From 2721d55139645d2485556cad91474c8bacc81992 Mon Sep 17 00:00:00 2001
From: hns <hannesw@gmail.com>
Date: Tue, 13 Nov 2007 14:23:57 +0000
Subject: [PATCH] * Prevent response splitting vulnerability reported by   Paul
 Alexandrow on helma-dev.

---
 src/helma/framework/ResponseTrans.java | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/src/helma/framework/ResponseTrans.java b/src/helma/framework/ResponseTrans.java
index db117c2a..85a581c3 100644
--- a/src/helma/framework/ResponseTrans.java
+++ b/src/helma/framework/ResponseTrans.java
@@ -442,8 +442,9 @@ public final class ResponseTrans extends Writer implements Serializable {
      * @throws RedirectException ...
      */
     public void redirect(String url) throws RedirectException {
-        redir = url;
-        throw new RedirectException(url);
+        redir = url == null ?
+                null : url.replaceAll("[\r\n]", "");
+        throw new RedirectException(redir);
     }
 
     /**
@@ -463,8 +464,9 @@ public final class ResponseTrans extends Writer implements Serializable {
      * @throws RedirectException ...
      */
     public void forward(String url) throws RedirectException {
-        forward = url;
-        throw new RedirectException(url);
+        forward = url == null ?
+                null : url.replaceAll("[\r\n]", "");
+        throw new RedirectException(forward);
     }
 
     /**