Follow up to r1156530. Filter URL (mainly in case of &).

author markt <markt@13f79535-47bb-0310-9956-ffa450edef68>

Thu, 11 Aug 2011 12:46:27 +0000 (12:46 +0000)

committer markt <markt@13f79535-47bb-0310-9956-ffa450edef68>

Thu, 11 Aug 2011 12:46:27 +0000 (12:46 +0000)
author markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Thu, 11 Aug 2011 12:46:27 +0000 (12:46 +0000)
committer markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Thu, 11 Aug 2011 12:46:27 +0000 (12:46 +0000)
diff --git a/java/org/apache/catalina/connector/Response.java b/java/org/apache/catalina/connector/Response.java

index f32afdb..c1c726f 100644 (file)
--- a/java/org/apache/catalina/connector/Response.java
+++ b/java/org/apache/catalina/connector/Response.java
@@ -49,6 +49,7 @@ import org.apache.catalina.core.ApplicationSessionCookieConfig;
  import org.apache.catalina.security.SecurityUtil;
  import org.apache.catalina.util.CharsetMapper;
  import org.apache.catalina.util.DateTool;
+import org.apache.catalina.util.RequestUtil;
  import org.apache.tomcat.util.buf.CharChunk;
  import org.apache.tomcat.util.buf.UEncoder;
  import org.apache.tomcat.util.http.FastHttpDateFormat;
@@ -1335,8 +1336,8 @@ public class Response
              setStatus(SC_FOUND);
              setHeader("Location", absolute);
              PrintWriter writer = getWriter();
-            writer.print(
-                    sm.getString("coyoteResponse.sendRedirect.note", absolute));
+            writer.print(sm.getString("coyoteResponse.sendRedirect.note",
+                    RequestUtil.filter(absolute)));
              flushBuffer();
          } catch (IllegalArgumentException e) {
              setStatus(SC_NOT_FOUND);
author	markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
	Thu, 11 Aug 2011 12:46:27 +0000 (12:46 +0000)
committer	markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
	Thu, 11 Aug 2011 12:46:27 +0000 (12:46 +0000)