flparedes
commented
7 years ago I have the same problem, please fix this problem asap.
Open dpcasady opened 7 years ago
flparedes
commented
7 years ago I have the same problem, please fix this problem asap.
sdelamo
commented
7 years ago @dpcasady could you submit a sample app so that I can fix it, create a test for it and release a new version?
dpcasady
commented
7 years ago Here's a sample app: https://github.com/dpcasady/grails-cas-encoding
Run the app and send some post data to it with special characters:
curl -dstring=® http://localhost:8080/applicationThe ApplicationController will echo the string param. With spring security cas, you'll see:
string: ®If you disable spring security cas, you'll see string: ®.
robertoschwald
commented
4 years ago This issue breaks UTF-8 completely in Grails 3.3.x.
Workaround: In resources.groovy, reconfigure the registration bean to ensure the SSO filter comes after the characterEncodingFilter.
singleSignOutFilterRegistrationBean(FilterRegistrationBean) {
name = 'CAS Single Sign Out Filter'
filter = ref('singleSignOutFilter')
order = FilterRegistrationBean.REQUEST_WRAPPER_FILTER_MAX_ORDER + 11
}Ordered.HIGHEST_PRECEDENCE + 1 does not work, since CharacterEncodingFilter has order FilterRegistrationBean.REQUEST_WRAPPER_FILTER_MAX_ORDER + 10 in Grails 3.3.x
I really hope this will be fixed soon. This issue is open since 2017 and nobody took care so far.
coig-prometeo-it
commented
2 years ago Workaround update for grails 5.1.7. This work form me
import org.springframework.boot.web.servlet.FilterRegistrationBean
import org.springframework.boot.web.reactive.filter.OrderedWebFilter
...
singleSignOutFilterRegistrationBean( FilterRegistrationBean ) {
name = 'CAS Single Sign Out Filter'
filter = ref( 'singleSignOutFilter' )
order = OrderedWebFilter.REQUEST_WRAPPER_FILTER_MAX_ORDER + 11
}
funcoleto
commented
9 months ago A dia de hoy sigue sin arreglarse, la ñ pasa a ser à e igual que las letras acentuadas..
guillermocalvo
commented
9 months ago I've checked out the provided sample app grails-cas-encoding and ran it locally. It seems to work totally fine as it is (no need to disable spring security cas):
$ curl -si -dstring=® http://localhost:8080/application
HTTP/1.1 200
X-Application-Context: application:development
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Date: Mon, 15 Jan 2024 09:56:47 GMT
string: ®The controller returns a valid UTF-8 response, echoing the ® character. Both payload and headers look good to me.
Maybe your CLI application was not handling the response properly? 🤔
funcoleto
commented
9 months ago with sample app grails-cas-encoding
curl -si -dstring=® http://localhost:8080/application HTTP/1.1 200 X-Application-Context: application:development Content-Type: text/html;charset=utf-8 Transfer-Encoding: chunked Date: Mon, 15 Jan 2024 10:34:52 GMT
string: ®
It's the same problem..
guillermocalvo
commented
9 months ago @funcoleto I believe the app is returning the correct response, but your command line application is not interpreting UTF-8 correctly.
Could you please run this test locally and tell us the response you get?
curl -s -dstring=`echo 'wq4=' | base64 -d` http://localhost:8080/application | base64curl -s -dstring=echo 'wq4=' | base64 -d http://localhost:8080/application | base64
c3RyaW5nOiDDgsKuCg==
guillermocalvo
commented
9 months ago @funcoleto Thanks for your help!
That's not the same response I get when I run it locally 🤔 Could you tell me which OS / JDK version are you using to run the app?
funcoleto
commented
9 months ago % grails --version Grails Version: 6.1.1 JVM Version: 11.0.16
% sw_vers ProductName: macOS ProductVersion: 12.3.1 BuildVersion: 21E258
with java 17 is the some problem..
The Grails default UTF-8
characterEncodingFilterno longer encodes special characters correctly in an app with the Spring Security CAS plugin.I believe this is due to the
SingleSignOutFilter's registration order being set toOrdered.HIGHEST_PRECEDENCEand thus being first in the filter chain instead of the encoding filter. Not that this is the solution, but by setting the SingleSignOutFilter's order toOrdered.HIGHEST_PRECEDENCE + 1, and customizing characterEncodingFilter with orderOrdered.HIGHEST_PRECEDENCEseems to fix the problem.This is most easily demonstrated by submitting a post request to a controller with special characters, e.g. ™, ®, etc. in it.