
committer maxcooper <maxcooper>
Sun, 30 Mar 2003 10:33:02 +0000 (10:33 +0000)
diff --git a/src/share/org/securityfilter/filter/SecurityFilter.java b/src/share/org/securityfilter/filter/SecurityFilter.java

index 51f341f..3e1f665 100644 (file)
--- a/src/share/org/securityfilter/filter/SecurityFilter.java
+++ b/src/share/org/securityfilter/filter/SecurityFilter.java
@@ -1,7 +1,7 @@
  /*
- * $Header: /cvsroot/securityfilter/securityfilter/src/share/org/securityfilter/filter/SecurityFilter.java,v 1.16 2003/02/08 08:52:43 maxcooper Exp $
- * $Revision: 1.16 $
- * $Date: 2003/02/08 08:52:43 $
+ * $Header: /cvsroot/securityfilter/securityfilter/src/share/org/securityfilter/filter/SecurityFilter.java,v 1.17 2003/03/30 10:33:02 maxcooper Exp $
+ * $Revision: 1.17 $
+ * $Date: 2003/03/30 10:33:02 $
   *
   * ====================================================================
   * The SecurityFilter Software License, Version 1.1
@@ -77,7 +77,7 @@ import java.util.*;
   * @author Max Cooper (max@maxcooper.com)
   * @author Daya Sharma (iamdaya@yahoo.com, billydaya@sbcglobal.net)
   * @author Torgeir Veimo (torgeir@pobox.com)
- * @version $Revision: 1.16 $ $Date: 2003/02/08 08:52:43 $
+ * @version $Revision: 1.17 $ $Date: 2003/03/30 10:33:02 $
   */
  public class SecurityFilter implements Filter {
     public static final String SAVED_REQUEST_URL = SecurityFilter.class.getName() + ".SAVED_REQUEST_URL";
@@ -477,20 +477,18 @@ public class SecurityFilter implements Filter {
     /**
      * Return a URL that can be matched against security URL patterns.<p>
      *
-    * This is the part after the contextPath, with no query string.<br>
+    * This is the part after the contextPath, with the pathInfo, but without the query string.<br>
      * http://server:8080/contextPath/someURL.jsp?param=value becomes /someURL.jsp
      *
      * @param request the request to construct a matchable URL for
      */
     private String getMatchableURL(HttpServletRequest request) {
-      // extract the request URL portion that needs to be checked
-      String matchableURL = request.getRequestURI();
-      // remove the contextPath
-      matchableURL = matchableURL.substring(request.getContextPath().length());
-      // use PathInfo if this request didn't match a servlet name
+      // extract the servlet path portion that needs to be checked
+      String matchableURL = request.getServletPath();
+      // add the pathInfo, as it needs to be part of the URL we check
        String pathInfo = request.getPathInfo();
-      if ("/".equals(matchableURL) && pathInfo != null) {
-         matchableURL = pathInfo;
+      if (pathInfo != null) {
+         matchableURL = matchableURL + pathInfo;
        }
        return matchableURL;
     }
author	maxcooper <maxcooper>
	Sun, 30 Mar 2003 10:33:02 +0000 (10:33 +0000)
committer	maxcooper <maxcooper>
	Sun, 30 Mar 2003 10:33:02 +0000 (10:33 +0000)