From 5425e5480e9c71927539627d0c0703c4d79e90c7 Mon Sep 17 00:00:00 2001
From: markt <markt@13f79535-47bb-0310-9956-ffa450edef68>
Date: Thu, 11 Aug 2011 12:46:27 +0000
Subject: [PATCH] Follow up to r1156530. Filter URL (mainly in case of &).

git-svn-id: https://svn.apache.org/repos/asf/tomcat/trunk@1156602 13f79535-47bb-0310-9956-ffa450edef68
---
 java/org/apache/catalina/connector/Response.java | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/java/org/apache/catalina/connector/Response.java b/java/org/apache/catalina/connector/Response.java
index f32afdbae..c1c726fd5 100644
--- a/java/org/apache/catalina/connector/Response.java
+++ b/java/org/apache/catalina/connector/Response.java
@@ -49,6 +49,7 @@ import org.apache.catalina.core.ApplicationSessionCookieConfig;
 import org.apache.catalina.security.SecurityUtil;
 import org.apache.catalina.util.CharsetMapper;
 import org.apache.catalina.util.DateTool;
+import org.apache.catalina.util.RequestUtil;
 import org.apache.tomcat.util.buf.CharChunk;
 import org.apache.tomcat.util.buf.UEncoder;
 import org.apache.tomcat.util.http.FastHttpDateFormat;
@@ -1335,8 +1336,8 @@ public class Response
             setStatus(SC_FOUND);
             setHeader("Location", absolute);
             PrintWriter writer = getWriter();
-            writer.print(
-                    sm.getString("coyoteResponse.sendRedirect.note", absolute));
+            writer.print(sm.getString("coyoteResponse.sendRedirect.note",
+                    RequestUtil.filter(absolute)));
             flushBuffer();
         } catch (IllegalArgumentException e) {
             setStatus(SC_NOT_FOUND);
-- 
2.11.0