From 204a7fe91f202c364c9ed0a81932c2c873dcf99c Mon Sep 17 00:00:00 2001
From: Rossen Stoyanchev <rstoyanchev@vmware.com>
Date: Thu, 12 Nov 2020 21:28:18 +0000
Subject: [PATCH] UrlPathHelper.removeJsessionid correctly appends remainder

Closes gh-26079
---
 .../web/util/UrlPathHelper.java                |  2 +-
 .../web/util/UrlPathHelperTests.java           | 18 +++++++++++++-----
 2 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/spring-web/src/main/java/org/springframework/web/util/UrlPathHelper.java b/spring-web/src/main/java/org/springframework/web/util/UrlPathHelper.java
index 5c8ff3e4c6..2fd21b1875 100644
--- a/spring-web/src/main/java/org/springframework/web/util/UrlPathHelper.java
+++ b/spring-web/src/main/java/org/springframework/web/util/UrlPathHelper.java
@@ -635,7 +635,7 @@ public class UrlPathHelper {
 			return requestUri;
 		}
 		String start = requestUri.substring(0, index);
-		for (int i = key.length(); i < requestUri.length(); i++) {
+		for (int i = index + key.length(); i < requestUri.length(); i++) {
 			char c = requestUri.charAt(i);
 			if (c == ';' || c == '/') {
 				return start + requestUri.substring(i);
diff --git a/spring-web/src/test/java/org/springframework/web/util/UrlPathHelperTests.java b/spring-web/src/test/java/org/springframework/web/util/UrlPathHelperTests.java
index 695a5ad4fb..0aea5a0b51 100644
--- a/spring-web/src/test/java/org/springframework/web/util/UrlPathHelperTests.java
+++ b/spring-web/src/test/java/org/springframework/web/util/UrlPathHelperTests.java
@@ -128,11 +128,19 @@ public class UrlPathHelperTests {
 	public void getRequestKeepSemicolonContent() {
 		helper.setRemoveSemicolonContent(false);
 
-		request.setRequestURI("/foo;a=b;c=d");
-		assertThat(helper.getRequestUri(request)).isEqualTo("/foo;a=b;c=d");
-
-		request.setRequestURI("/foo;jsessionid=c0o7fszeb1");
-		assertThat(helper.getRequestUri(request)).isEqualTo("/foo");
+		testKeepSemicolonContent("/foo;a=b;c=d", "/foo;a=b;c=d");
+		testKeepSemicolonContent("/test;jsessionid=1234", "/test");
+		testKeepSemicolonContent("/test;JSESSIONID=1234", "/test");
+		testKeepSemicolonContent("/test;jsessionid=1234;a=b", "/test;a=b");
+		testKeepSemicolonContent("/test;a=b;jsessionid=1234;c=d", "/test;a=b;c=d");
+		testKeepSemicolonContent("/test;jsessionid=1234/anotherTest", "/test/anotherTest");
+		testKeepSemicolonContent("/test;jsessionid=;a=b", "/test;a=b");
+		testKeepSemicolonContent("/somethingLongerThan12;jsessionid=1234", "/somethingLongerThan12");
+	}
+
+	private void testKeepSemicolonContent(String requestUri, String expectedPath) {
+		request.setRequestURI(requestUri);
+		assertThat(helper.getRequestUri(request)).isEqualTo(expectedPath);
 	}
 
 	@Test