From 17138d6f8459f4e7b86a8df940ddcfb4225427ad Mon Sep 17 00:00:00 2001
From: Riley Park <rileysebastianpark@gmail.com>
Date: Mon, 12 Aug 2024 19:45:30 -0700
Subject: [PATCH] Fix incorrect weak ETag validation

---
 .../src/main/java/org/springframework/http/HttpHeaders.java | 4 ++--
 .../java/org/springframework/http/HttpHeadersTests.java     | 6 ++++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/spring-web/src/main/java/org/springframework/http/HttpHeaders.java b/spring-web/src/main/java/org/springframework/http/HttpHeaders.java
index 635453ab834d..527d43e3a8cd 100644
--- a/spring-web/src/main/java/org/springframework/http/HttpHeaders.java
+++ b/spring-web/src/main/java/org/springframework/http/HttpHeaders.java
@@ -1073,8 +1073,8 @@ public long getDate() {
 	 */
 	public void setETag(@Nullable String etag) {
 		if (etag != null) {
-			Assert.isTrue(etag.startsWith("\"") || etag.startsWith("W/"),
-					"Invalid ETag: does not start with W/ or \"");
+			Assert.isTrue(etag.startsWith("\"") || etag.startsWith("W/\""),
+					"Invalid ETag: does not start with W/\" or \"");
 			Assert.isTrue(etag.endsWith("\""), "Invalid ETag: does not end with \"");
 			set(ETAG, etag);
 		}
diff --git a/spring-web/src/test/java/org/springframework/http/HttpHeadersTests.java b/spring-web/src/test/java/org/springframework/http/HttpHeadersTests.java
index 519a6c9d7834..bbff2ebfcc0b 100644
--- a/spring-web/src/test/java/org/springframework/http/HttpHeadersTests.java
+++ b/spring-web/src/test/java/org/springframework/http/HttpHeadersTests.java
@@ -219,6 +219,12 @@ void illegalETag() {
 		assertThatIllegalArgumentException().isThrownBy(() -> headers.setETag(eTag));
 	}
 
+	@Test
+	void illegalETagWithoutQuoteAfterWSlash() {
+		String etag = "W/v2.6\"";
+		assertThatIllegalArgumentException().as("Invalid Weak ETag").isThrownBy(() -> headers.setETag(etag));
+	}
+
 	@Test
 	void ifMatch() {
 		String ifMatch = "\"v2.6\"";