Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11362

Utilise standards-based org.forgerock.http.util.Uris methods for query parameter encoding/decoding

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 14.5.0
    • Fix Version/s: 13.5.2, 14.5.0, 14.1.2
    • Component/s: SAML
    • Environment:
      OpenAM being proxied through OpenIG.
    • Sprint:
      AM Sustaining Sprint 40, AM Sustaining Sprint 41, AM Sustaining Sprint 42
    • Story Points:
      3
    • Needs QA verification:
      No

      Description

      application/x-www-form-urlencoded based encoding from com.sun.identity.shared.encode.URLEncDec is often being applied to HTTP request query parameters which can lead to issues when working with proxies such as OpenIG that apply strict RFC decoding and encoding routines, as seen in issues like OPENIG-947

      org.forgerock.http.util.Uris from commons provides encoding/decoding methods for both application/x-www-form-urlencoded and query parameters and should be used in place of com.sun.identity.shared.encode.URLEncDec encode/decode methods.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                markdr Mark de Reeper
                Reporter:
                markdr Mark de Reeper
              • Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: