From 281ccff907c64ef0d92418551b04b3396452b356 Mon Sep 17 00:00:00 2001 From: "Scheidter,Ryan" Date: Tue, 26 Mar 2019 07:33:59 -0500 Subject: [PATCH] Fixed NPE in HttpsRedirectWebFilter A more descriptive IllegalStateException is now thrown instead in the case that no such port mapping exists. Fixes: gh-6639 --- .../web/server/transport/HttpsRedirectWebFilter.java | 6 ++++-- .../web/server/transport/HttpsRedirectWebFilterTests.java | 6 ++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/web/src/main/java/org/springframework/security/web/server/transport/HttpsRedirectWebFilter.java b/web/src/main/java/org/springframework/security/web/server/transport/HttpsRedirectWebFilter.java index 391bed9b8f..d0b7b49846 100644 --- a/web/src/main/java/org/springframework/security/web/server/transport/HttpsRedirectWebFilter.java +++ b/web/src/main/java/org/springframework/security/web/server/transport/HttpsRedirectWebFilter.java @@ -17,6 +17,7 @@ package org.springframework.security.web.server.transport; import java.net.URI; +import java.util.Optional; import reactor.core.publisher.Mono; @@ -101,8 +102,9 @@ public final class HttpsRedirectWebFilter implements WebFilter { UriComponentsBuilder.fromUri(exchange.getRequest().getURI()); if (port > 0) { - port = this.portMapper.lookupHttpsPort(port); - builder.port(port); + builder.port(Optional.ofNullable(this.portMapper.lookupHttpsPort(port)) + .orElseThrow(() -> new IllegalStateException( + "HTTP Port '" + port + "' does not have a corresponding HTTPS Port"))); } return builder.scheme("https").build().toUri(); diff --git a/web/src/test/java/org/springframework/security/web/server/transport/HttpsRedirectWebFilterTests.java b/web/src/test/java/org/springframework/security/web/server/transport/HttpsRedirectWebFilterTests.java index 679abe8aef..094558d2dd 100644 --- a/web/src/test/java/org/springframework/security/web/server/transport/HttpsRedirectWebFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/server/transport/HttpsRedirectWebFilterTests.java @@ -112,6 +112,12 @@ public class HttpsRedirectWebFilterTests { verify(portMapper).lookupHttpsPort(314); } + @Test + public void filterWhenRequestIsInsecureAndNoPortMappingThenThrowsIllegalState() { + ServerWebExchange exchange = get("http://localhost:1234"); + assertThatCode(() -> this.filter.filter(exchange, this.chain).block()) + .isInstanceOf(IllegalStateException.class); + } @Test public void filterWhenInsecureRequestHasAPathThenRedirects() {