saulteafarmer/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Stirling-Tools/Stirling-PDF.git synced 2025-06-22 07:25:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Introduced protections against HTTP header injection / smuggling attacks

Browse Source
This commit is contained in:
pixeebot[bot] 2024-11-29 14:41:02 +00:00 committed by GitHub
parent 329f755823
commit 72636dda9f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
View File

@ -1,5 +1,6 @@
package stirling.software.SPDF.config.security;
import io.github.pixee.security.Newlines;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.*;
@ -181,8 +182,8 @@ public class SecurityConfiguration {
if (request.getRequestURI().startsWith("/saml2")) {
response.setHeader("Set-Cookie",
response.getHeader("Set-Cookie")
.concat(";SameSite=None;Secure"));
Newlines.stripAll(response.getHeader("Set-Cookie")
.concat(";SameSite=None;Secure")));
}
filterChain.doFilter(request, response);
}