From 54cc7d7c2483d7ca100a5db47f4e1e98bd97c7fe Mon Sep 17 00:00:00 2001 From: James Moger <james.moger@gitblit.com> Date: Thu, 25 Sep 2014 09:27:04 -0400 Subject: [PATCH] Merged #187 "Restrict Gitblit cookie to the context path" --- src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java | 5 ++++- 1 files changed, 4 insertions(+), 1 deletions(-) diff --git a/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java b/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java index 4c8d3a1..a6aca22 100644 --- a/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java +++ b/src/main/java/com/gitblit/wicket/pages/ChangePasswordPage.java @@ -23,6 +23,7 @@ import org.apache.wicket.markup.html.form.StatelessForm; import org.apache.wicket.model.IModel; import org.apache.wicket.model.Model; +import org.apache.wicket.protocol.http.WebRequest; import org.apache.wicket.protocol.http.WebResponse; import com.gitblit.GitBlitException; @@ -99,8 +100,10 @@ try { app().gitblit().reviseUser(user.username, user); if (app().settings().getBoolean(Keys.web.allowCookieAuthentication, false)) { + WebRequest request = (WebRequest) getRequestCycle().getRequest(); WebResponse response = (WebResponse) getRequestCycle().getResponse(); - app().authentication().setCookie(response.getHttpServletResponse(), user); + app().authentication().setCookie(request.getHttpServletRequest(), + response.getHttpServletResponse(), user); } } catch (GitBlitException e) { error(e.getMessage()); -- Gitblit v1.9.1