Merge pull request #4315 from mawinter69/JENKINS-59904

[JENKINS-59904] avoid NullPointerException when there are no cookies in the request

Merge pull request #4315 from mawinter69/JENKINS-59904
[JENKINS-59904] avoid NullPointerException when there are no cookies in the request
eddf79b4 · Oleg Nenashev · GitHub · 56e459b9 · eebe7307 · eddf79b4
隐藏空白更改
内联并排

Showing with 11 addition and 8 deletion

core/src/main/java/hudson/security/SecurityRealm.java core/src/main/java/hudson/security/SecurityRealm.java +11 -8

未找到文件。
--- a/core/src/main/java/hudson/security/SecurityRealm.java
+++ b/core/src/main/java/hudson/security/SecurityRealm.java
@@ -325,14 +325,17 @@ public abstract class SecurityRealm extends AbstractDescribableImpl<SecurityReal
         * responsibility not to send them to us in the first place.
         */
        final String cookieName = "JSESSIONID.";
-        for (Cookie cookie : req.getCookies()) {
-            if (cookie.getName().startsWith(cookieName)) {
-                LOGGER.log(Level.FINE, "Removing cookie {0} during logout", cookie.getName());
-                // one reason users log out is to clear their session(s)
-                // so tell the browser to drop all old sessions
-                cookie.setMaxAge(0);
-                cookie.setValue("");
-                rsp.addCookie(cookie);
+        Cookie[] cookies = req.getCookies();
+        if (cookies != null) {
+            for (Cookie cookie : cookies) {
+                if (cookie.getName().startsWith(cookieName)) {
+                    LOGGER.log(Level.FINE, "Removing cookie {0} during logout", cookie.getName());
+                    // one reason users log out is to clear their session(s)
+                    // so tell the browser to drop all old sessions
+                    cookie.setMaxAge(0);
+                    cookie.setValue("");
+                    rsp.addCookie(cookie);
+                }
            }
        }
    }