From eecaad8b8e2c447429c31a01d49260ddd6b4ee03 Mon Sep 17 00:00:00 2001
From: Paul Martin <paul@paulsputer.com>
Date: Sat, 16 Apr 2016 17:35:32 -0400
Subject: [PATCH] Proof of concept #1026

---
 src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java |   11 +++++++----
 1 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java b/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java
index 4c8d3a1..259a4bf 100644
--- a/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java
@@ -19,10 +19,10 @@
 
 import org.apache.wicket.RestartResponseException;
 import org.apache.wicket.markup.html.form.Button;
-import org.apache.wicket.markup.html.form.PasswordTextField;
 import org.apache.wicket.markup.html.form.StatelessForm;
 import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.Model;
+import org.apache.wicket.protocol.http.WebRequest;
 import org.apache.wicket.protocol.http.WebResponse;
 
 import com.gitblit.GitBlitException;
@@ -30,6 +30,7 @@
 import com.gitblit.models.UserModel;
 import com.gitblit.utils.StringUtils;
 import com.gitblit.wicket.GitBlitWebSession;
+import com.gitblit.wicket.NonTrimmedPasswordTextField;
 
 public class ChangePasswordPage extends RootSubPage {
 
@@ -99,8 +100,10 @@
 				try {
 					app().gitblit().reviseUser(user.username, user);
 					if (app().settings().getBoolean(Keys.web.allowCookieAuthentication, false)) {
+						WebRequest request = (WebRequest) getRequestCycle().getRequest();
 						WebResponse response = (WebResponse) getRequestCycle().getResponse();
-						app().authentication().setCookie(response.getHttpServletResponse(), user);
+						app().authentication().setCookie(request.getHttpServletRequest(),
+								response.getHttpServletResponse(), user);
 					}
 				} catch (GitBlitException e) {
 					error(e.getMessage());
@@ -111,10 +114,10 @@
 				setResponsePage(RepositoriesPage.class);
 			}
 		};
-		PasswordTextField passwordField = new PasswordTextField("password", password);
+		NonTrimmedPasswordTextField passwordField = new NonTrimmedPasswordTextField("password", password);
 		passwordField.setResetPassword(false);
 		form.add(passwordField);
-		PasswordTextField confirmPasswordField = new PasswordTextField("confirmPassword",
+		NonTrimmedPasswordTextField confirmPasswordField = new NonTrimmedPasswordTextField("confirmPassword",
 				confirmPassword);
 		confirmPasswordField.setResetPassword(false);
 		form.add(confirmPasswordField);

--
Gitblit v1.9.1