svn commit: r600279 - /ofbiz/branches/release4.0/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

svn commit: r600279 - /ofbiz/branches/release4.0/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java

jleroux@apache.org
Author: jleroux
Date: Sun Dec  2 04:58:59 2007
New Revision: 600279

URL: http://svn.apache.org/viewvc?rev=600279&view=rev
Log:
Applied fix from trunk for revision: 600278

Modified:
    ofbiz/branches/release4.0/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java

Modified: ofbiz/branches/release4.0/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/release4.0/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=600279&r1=600278&r2=600279&view=diff
==============================================================================
--- ofbiz/branches/release4.0/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java (original)
+++ ofbiz/branches/release4.0/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java Sun Dec  2 04:58:59 2007
@@ -21,6 +21,8 @@
 import java.util.*;
 import java.security.cert.X509Certificate;
 import java.math.BigInteger;
+import java.net.URLEncoder;
+import java.io.UnsupportedEncodingException;
 
 import javax.servlet.ServletContext;
 import javax.servlet.ServletRequest;
@@ -87,8 +89,21 @@
             String paramName = (String) parameterNames.nextElement();
 
             if (paramName != null) {
-                if (queryString == null) queryString = paramName + "=" + request.getParameter(paramName);
-                else queryString = queryString + "&" + paramName + "=" + request.getParameter(paramName);
+                String sane_paramName, sane_value;
+                try {
+                    sane_paramName = URLEncoder.encode((String) paramName, "UTF-8");
+                    sane_value = URLEncoder.encode(request.getParameter(paramName), "UTF-8");
+                } catch (UnsupportedEncodingException ex) {
+                    Debug.logError(ex, module);
+                    sane_paramName = paramName;
+                    sane_value = request.getParameter(paramName);
+                }
+
+                if (queryString == null) {
+                    queryString = sane_paramName + "=" + sane_value;
+                } else {
+                    queryString = queryString + "&" + sane_paramName + "=" + sane_value;
+                }
             }
         }