Fix Vaadin Request Cache ___url_parameter

Author: AB-xdev

CHANGELOG.md

@@ -1,3 +1,7 @@
+# 1.0.1
+* Vaadin
+  * Fix ``SecureVaadinRequestCache`` ignoring non-optional url parameters
+
 # 1.0.0
 _Initial production ready release_
 

vaadin/src/main/java/software/xdev/sse/vaadin/SecureVaadinRequestCache.java

@@ -154,14 +154,27 @@ protected synchronized void initAllowedPaths()
 			.stream()
 			.map(RouteBaseData::getTemplate)
 			.filter(s -> !s.isBlank())
-			.map(s -> s.replace("/:___url_parameter?", "/*"))
+			.map(s -> {
+				final String urlParamIdentifier = "/:___url_parameter";
+				final int urlParamIndex = s.indexOf(urlParamIdentifier);
+				if(urlParamIndex == -1)
+				{
+					return s;
+				}
+				
+				final String substring = s.substring(0, urlParamIndex);
+				return substring + "/*"
+					// Do a full level wildcard if there is more stuff (excluding the optional ?)
+					// behind the path-part
+					+ (s.length() - substring.length() - urlParamIdentifier.length() <= 1 ? "" : "*");
+			})
 			.map(s -> "/" + s)
 			.collect(Collectors.toSet());
 
 		LOG.debug("Allowed paths: {}", allowedPaths);
 
 		this.pathMaxLength = allowedPaths.stream()
-			.mapToInt(s -> s.length() + (s.endsWith("/*") ? this.defaultWildcardPathLengthAssumption : 0))
+			.mapToInt(s -> s.length() + (s.endsWith("*") ? this.defaultWildcardPathLengthAssumption : 0))
 			.max()
 			.orElse(this.defaultPathMaxLength);