diff --git a/src/main/java/com/eactive/eai/rms/common/filter/CrossScriptingFilter.java b/src/main/java/com/eactive/eai/rms/common/filter/CrossScriptingFilter.java index 8d5da1e..c01f2cb 100644 --- a/src/main/java/com/eactive/eai/rms/common/filter/CrossScriptingFilter.java +++ b/src/main/java/com/eactive/eai/rms/common/filter/CrossScriptingFilter.java @@ -37,11 +37,9 @@ public class CrossScriptingFilter implements Filter { String uri = request.getRequestURL().toString(); String servletPath = request.getServletPath(); String baseUrl = uri.replace(servletPath, ""); - boolean isValidUrl = returnUrl.startsWith(baseUrl); - System.out.println("checkReturnUrl => "+ uri + " : "+ servletPath); - System.out.println("checkReturnUrl => "+ baseUrl + " : "+ returnUrl); - System.out.println("checkReturnUrl => "+ returnUrl + " : "+ isValidUrl); - return isValidUrl; + // 25.11.10 - weblogic https://host:443/ 문제 대응 + baseUrl = baseUrl.replace(":443", ""); + return returnUrl.startsWith(baseUrl); } public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) @@ -52,7 +50,6 @@ public class CrossScriptingFilter implements Filter { String returnUrl = (String)request.getParameter("returnUrl"); if(returnUrl != null) { if(!checkReturnUrl(request, returnUrl)) { - System.out.println("[CrossScriptingFilter] bad request. - " + returnUrl); response.sendError(HttpServletResponse.SC_BAD_REQUEST, "bad request. - "+returnUrl); return; }