src/main/java/org/apache/sling/auth/core/spi/DefaultAuthenticationFeedbackHandler.java [87:128]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - .error( "handleRedirect: Failed to send redirect to " + redirect + ", aborting request without redirect", e); } // consider the request done return true; } // no redirect requested return false; } private static String getValidatedRedirectTarget(final HttpServletRequest request) { String redirect = request.getParameter(AuthenticationSupport.REDIRECT_PARAMETER); if (redirect == null) { return null; } // redirect to the same path if ("true".equalsIgnoreCase(redirect) || redirect.length() == 0) { return request.getRequestURI(); } // redirect relative to the current request (make absolute) if (!redirect.startsWith("/") && !redirect.contains("://")) { String path = request.getRequestURI(); path = path.substring(request.getContextPath().length()); int lastSlash = path.lastIndexOf('/'); path = (lastSlash > 0) ? path.substring(0, lastSlash + 1) : path; redirect = path.concat(redirect); redirect = ResourceUtil.normalize(redirect); } // prepend context path if necessary if (redirect.startsWith("/") && !redirect.startsWith(request.getContextPath())) { redirect = request.getContextPath().concat(redirect); } // absolute target (in the servlet context) if (!AuthUtil.isRedirectValid(request, redirect)) { - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - src/main/java/org/apache/sling/auth/core/spi/DefaultJakartaAuthenticationFeedbackHandler.java [86:127]: - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - .error( "handleRedirect: Failed to send redirect to " + redirect + ", aborting request without redirect", e); } // consider the request done return true; } // no redirect requested return false; } private static String getValidatedRedirectTarget(final HttpServletRequest request) { String redirect = request.getParameter(AuthenticationSupport.REDIRECT_PARAMETER); if (redirect == null) { return null; } // redirect to the same path if ("true".equalsIgnoreCase(redirect) || redirect.length() == 0) { return request.getRequestURI(); } // redirect relative to the current request (make absolute) if (!redirect.startsWith("/") && !redirect.contains("://")) { String path = request.getRequestURI(); path = path.substring(request.getContextPath().length()); int lastSlash = path.lastIndexOf('/'); path = (lastSlash > 0) ? path.substring(0, lastSlash + 1) : path; redirect = path.concat(redirect); redirect = ResourceUtil.normalize(redirect); } // prepend context path if necessary if (redirect.startsWith("/") && !redirect.startsWith(request.getContextPath())) { redirect = request.getContextPath().concat(redirect); } // absolute target (in the servlet context) if (!AuthUtil.isRedirectValid(request, redirect)) { - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -