libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases 1 Packages Activity Actions

KEYCLOAK-14178 Avoid erroneous HTML escaping in KeycloakServer

Browse source 
This PR disables the Resteasy HTML Sanitizer in KeycloakServer.
Previously KeycloakTest server erroneously escapes html in error pages.

See the linked JIRA issue for details.
This commit is contained in:
Thomas Darimont 2020-05-14 21:48:55 +02:00 committed by Hynek Mlnařík
parent 37e23cb0a2
commit e11f1698e9
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java
View file

@ -25,6 +25,7 @@ import io.undertow.servlet.api.FilterInfo;
import io.undertow.servlet.api.ServletInfo;
import org.jboss.logging.Logger;
import org.jboss.resteasy.plugins.server.servlet.HttpServlet30Dispatcher;
import org.jboss.resteasy.plugins.server.servlet.ResteasyContextParameters;
import org.jboss.resteasy.plugins.server.undertow.UndertowJaxrsServer;
import org.jboss.resteasy.spi.ResteasyDeployment;
import org.keycloak.common.Version;
@ -402,7 +403,8 @@ public class KeycloakServer {
ServletInfo restEasyDispatcher = Servlets.servlet("Keycloak REST Interface", HttpServlet30Dispatcher.class);
restEasyDispatcher.addInitParam("resteasy.servlet.mapping.prefix", "/");
restEasyDispatcher.addInitParam(ResteasyContextParameters.RESTEASY_SERVLET_MAPPING_PREFIX, "/");
restEasyDispatcher.addInitParam(ResteasyContextParameters.RESTEASY_DISABLE_HTML_SANITIZER, "true");
restEasyDispatcher.setAsyncSupported(true);
di.addServlet(restEasyDispatcher);