SpringBoot GET /login? throws 405 - Nineya|java/go/python

Hello, I have found a weird behaviour that I cannot explain:

in case of missing auth, the request gets forwarded to /login.

So after login, the SavedRequest uses the cached uri it forwards to the previously called page which appends "?continue" to the request uri.

So when this session expired, I refresh the page and it says 405 Method GET not allowed /login.

I tried a bit, and it seems that the only accepted query string is ?error or no query string at all, otherwise response status code is 405.

This makes me think that the issue is coming from the generated login page.

To solve this issue, I use a LoginPageFilter and in doFilter-Method I have the following code:

        if (req.getQueryString() != null && (!req.getQueryString().equals("error"))) {
                HttpServletRequestWrapper wrappedRequest = new HttpServletRequestWrapper(req) {
                    @Override
                    public String getQueryString() {
                        return null;
                    }
                };
                RequestDispatcher dispatcher = wrappedRequest.getRequestDispatcher("/login");
                dispatcher.forward(wrappedRequest, res);
        }

I think something like this could be included in the default login page to prevent the issue? Or maybe it is caused by something else which I could not determine.

Comment From: wilkinsona

The functionality that you have described is not provided by Spring Boot itself. I assume that you're using Spring Security. If so, and you have a suggestion for an improvement, please open an issue with that project.