ResourceUrlEncodingFilter does not work with HttpServletRequestWrapper [SPR-17421]

[spring-projects-issues]

Rob Winch opened SPR-17421 and commented

This is effectively reopening of #17152 I was able to reproduce this without Spring Security via a Filter that wraps the HttpServletRequest. See https://github.com/rwinch/spring-framework-issues/tree/SPR-12550-Security/SPR-12550 There are instructions in the README for reproducing.

---

Affects: 4.3.19

Issue Links:

• ForwardedHeaderFilter does not respect Servlet forwarding [SPR-16983] #21521 ForwardedHeaderFilter does not respect Servlet forwarding
• Rewriting URLs with version-resolver using JSP and c:url doesn't work when Spring dispatcher servlet is not mapped to root [SPR-12550] #17152 Rewriting URLs with version-resolver using JSP and c:url doesn't work when Spring dispatcher servlet is not mapped to root ("supersedes")

Backported to: 5.0.11, 4.3.21

[spring-projects-issues]

vandykej17 commented

HI, I see this has been resolved through #21521. One followup question: #21521 lists Fix Version/s of 5.1.2, but this ticket lists out three Fix Version/s (4.3.21, 5.0.11, 5.1.2). Our application uses Spring 4 right now, so getting the fix in 4.3.21 would be optimal for us.  Would that be possible?

[spring-projects-issues]

Brian Clozel commented

Hi vandykej17,

This issue has been resolved here, not through #21521. The fix has been backported to 4.3.x and 5.0.x branches, so this will be available in 4.3.21, 5.0.11 and 5.1.2.

On the other hand, #21521 has been fixed on master only, but it is a totally different fix. Are you requesting a backport for #21521 independently of this issue?

[spring-projects-issues]

vandykej17 commented

Oh, sorry I guess I misunderstood what the related to field meant. I don't need #21521 back ported. My bad.