リダイレクトした際、URLが無駄に長くなるのを修正。

author senju <senju@users.sourceforge.jp>

Wed, 19 Aug 2009 13:32:59 +0000 (22:32 +0900)

committer senju <senju@users.sourceforge.jp>

Wed, 19 Aug 2009 13:32:59 +0000 (22:32 +0900)
author senju <senju@users.sourceforge.jp>
Wed, 19 Aug 2009 13:32:59 +0000 (22:32 +0900)
committer senju <senju@users.sourceforge.jp>
Wed, 19 Aug 2009 13:32:59 +0000 (22:32 +0900)
diff --git a/src/jp/sourceforge/rabbitBTS/interceptors/AuthenticationInterceptor.java b/src/jp/sourceforge/rabbitBTS/interceptors/AuthenticationInterceptor.java

index 8bdfae4..6b544dd 100644 (file)
--- a/src/jp/sourceforge/rabbitBTS/interceptors/AuthenticationInterceptor.java
+++ b/src/jp/sourceforge/rabbitBTS/interceptors/AuthenticationInterceptor.java
@@ -75,11 +75,14 @@ public class AuthenticationInterceptor extends HandlerInterceptorAdapter {
          */
         @Override
         public void postHandle(HttpServletRequest request,
-                       HttpServletResponse response, Object handler,
-                       ModelAndView modelAndView) throws Exception {
-               modelAndView.addObject("acc", this.accountService.getCurrentAccount());
-               modelAndView.addObject("loginurl", Sht.loginUrl(request));
-               modelAndView.addObject("logouturl", Sht.logoutUrl(request));
+                       HttpServletResponse response, Object handler, ModelAndView mav)
+                       throws Exception {
+               // リダイレクトする場合は不要
+               if (!mav.getViewName().startsWith("redirect:")) {
+                       mav.addObject("acc", this.accountService.getCurrentAccount());
+                       mav.addObject("loginurl", Sht.loginUrl(request));
+                       mav.addObject("logouturl", Sht.logoutUrl(request));
+               }
         }
  
  }
diff --git a/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java b/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java

index 8f2222b..d615aef 100644 (file)
--- a/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java
+++ b/src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java
@@ -61,12 +61,14 @@ public class CSRFInterceptor extends HandlerInterceptorAdapter {
          */
         @Override
         public void postHandle(HttpServletRequest request,
-                       HttpServletResponse response, Object handler,
-                       ModelAndView modelAndView) throws Exception {
-               final String token = RandomStringUtils.randomAlphanumeric(128);
-
-               request.getSession().setAttribute("secureToken", token);
-               modelAndView.addObject("secureToken", token);
+                       HttpServletResponse response, Object handler, ModelAndView mav)
+                       throws Exception {
+               // リダイレクトする場合は不要
+               if (!mav.getViewName().startsWith("redirect:")) {
+                       final String token = RandomStringUtils.randomAlphanumeric(128);
+                       request.getSession().setAttribute("secureToken", token);
+                       mav.addObject("secureToken", token);
+               }
  
                 if (request.getMethod().equals("POST")
                                 && handler instanceof IController) {
author	senju <senju@users.sourceforge.jp>
	Wed, 19 Aug 2009 13:32:59 +0000 (22:32 +0900)
committer	senju <senju@users.sourceforge.jp>
	Wed, 19 Aug 2009 13:32:59 +0000 (22:32 +0900)
src/jp/sourceforge/rabbitBTS/interceptors/AuthenticationInterceptor.java		patch \| blob \| history
src/jp/sourceforge/rabbitBTS/interceptors/CSRFInterceptor.java		patch \| blob \| history