From 54cc7d7c2483d7ca100a5db47f4e1e98bd97c7fe Mon Sep 17 00:00:00 2001 From: James Moger <james.moger@gitblit.com> Date: Thu, 25 Sep 2014 09:27:04 -0400 Subject: [PATCH] Merged #187 "Restrict Gitblit cookie to the context path" --- src/main/java/com/gitblit/wicket/pages/RootPage.java | 5 ++++- 1 files changed, 4 insertions(+), 1 deletions(-) diff --git a/src/main/java/com/gitblit/wicket/pages/RootPage.java b/src/main/java/com/gitblit/wicket/pages/RootPage.java index b1c3639..6a933b7 100644 --- a/src/main/java/com/gitblit/wicket/pages/RootPage.java +++ b/src/main/java/com/gitblit/wicket/pages/RootPage.java @@ -46,6 +46,7 @@ import org.apache.wicket.markup.repeater.data.ListDataProvider; import org.apache.wicket.model.IModel; import org.apache.wicket.model.Model; +import org.apache.wicket.protocol.http.WebRequest; import org.apache.wicket.protocol.http.WebResponse; import com.gitblit.Constants; @@ -269,8 +270,10 @@ // Set Cookie if (app().settings().getBoolean(Keys.web.allowCookieAuthentication, false)) { + WebRequest request = (WebRequest) getRequestCycle().getRequest(); WebResponse response = (WebResponse) getRequestCycle().getResponse(); - app().authentication().setCookie(response.getHttpServletResponse(), user); + app().authentication().setCookie(request.getHttpServletRequest(), + response.getHttpServletResponse(), user); } if (!session.continueRequest()) { -- Gitblit v1.9.1