diff options
Diffstat (limited to 'juick-server/src/main/java')
-rw-r--r-- | juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java | 20 |
1 files changed, 7 insertions, 13 deletions
diff --git a/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java b/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java index d1358a208..b384a8c8b 100644 --- a/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java +++ b/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java @@ -10,6 +10,7 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.authentication.RememberMeServices; import org.springframework.util.Assert; import org.springframework.web.filter.OncePerRequestFilter; +import org.springframework.web.util.WebUtils; import javax.servlet.FilterChain; import javax.servlet.ServletException; @@ -71,19 +72,12 @@ public class HashParamAuthenticationFilter extends OncePerRequestFilter { } private String getHashFromRequest(HttpServletRequest request) { - String hash = request.getHeader(PARAM_NAME); + String paramHash = request.getParameter(PARAM_NAME); + Cookie cookieHash = WebUtils.getCookie(request, PARAM_NAME); - if (hash == null) - hash = request.getParameter(PARAM_NAME); - - Cookie[] cookies = request.getCookies(); - - if (hash == null && cookies != null) - for (Cookie cookie : cookies) - if (PARAM_NAME.equals(cookie.getName())) { - hash = cookie.getValue(); - break; - } - return hash; + if (paramHash == null && cookieHash != null) { + return cookieHash.getValue(); + } + return paramHash; } } |