Escape action in the form_post response mode (#30)

Closes https://issues.redhat.com/browse/RHBK-652 Signed-off-by: rmartinc <rmartinc@redhat.com>
2026-05-08 08:01:18 -05:00 · 2023-12-06 16:14:44 +01:00
parent 15a21bf8e4
commit 67f905ecc5
6 changed files with 72 additions and 2 deletions
@@ -160,7 +160,9 @@ public abstract class OIDCRedirectUriBuilder {
            builder.append("  </HEAD>");
            builder.append("  <BODY Onload=\"document.forms[0].submit()\">");

-            builder.append("    <FORM METHOD=\"POST\" ACTION=\"" + redirectUri.toString() + "\">");
+            builder.append("    <FORM METHOD=\"POST\" ACTION=\"")
+                    .append(HtmlUtils.escapeAttribute(redirectUri.toString()))
+                    .append("\">");

            for (Map.Entry<String, String> param : params.entrySet()) {
                builder.append("  <INPUT TYPE=\"HIDDEN\" NAME=\"")