javier/Stirling-PDF
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Introduced protections against HTTP header injection / smuggling attacks

Browse Source
This commit is contained in:
pixeebot[bot]
2024-11-29 14:41:02 +00:00
committed by GitHub
parent 329f755823
commit 72636dda9f
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/main/java/stirling/software/SPDF/config/security/SecurityConfiguration.java
View File

@@ -1,5 +1,6 @@
package stirling.software.SPDF.config.security;
import io.github.pixee.security.Newlines;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.util.*;
@@ -181,8 +182,8 @@ public class SecurityConfiguration {
if (request.getRequestURI().startsWith("/saml2")) {
response.setHeader("Set-Cookie",
response.getHeader("Set-Cookie")
.concat(";SameSite=None;Secure"));
Newlines.stripAll(response.getHeader("Set-Cookie")
.concat(";SameSite=None;Secure")));
}
filterChain.doFilter(request, response);
}