aboutsummaryrefslogtreecommitdiff
path: root/juick-server/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'juick-server/src/main')
-rw-r--r--juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java20
1 files changed, 7 insertions, 13 deletions
diff --git a/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java b/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java
index d1358a208..b384a8c8b 100644
--- a/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java
+++ b/juick-server/src/main/java/com/juick/server/security/HashParamAuthenticationFilter.java
@@ -10,6 +10,7 @@ import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.util.Assert;
import org.springframework.web.filter.OncePerRequestFilter;
+import org.springframework.web.util.WebUtils;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
@@ -71,19 +72,12 @@ public class HashParamAuthenticationFilter extends OncePerRequestFilter {
}
private String getHashFromRequest(HttpServletRequest request) {
- String hash = request.getHeader(PARAM_NAME);
+ String paramHash = request.getParameter(PARAM_NAME);
+ Cookie cookieHash = WebUtils.getCookie(request, PARAM_NAME);
- if (hash == null)
- hash = request.getParameter(PARAM_NAME);
-
- Cookie[] cookies = request.getCookies();
-
- if (hash == null && cookies != null)
- for (Cookie cookie : cookies)
- if (PARAM_NAME.equals(cookie.getName())) {
- hash = cookie.getValue();
- break;
- }
- return hash;
+ if (paramHash == null && cookieHash != null) {
+ return cookieHash.getValue();
+ }
+ return paramHash;
}
}