Re: svn commit: r744418 - in /ofbiz/trunk/framework: base/src/org/ofbiz/base/util/ service/src/org/ofbiz/service/
Locked
Re: svn commit: r744418 - in /ofbiz/trunk/framework: base/src/org/ofbiz/base/util/ service/src/org/ofbiz/service/
 
Administrator
|
This seems to break forms with enctype="multipart/form-data" (15 in OFBiz). Try for instance to upload an image for a product. If
you revert this commit it works again. Jacques From: <[hidden email]> > Author: jonesde > Date: Sat Feb 14 08:17:05 2009 > New Revision: 744418 > > URL: http://svn.apache.org/viewvc?rev=744418&view=rev > Log: > Changed LoginWorker.makeLoginUrl back to returning a String and implemented a more general solution for the @ofbizUrl and > @ofbizContentUrl tags so that they do decoding and are now tolerant of encoded URLs just in case it happens; this should be a more > general fix and avoid the problem more; also a few cleanups like resolving warnings > > Modified: > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/KeyStoreUtil.java > ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/GenericEngineFactory.java > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizUrlTransform.java > > Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/KeyStoreUtil.java > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/src/org/ofbiz/base/util/KeyStoreUtil.java?rev=744418&r1=744417&r2=744418&view=diff > ============================================================================== > --- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/KeyStoreUtil.java (original) > +++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/KeyStoreUtil.java Sat Feb 14 08:17:05 2009 > @@ -18,25 +18,41 @@ > *******************************************************************************/ > package org.ofbiz.base.util; > > -import org.apache.commons.codec.binary.Base64; > -import org.ofbiz.base.component.ComponentConfig; > -import org.ofbiz.base.config.GenericConfigException; > - > -import java.io.*; > +import java.io.BufferedReader; > +import java.io.ByteArrayInputStream; > +import java.io.ByteArrayOutputStream; > +import java.io.File; > +import java.io.FileInputStream; > +import java.io.FileOutputStream; > +import java.io.IOException; > +import java.io.InputStream; > +import java.io.InputStreamReader; > +import java.io.PrintStream; > +import java.io.Reader; > +import java.io.StringReader; > import java.net.URL; > -import java.security.*; > -import java.security.cert.*; > +import java.security.GeneralSecurityException; > +import java.security.KeyFactory; > +import java.security.KeyStore; > +import java.security.KeyStoreException; > +import java.security.NoSuchAlgorithmException; > +import java.security.Principal; > +import java.security.PrivateKey; > import java.security.cert.Certificate; > +import java.security.cert.CertificateEncodingException; > +import java.security.cert.CertificateException; > +import java.security.cert.CertificateFactory; > +import java.security.cert.X509Certificate; > import java.security.spec.InvalidKeySpecException; > import java.security.spec.PKCS8EncodedKeySpec; > import java.util.Collection; > import java.util.Map; > -import java.util.regex.Pattern; > -import java.util.regex.Matcher; > > import javolution.util.FastMap; > > -import javax.security.auth.x500.X500Principal; > +import org.apache.commons.codec.binary.Base64; > +import org.ofbiz.base.component.ComponentConfig; > +import org.ofbiz.base.config.GenericConfigException; > > /** > * KeyStoreUtil - Utilities for getting KeyManagers and TrustManagers > > Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/GenericEngineFactory.java > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/GenericEngineFactory.java?rev=744418&r1=744417&r2=744418&view=diff > ============================================================================== > --- ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/GenericEngineFactory.java (original) > +++ ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/GenericEngineFactory.java Sat Feb 14 08:17:05 2009 > @@ -59,7 +59,7 @@ > Element engineElement = UtilXml.firstChildElement(rootElement, "engine", "name", engineName); > > if (engineElement == null) { > - throw new GenericServiceException("Cannot find an engine definition for the engine name [" + engineName + "] in the > serviceengine.xml file"); > + throw new GenericServiceException("Cannot find a service engine definition for the engine name [" + engineName + "] > in the serviceengine.xml file"); > } > > String className = engineElement.getAttribute("class"); > > Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=744418&r1=744417&r2=744418&view=diff > ============================================================================== > --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java (original) > +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java Sat Feb 14 08:17:05 2009 > @@ -27,7 +27,6 @@ > import java.util.regex.Matcher; > import java.util.regex.Pattern; > > -import javax.security.auth.x500.X500Principal; > import javax.servlet.ServletContext; > import javax.servlet.http.Cookie; > import javax.servlet.http.HttpServletRequest; > @@ -43,13 +42,11 @@ > import org.ofbiz.base.util.Debug; > import org.ofbiz.base.util.GeneralException; > import org.ofbiz.base.util.KeyStoreUtil; > -import org.ofbiz.base.util.StringUtil; > import org.ofbiz.base.util.UtilFormatOut; > import org.ofbiz.base.util.UtilHttp; > import org.ofbiz.base.util.UtilMisc; > import org.ofbiz.base.util.UtilProperties; > import org.ofbiz.base.util.UtilValidate; > -import org.ofbiz.base.util.StringUtil.StringWrapper; > import org.ofbiz.common.login.LoginServices; > import org.ofbiz.entity.GenericDelegator; > import org.ofbiz.entity.GenericEntityException; > @@ -81,25 +78,25 @@ > /** This Map is keyed by the randomly generated externalLoginKey and the value is a UserLogin GenericValue object */ > public static Map<String, GenericValue> externalLoginKeys = FastMap.newInstance(); > > - public static StringWrapper makeLoginUrl(PageContext pageContext) { > + public static String makeLoginUrl(PageContext pageContext) { > return makeLoginUrl(pageContext, "checkLogin"); > } > > - public static StringWrapper makeLoginUrl(HttpServletRequest request) { > + public static String makeLoginUrl(HttpServletRequest request) { > return makeLoginUrl(request, "checkLogin"); > } > > - public static StringWrapper makeLoginUrl(PageContext pageContext, String requestName) { > + public static String makeLoginUrl(PageContext pageContext, String requestName) { > return makeLoginUrl((HttpServletRequest) pageContext.getRequest(), requestName); > } > - public static StringWrapper makeLoginUrl(HttpServletRequest request, String requestName) { > + public static String makeLoginUrl(HttpServletRequest request, String requestName) { > Map<String, Object> urlParams = UtilHttp.getUrlOnlyParameterMap(request); > String queryString = UtilHttp.urlEncodeArgs(urlParams, false); > String currentView = UtilFormatOut.checkNull((String) request.getAttribute("_CURRENT_VIEW_")); > > String loginUrl = "/" + requestName; > if ("login".equals(currentView)) { > - return StringUtil.wrapString(loginUrl); > + return loginUrl; > } > if (UtilValidate.isNotEmpty(currentView)) { > loginUrl += "/" + currentView; > @@ -108,7 +105,8 @@ > loginUrl += "?" + queryString; > } > > - return StringUtil.wrapString(loginUrl); > + //return StringUtil.wrapString(loginUrl); > + return loginUrl; > } > > /** > @@ -360,7 +358,7 @@ > String errMsg = UtilProperties.getMessage(resourceWebapp, "loginevents.following_error_occurred_during_login", > messageMap, UtilHttp.getLocale(request)); > request.setAttribute("_ERROR_MESSAGE_", errMsg); > } > - request.setAttribute("_ERROR_MESSAGE_LIST_", (List) result.get(ModelService.ERROR_MESSAGE_LIST)); > + request.setAttribute("_ERROR_MESSAGE_LIST_", result.get(ModelService.ERROR_MESSAGE_LIST)); > return "error"; > } else { > password = request.getParameter("newPassword"); > @@ -720,10 +718,10 @@ > String userLoginId = null; > > for (int i = 0; i < clientCerts.length; i++) { > - X500Principal x500 = clientCerts[i].getSubjectX500Principal(); > + //X500Principal x500 = clientCerts[i].getSubjectX500Principal(); > //Debug.log("Checking client certification for authentication: " + x500.getName(), module); > > - Map x500Map = KeyStoreUtil.getCertX500Map(clientCerts[i]); > + Map<String, String> x500Map = KeyStoreUtil.getCertX500Map(clientCerts[i]); > if (i == 0) { > String cn = (String) x500Map.get("CN"); > cn = cn.replaceAll("\\\\", ""); > @@ -765,7 +763,7 @@ > return "success"; > } > > - protected static boolean checkValidIssuer(GenericDelegator delegator, Map x500Map, BigInteger serialNumber) throws > GeneralException { > + protected static boolean checkValidIssuer(GenericDelegator delegator, Map<String, String> x500Map, BigInteger serialNumber) > throws GeneralException { > List<EntityCondition> conds = FastList.newInstance(); > conds.add(EntityCondition.makeCondition(EntityOperator.OR, EntityCondition.makeConditionMap("commonName", > x500Map.get("CN")), > EntityCondition.makeConditionMap("commonName", null), > > Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java?rev=744418&r1=744417&r2=744418&view=diff > ============================================================================== > --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java (original) > +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java Sat Feb 14 08:17:05 2009 > @@ -24,7 +24,10 @@ > > import javax.servlet.http.HttpServletRequest; > > +import org.ofbiz.base.util.Debug; > +import org.ofbiz.base.util.StringUtil; > import org.ofbiz.webapp.taglib.ContentUrlTag; > +import org.owasp.esapi.errors.EncodingException; > > import freemarker.core.Environment; > import freemarker.ext.beans.BeanModel; > @@ -36,35 +39,45 @@ > */ > public class OfbizContentTransform implements TemplateTransformModel { > > - public Writer getWriter(final Writer out, Map args) { > - final StringBuilder buf = new StringBuilder(); > - return new Writer(out) { > - public void write(char cbuf[], int off, int len) { > - buf.append(cbuf, off, len); > - } > - > - public void flush() throws IOException { > - out.flush(); > - } > - > - public void close() throws IOException { > - try { > - Environment env = Environment.getCurrentEnvironment(); > - BeanModel req = (BeanModel)env.getVariable("request"); > - HttpServletRequest request = req == null ? null : (HttpServletRequest) req.getWrappedObject(); > - > - // make the link > - StringBuffer newURL = new StringBuffer(); > - ContentUrlTag.appendContentPrefix(request, newURL); > - if (newURL.length() > 0 && newURL.charAt(newURL.length() - 1) != '/' && buf.charAt(0) != '/') { > - newURL.append('/'); > - } > - newURL.append(buf.toString()); > - out.write(newURL.toString()); > - } catch (TemplateModelException e) { > - throw new IOException(e.getMessage()); > + public final static String module = OfbizUrlTransform.class.getName(); > + > + public Writer getWriter(final Writer out, Map args) { > + final StringBuilder buf = new StringBuilder(); > + return new Writer(out) { > + public void write(char cbuf[], int off, int len) { > + buf.append(cbuf, off, len); > + } > + > + public void flush() throws IOException { > + out.flush(); > + } > + > + public void close() throws IOException { > + try { > + Environment env = Environment.getCurrentEnvironment(); > + BeanModel req = (BeanModel)env.getVariable("request"); > + HttpServletRequest request = req == null ? null : (HttpServletRequest) req.getWrappedObject(); > + > + String requestUrl = buf.toString(); > + // just in case the request is encoded, decode before making the link > + try { > + requestUrl = StringUtil.defaultWebEncoder.decodeFromURL(requestUrl); > + } catch (EncodingException e) { > + Debug.logError(e, "Error decoding URL string [" + requestUrl + "]: " + e.toString(), module); > + } > + > + // make the link > + StringBuffer newURL = new StringBuffer(); > + ContentUrlTag.appendContentPrefix(request, newURL); > + if (newURL.length() > 0 && newURL.charAt(newURL.length() - 1) != '/' && requestUrl.charAt(0) != '/') { > + newURL.append('/'); > } > + newURL.append(requestUrl); > + out.write(newURL.toString()); > + } catch (TemplateModelException e) { > + throw new IOException(e.getMessage()); > } > - }; > - } > + } > + }; > } > +} > > Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizUrlTransform.java > URL: > http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizUrlTransform.java?rev=744418&r1=744417&r2=744418&view=diff > ============================================================================== > --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizUrlTransform.java (original) > +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizUrlTransform.java Sat Feb 14 08:17:05 2009 > @@ -21,10 +21,16 @@ > import java.io.IOException; > import java.io.Writer; > import java.util.Map; > + > import javax.servlet.ServletContext; > import javax.servlet.http.HttpServletRequest; > import javax.servlet.http.HttpServletResponse; > > +import org.ofbiz.base.util.Debug; > +import org.ofbiz.base.util.StringUtil; > +import org.ofbiz.webapp.control.RequestHandler; > +import org.owasp.esapi.errors.EncodingException; > + > import freemarker.core.Environment; > import freemarker.ext.beans.BeanModel; > import freemarker.template.SimpleScalar; > @@ -32,12 +38,12 @@ > import freemarker.template.TemplateScalarModel; > import freemarker.template.TemplateTransformModel; > > -import org.ofbiz.webapp.control.RequestHandler; > - > /** > * OfbizUrlTransform - Freemarker Transform for URLs (links) > */ > public class OfbizUrlTransform implements TemplateTransformModel { > + > + public final static String module = OfbizUrlTransform.class.getName(); > > public boolean checkArg(Map args, String key, boolean defaultValue) { > if (!args.containsKey(key)) { > @@ -80,10 +86,18 @@ > if (res != null) { > response = (HttpServletResponse) res.getWrappedObject(); > } > - > + > + String requestUrl = buf.toString(); > + // just in case the request is encoded, decode before making the link > + try { > + requestUrl = StringUtil.defaultWebEncoder.decodeFromURL(requestUrl); > + } catch (EncodingException e) { > + Debug.logError(e, "Error decoding URL string [" + requestUrl + "]: " + e.toString(), module); > + } > + > // make the link > RequestHandler rh = (RequestHandler) ctx.getAttribute("_REQUEST_HANDLER_"); > - out.write(rh.makeLink(request, response, buf.toString(), fullPath, secure, encode)); > + out.write(rh.makeLink(request, response, requestUrl, fullPath, secure, encode)); > } else if (prefix != null) { > if (prefix instanceof TemplateScalarModel) { > TemplateScalarModel s = (TemplateScalarModel) prefix; > > |
Re: svn commit: r744418 - in /ofbiz/trunk/framework: base/src/org/ofbiz/base/util/ service/src/org/ofbiz/service/
|
Do you have a more specific example that didn't work for you, and what sort of message or other sign of failure you got? I tried uploading an image on the Catalog Manager Product->Content tab: https://localhost:8443/catalog/control/EditProductContent?productId=WG-1111 which successfully went to this URL and uploaded the image fine: https://localhost:8443/catalog/control/UploadProductImage?productId=WG-1111&upload_file_type=medium Thanks, -David On Feb 14, 2009, at 4:54 AM, Jacques Le Roux wrote: > This seems to break forms with enctype="multipart/form-data" (15 in > OFBiz). Try for instance to upload an image for a product. If you > revert this commit it works again. > > Jacques > > From: <[hidden email]> >> Author: jonesde >> Date: Sat Feb 14 08:17:05 2009 >> New Revision: 744418 >> >> URL: http://svn.apache.org/viewvc?rev=744418&view=rev >> Log: >> Changed LoginWorker.makeLoginUrl back to returning a String and >> implemented a more general solution for the @ofbizUrl and >> @ofbizContentUrl tags so that they do decoding and are now tolerant >> of encoded URLs just in case it happens; this should be a more >> general fix and avoid the problem more; also a few cleanups like >> resolving warnings >> >> Modified: >> ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ >> KeyStoreUtil.java >> ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/ >> GenericEngineFactory.java >> ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ >> LoginWorker.java >> ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >> OfbizContentTransform.java >> ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >> OfbizUrlTransform.java >> >> Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ >> KeyStoreUtil.java >> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/src/org/ofbiz/base/util/KeyStoreUtil.java?rev=744418&r1=744417&r2=744418&view=diff >> = >> = >> = >> = >> = >> = >> = >> = >> = >> ===================================================================== >> --- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ >> KeyStoreUtil.java (original) >> +++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ >> KeyStoreUtil.java Sat Feb 14 08:17:05 2009 >> @@ -18,25 +18,41 @@ >> *******************************************************************************/ >> package org.ofbiz.base.util; >> >> -import org.apache.commons.codec.binary.Base64; >> -import org.ofbiz.base.component.ComponentConfig; >> -import org.ofbiz.base.config.GenericConfigException; >> - >> -import java.io.*; >> +import java.io.BufferedReader; >> +import java.io.ByteArrayInputStream; >> +import java.io.ByteArrayOutputStream; >> +import java.io.File; >> +import java.io.FileInputStream; >> +import java.io.FileOutputStream; >> +import java.io.IOException; >> +import java.io.InputStream; >> +import java.io.InputStreamReader; >> +import java.io.PrintStream; >> +import java.io.Reader; >> +import java.io.StringReader; >> import java.net.URL; >> -import java.security.*; >> -import java.security.cert.*; >> +import java.security.GeneralSecurityException; >> +import java.security.KeyFactory; >> +import java.security.KeyStore; >> +import java.security.KeyStoreException; >> +import java.security.NoSuchAlgorithmException; >> +import java.security.Principal; >> +import java.security.PrivateKey; >> import java.security.cert.Certificate; >> +import java.security.cert.CertificateEncodingException; >> +import java.security.cert.CertificateException; >> +import java.security.cert.CertificateFactory; >> +import java.security.cert.X509Certificate; >> import java.security.spec.InvalidKeySpecException; >> import java.security.spec.PKCS8EncodedKeySpec; >> import java.util.Collection; >> import java.util.Map; >> -import java.util.regex.Pattern; >> -import java.util.regex.Matcher; >> >> import javolution.util.FastMap; >> >> -import javax.security.auth.x500.X500Principal; >> +import org.apache.commons.codec.binary.Base64; >> +import org.ofbiz.base.component.ComponentConfig; >> +import org.ofbiz.base.config.GenericConfigException; >> >> /** >> * KeyStoreUtil - Utilities for getting KeyManagers and TrustManagers >> >> Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/ >> engine/GenericEngineFactory.java >> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/GenericEngineFactory.java?rev=744418&r1=744417&r2=744418&view=diff >> = >> = >> = >> = >> = >> = >> = >> = >> = >> ===================================================================== >> --- ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/ >> GenericEngineFactory.java (original) >> +++ ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/ >> GenericEngineFactory.java Sat Feb 14 08:17:05 2009 >> @@ -59,7 +59,7 @@ >> Element engineElement = >> UtilXml.firstChildElement(rootElement, "engine", "name", engineName); >> >> if (engineElement == null) { >> - throw new GenericServiceException("Cannot find an >> engine definition for the engine name [" + engineName + "] in the >> serviceengine.xml file"); >> + throw new GenericServiceException("Cannot find a >> service engine definition for the engine name [" + engineName + "] >> in the serviceengine.xml file"); >> } >> >> String className = engineElement.getAttribute("class"); >> >> Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ >> LoginWorker.java >> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=744418&r1=744417&r2=744418&view=diff >> = >> = >> = >> = >> = >> = >> = >> = >> = >> ===================================================================== >> --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ >> LoginWorker.java (original) >> +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ >> LoginWorker.java Sat Feb 14 08:17:05 2009 >> @@ -27,7 +27,6 @@ >> import java.util.regex.Matcher; >> import java.util.regex.Pattern; >> >> -import javax.security.auth.x500.X500Principal; >> import javax.servlet.ServletContext; >> import javax.servlet.http.Cookie; >> import javax.servlet.http.HttpServletRequest; >> @@ -43,13 +42,11 @@ >> import org.ofbiz.base.util.Debug; >> import org.ofbiz.base.util.GeneralException; >> import org.ofbiz.base.util.KeyStoreUtil; >> -import org.ofbiz.base.util.StringUtil; >> import org.ofbiz.base.util.UtilFormatOut; >> import org.ofbiz.base.util.UtilHttp; >> import org.ofbiz.base.util.UtilMisc; >> import org.ofbiz.base.util.UtilProperties; >> import org.ofbiz.base.util.UtilValidate; >> -import org.ofbiz.base.util.StringUtil.StringWrapper; >> import org.ofbiz.common.login.LoginServices; >> import org.ofbiz.entity.GenericDelegator; >> import org.ofbiz.entity.GenericEntityException; >> @@ -81,25 +78,25 @@ >> /** This Map is keyed by the randomly generated externalLoginKey >> and the value is a UserLogin GenericValue object */ >> public static Map<String, GenericValue> externalLoginKeys = >> FastMap.newInstance(); >> >> - public static StringWrapper makeLoginUrl(PageContext >> pageContext) { >> + public static String makeLoginUrl(PageContext pageContext) { >> return makeLoginUrl(pageContext, "checkLogin"); >> } >> >> - public static StringWrapper makeLoginUrl(HttpServletRequest >> request) { >> + public static String makeLoginUrl(HttpServletRequest request) { >> return makeLoginUrl(request, "checkLogin"); >> } >> >> - public static StringWrapper makeLoginUrl(PageContext >> pageContext, String requestName) { >> + public static String makeLoginUrl(PageContext pageContext, >> String requestName) { >> return makeLoginUrl((HttpServletRequest) >> pageContext.getRequest(), requestName); >> } >> - public static StringWrapper makeLoginUrl(HttpServletRequest >> request, String requestName) { >> + public static String makeLoginUrl(HttpServletRequest request, >> String requestName) { >> Map<String, Object> urlParams = >> UtilHttp.getUrlOnlyParameterMap(request); >> String queryString = UtilHttp.urlEncodeArgs(urlParams, false); >> String currentView = UtilFormatOut.checkNull((String) >> request.getAttribute("_CURRENT_VIEW_")); >> >> String loginUrl = "/" + requestName; >> if ("login".equals(currentView)) { >> - return StringUtil.wrapString(loginUrl); >> + return loginUrl; >> } >> if (UtilValidate.isNotEmpty(currentView)) { >> loginUrl += "/" + currentView; >> @@ -108,7 +105,8 @@ >> loginUrl += "?" + queryString; >> } >> >> - return StringUtil.wrapString(loginUrl); >> + //return StringUtil.wrapString(loginUrl); >> + return loginUrl; >> } >> >> /** >> @@ -360,7 +358,7 @@ >> String errMsg = >> UtilProperties.getMessage(resourceWebapp, >> "loginevents.following_error_occurred_during_login", messageMap, >> UtilHttp.getLocale(request)); >> request.setAttribute("_ERROR_MESSAGE_", errMsg); >> } >> - request.setAttribute("_ERROR_MESSAGE_LIST_", >> (List) result.get(ModelService.ERROR_MESSAGE_LIST)); >> + request.setAttribute("_ERROR_MESSAGE_LIST_", >> result.get(ModelService.ERROR_MESSAGE_LIST)); >> return "error"; >> } else { >> password = request.getParameter("newPassword"); >> @@ -720,10 +718,10 @@ >> String userLoginId = null; >> >> for (int i = 0; i < clientCerts.length; i++) { >> - X500Principal x500 = >> clientCerts[i].getSubjectX500Principal(); >> + //X500Principal x500 = >> clientCerts[i].getSubjectX500Principal(); >> //Debug.log("Checking client certification >> for authentication: " + x500.getName(), module); >> >> - Map x500Map = >> KeyStoreUtil.getCertX500Map(clientCerts[i]); >> + Map<String, String> x500Map = >> KeyStoreUtil.getCertX500Map(clientCerts[i]); >> if (i == 0) { >> String cn = (String) x500Map.get("CN"); >> cn = cn.replaceAll("\\\\", ""); >> @@ -765,7 +763,7 @@ >> return "success"; >> } >> >> - protected static boolean checkValidIssuer(GenericDelegator >> delegator, Map x500Map, BigInteger serialNumber) throws >> GeneralException { >> + protected static boolean checkValidIssuer(GenericDelegator >> delegator, Map<String, String> x500Map, BigInteger serialNumber) >> throws GeneralException { >> List<EntityCondition> conds = FastList.newInstance(); >> conds.add(EntityCondition.makeCondition(EntityOperator.OR, >> EntityCondition.makeConditionMap("commonName", x500Map.get("CN")), >> EntityCondition.makeConditionMap("commonName", null), >> >> Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >> OfbizContentTransform.java >> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java?rev=744418&r1=744417&r2=744418&view=diff >> = >> = >> = >> = >> = >> = >> = >> = >> = >> ===================================================================== >> --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >> OfbizContentTransform.java (original) >> +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >> OfbizContentTransform.java Sat Feb 14 08:17:05 2009 >> @@ -24,7 +24,10 @@ >> >> import javax.servlet.http.HttpServletRequest; >> >> +import org.ofbiz.base.util.Debug; >> +import org.ofbiz.base.util.StringUtil; >> import org.ofbiz.webapp.taglib.ContentUrlTag; >> +import org.owasp.esapi.errors.EncodingException; >> >> import freemarker.core.Environment; >> import freemarker.ext.beans.BeanModel; >> @@ -36,35 +39,45 @@ >> */ >> public class OfbizContentTransform implements >> TemplateTransformModel { >> >> - public Writer getWriter(final Writer out, Map args) { >> - final StringBuilder buf = new StringBuilder(); >> - return new Writer(out) { >> - public void write(char cbuf[], int off, int len) { >> - buf.append(cbuf, off, len); >> - } >> - >> - public void flush() throws IOException { >> - out.flush(); >> - } >> - >> - public void close() throws IOException { >> - try { >> - Environment env = >> Environment.getCurrentEnvironment(); >> - BeanModel req = >> (BeanModel)env.getVariable("request"); >> - HttpServletRequest request = req == null ? >> null : (HttpServletRequest) req.getWrappedObject(); >> - >> - // make the link >> - StringBuffer newURL = new StringBuffer(); >> - ContentUrlTag.appendContentPrefix(request, >> newURL); >> - if (newURL.length() > 0 && >> newURL.charAt(newURL.length() - 1) != '/' && buf.charAt(0) != '/') { >> - newURL.append('/'); >> - } >> - newURL.append(buf.toString()); >> - out.write(newURL.toString()); >> - } catch (TemplateModelException e) { >> - throw new IOException(e.getMessage()); >> + public final static String module = >> OfbizUrlTransform.class.getName(); >> + >> + public Writer getWriter(final Writer out, Map args) { >> + final StringBuilder buf = new StringBuilder(); >> + return new Writer(out) { >> + public void write(char cbuf[], int off, int len) { >> + buf.append(cbuf, off, len); >> + } >> + >> + public void flush() throws IOException { >> + out.flush(); >> + } >> + >> + public void close() throws IOException { >> + try { >> + Environment env = >> Environment.getCurrentEnvironment(); >> + BeanModel req = >> (BeanModel)env.getVariable("request"); >> + HttpServletRequest request = req == null ? >> null : (HttpServletRequest) req.getWrappedObject(); >> + >> + String requestUrl = buf.toString(); >> + // just in case the request is encoded, decode >> before making the link >> + try { >> + requestUrl = >> StringUtil.defaultWebEncoder.decodeFromURL(requestUrl); >> + } catch (EncodingException e) { >> + Debug.logError(e, "Error decoding URL >> string [" + requestUrl + "]: " + e.toString(), module); >> + } >> + >> + // make the link >> + StringBuffer newURL = new StringBuffer(); >> + ContentUrlTag.appendContentPrefix(request, >> newURL); >> + if (newURL.length() > 0 && >> newURL.charAt(newURL.length() - 1) != '/' && requestUrl.charAt(0) ! >> = '/') { >> + newURL.append('/'); >> } >> + newURL.append(requestUrl); >> + out.write(newURL.toString()); >> + } catch (TemplateModelException e) { >> + throw new IOException(e.getMessage()); >> } >> - }; >> - } >> + } >> + }; >> } >> +} >> >> Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >> OfbizUrlTransform.java >> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizUrlTransform.java?rev=744418&r1=744417&r2=744418&view=diff >> = >> = >> = >> = >> = >> = >> = >> = >> = >> ===================================================================== >> --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >> OfbizUrlTransform.java (original) >> +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >> OfbizUrlTransform.java Sat Feb 14 08:17:05 2009 >> @@ -21,10 +21,16 @@ >> import java.io.IOException; >> import java.io.Writer; >> import java.util.Map; >> + >> import javax.servlet.ServletContext; >> import javax.servlet.http.HttpServletRequest; >> import javax.servlet.http.HttpServletResponse; >> >> +import org.ofbiz.base.util.Debug; >> +import org.ofbiz.base.util.StringUtil; >> +import org.ofbiz.webapp.control.RequestHandler; >> +import org.owasp.esapi.errors.EncodingException; >> + >> import freemarker.core.Environment; >> import freemarker.ext.beans.BeanModel; >> import freemarker.template.SimpleScalar; >> @@ -32,12 +38,12 @@ >> import freemarker.template.TemplateScalarModel; >> import freemarker.template.TemplateTransformModel; >> >> -import org.ofbiz.webapp.control.RequestHandler; >> - >> /** >> * OfbizUrlTransform - Freemarker Transform for URLs (links) >> */ >> public class OfbizUrlTransform implements TemplateTransformModel { >> + >> + public final static String module = >> OfbizUrlTransform.class.getName(); >> >> public boolean checkArg(Map args, String key, boolean >> defaultValue) { >> if (!args.containsKey(key)) { >> @@ -80,10 +86,18 @@ >> if (res != null) { >> response = (HttpServletResponse) >> res.getWrappedObject(); >> } >> - >> + >> + String requestUrl = buf.toString(); >> + // just in case the request is encoded, >> decode before making the link >> + try { >> + requestUrl = >> StringUtil.defaultWebEncoder.decodeFromURL(requestUrl); >> + } catch (EncodingException e) { >> + Debug.logError(e, "Error decoding URL >> string [" + requestUrl + "]: " + e.toString(), module); >> + } >> + >> // make the link >> RequestHandler rh = (RequestHandler) >> ctx.getAttribute("_REQUEST_HANDLER_"); >> - out.write(rh.makeLink(request, response, >> buf.toString(), fullPath, secure, encode)); >> + out.write(rh.makeLink(request, response, >> requestUrl, fullPath, secure, encode)); >> } else if (prefix != null) { >> if (prefix instanceof TemplateScalarModel) { >> TemplateScalarModel s = >> (TemplateScalarModel) prefix; >> > > |
Re: svn commit: r744418 - in /ofbiz/trunk/framework: base/src/org/ofbiz/base/util/ service/src/org/ofbiz/service/
|
|
BTW, whatever problem you were running into, I am reverting this change along with some other cleanups since there is one BIG problem with it: many URL parameters are encoded in order to make it to the browser and back to the server without being interpreted as part of the URL. Once decoded there is no distinction between these characters and the ones we want in the URL string (ie normal path separators, argument separators, etc), and since those parameters are often passed through this it turns into a BAD idea! It'll be gone soon... -David On Feb 14, 2009, at 1:44 PM, David E Jones wrote: > > Do you have a more specific example that didn't work for you, and > what sort of message or other sign of failure you got? > > I tried uploading an image on the Catalog Manager Product->Content > tab: > > https://localhost:8443/catalog/control/EditProductContent?productId=WG-1111 > > which successfully went to this URL and uploaded the image fine: > > https://localhost:8443/catalog/control/UploadProductImage?productId=WG-1111&upload_file_type=medium > > Thanks, > -David > > > On Feb 14, 2009, at 4:54 AM, Jacques Le Roux wrote: > >> This seems to break forms with enctype="multipart/form-data" (15 in >> OFBiz). Try for instance to upload an image for a product. If you >> revert this commit it works again. >> >> Jacques >> >> From: <[hidden email]> >>> Author: jonesde >>> Date: Sat Feb 14 08:17:05 2009 >>> New Revision: 744418 >>> >>> URL: http://svn.apache.org/viewvc?rev=744418&view=rev >>> Log: >>> Changed LoginWorker.makeLoginUrl back to returning a String and >>> implemented a more general solution for the @ofbizUrl and >>> @ofbizContentUrl tags so that they do decoding and are now >>> tolerant of encoded URLs just in case it happens; this should be a >>> more general fix and avoid the problem more; also a few cleanups >>> like resolving warnings >>> >>> Modified: >>> ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ >>> KeyStoreUtil.java >>> ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/ >>> GenericEngineFactory.java >>> ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ >>> LoginWorker.java >>> ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >>> OfbizContentTransform.java >>> ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >>> OfbizUrlTransform.java >>> >>> Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ >>> KeyStoreUtil.java >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/src/org/ofbiz/base/util/KeyStoreUtil.java?rev=744418&r1=744417&r2=744418&view=diff >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> ==================================================================== >>> --- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ >>> KeyStoreUtil.java (original) >>> +++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ >>> KeyStoreUtil.java Sat Feb 14 08:17:05 2009 >>> @@ -18,25 +18,41 @@ >>> *******************************************************************************/ >>> package org.ofbiz.base.util; >>> >>> -import org.apache.commons.codec.binary.Base64; >>> -import org.ofbiz.base.component.ComponentConfig; >>> -import org.ofbiz.base.config.GenericConfigException; >>> - >>> -import java.io.*; >>> +import java.io.BufferedReader; >>> +import java.io.ByteArrayInputStream; >>> +import java.io.ByteArrayOutputStream; >>> +import java.io.File; >>> +import java.io.FileInputStream; >>> +import java.io.FileOutputStream; >>> +import java.io.IOException; >>> +import java.io.InputStream; >>> +import java.io.InputStreamReader; >>> +import java.io.PrintStream; >>> +import java.io.Reader; >>> +import java.io.StringReader; >>> import java.net.URL; >>> -import java.security.*; >>> -import java.security.cert.*; >>> +import java.security.GeneralSecurityException; >>> +import java.security.KeyFactory; >>> +import java.security.KeyStore; >>> +import java.security.KeyStoreException; >>> +import java.security.NoSuchAlgorithmException; >>> +import java.security.Principal; >>> +import java.security.PrivateKey; >>> import java.security.cert.Certificate; >>> +import java.security.cert.CertificateEncodingException; >>> +import java.security.cert.CertificateException; >>> +import java.security.cert.CertificateFactory; >>> +import java.security.cert.X509Certificate; >>> import java.security.spec.InvalidKeySpecException; >>> import java.security.spec.PKCS8EncodedKeySpec; >>> import java.util.Collection; >>> import java.util.Map; >>> -import java.util.regex.Pattern; >>> -import java.util.regex.Matcher; >>> >>> import javolution.util.FastMap; >>> >>> -import javax.security.auth.x500.X500Principal; >>> +import org.apache.commons.codec.binary.Base64; >>> +import org.ofbiz.base.component.ComponentConfig; >>> +import org.ofbiz.base.config.GenericConfigException; >>> >>> /** >>> * KeyStoreUtil - Utilities for getting KeyManagers and TrustManagers >>> >>> Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/ >>> engine/GenericEngineFactory.java >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/GenericEngineFactory.java?rev=744418&r1=744417&r2=744418&view=diff >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> ==================================================================== >>> --- ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/ >>> GenericEngineFactory.java (original) >>> +++ ofbiz/trunk/framework/service/src/org/ofbiz/service/engine/ >>> GenericEngineFactory.java Sat Feb 14 08:17:05 2009 >>> @@ -59,7 +59,7 @@ >>> Element engineElement = >>> UtilXml.firstChildElement(rootElement, "engine", "name", >>> engineName); >>> >>> if (engineElement == null) { >>> - throw new GenericServiceException("Cannot find an >>> engine definition for the engine name [" + engineName + "] in the >>> serviceengine.xml file"); >>> + throw new GenericServiceException("Cannot find a >>> service engine definition for the engine name [" + engineName + "] >>> in the serviceengine.xml file"); >>> } >>> >>> String className = engineElement.getAttribute("class"); >>> >>> Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ >>> control/LoginWorker.java >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/LoginWorker.java?rev=744418&r1=744417&r2=744418&view=diff >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> ==================================================================== >>> --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ >>> LoginWorker.java (original) >>> +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ >>> LoginWorker.java Sat Feb 14 08:17:05 2009 >>> @@ -27,7 +27,6 @@ >>> import java.util.regex.Matcher; >>> import java.util.regex.Pattern; >>> >>> -import javax.security.auth.x500.X500Principal; >>> import javax.servlet.ServletContext; >>> import javax.servlet.http.Cookie; >>> import javax.servlet.http.HttpServletRequest; >>> @@ -43,13 +42,11 @@ >>> import org.ofbiz.base.util.Debug; >>> import org.ofbiz.base.util.GeneralException; >>> import org.ofbiz.base.util.KeyStoreUtil; >>> -import org.ofbiz.base.util.StringUtil; >>> import org.ofbiz.base.util.UtilFormatOut; >>> import org.ofbiz.base.util.UtilHttp; >>> import org.ofbiz.base.util.UtilMisc; >>> import org.ofbiz.base.util.UtilProperties; >>> import org.ofbiz.base.util.UtilValidate; >>> -import org.ofbiz.base.util.StringUtil.StringWrapper; >>> import org.ofbiz.common.login.LoginServices; >>> import org.ofbiz.entity.GenericDelegator; >>> import org.ofbiz.entity.GenericEntityException; >>> @@ -81,25 +78,25 @@ >>> /** This Map is keyed by the randomly generated externalLoginKey >>> and the value is a UserLogin GenericValue object */ >>> public static Map<String, GenericValue> externalLoginKeys = >>> FastMap.newInstance(); >>> >>> - public static StringWrapper makeLoginUrl(PageContext >>> pageContext) { >>> + public static String makeLoginUrl(PageContext pageContext) { >>> return makeLoginUrl(pageContext, "checkLogin"); >>> } >>> >>> - public static StringWrapper makeLoginUrl(HttpServletRequest >>> request) { >>> + public static String makeLoginUrl(HttpServletRequest request) { >>> return makeLoginUrl(request, "checkLogin"); >>> } >>> >>> - public static StringWrapper makeLoginUrl(PageContext >>> pageContext, String requestName) { >>> + public static String makeLoginUrl(PageContext pageContext, >>> String requestName) { >>> return makeLoginUrl((HttpServletRequest) >>> pageContext.getRequest(), requestName); >>> } >>> - public static StringWrapper makeLoginUrl(HttpServletRequest >>> request, String requestName) { >>> + public static String makeLoginUrl(HttpServletRequest request, >>> String requestName) { >>> Map<String, Object> urlParams = >>> UtilHttp.getUrlOnlyParameterMap(request); >>> String queryString = UtilHttp.urlEncodeArgs(urlParams, false); >>> String currentView = UtilFormatOut.checkNull((String) >>> request.getAttribute("_CURRENT_VIEW_")); >>> >>> String loginUrl = "/" + requestName; >>> if ("login".equals(currentView)) { >>> - return StringUtil.wrapString(loginUrl); >>> + return loginUrl; >>> } >>> if (UtilValidate.isNotEmpty(currentView)) { >>> loginUrl += "/" + currentView; >>> @@ -108,7 +105,8 @@ >>> loginUrl += "?" + queryString; >>> } >>> >>> - return StringUtil.wrapString(loginUrl); >>> + //return StringUtil.wrapString(loginUrl); >>> + return loginUrl; >>> } >>> >>> /** >>> @@ -360,7 +358,7 @@ >>> String errMsg = >>> UtilProperties.getMessage(resourceWebapp, >>> "loginevents.following_error_occurred_during_login", messageMap, >>> UtilHttp.getLocale(request)); >>> request.setAttribute("_ERROR_MESSAGE_", errMsg); >>> } >>> - request.setAttribute("_ERROR_MESSAGE_LIST_", >>> (List) result.get(ModelService.ERROR_MESSAGE_LIST)); >>> + request.setAttribute("_ERROR_MESSAGE_LIST_", >>> result.get(ModelService.ERROR_MESSAGE_LIST)); >>> return "error"; >>> } else { >>> password = request.getParameter("newPassword"); >>> @@ -720,10 +718,10 @@ >>> String userLoginId = null; >>> >>> for (int i = 0; i < clientCerts.length; i++) { >>> - X500Principal x500 = >>> clientCerts[i].getSubjectX500Principal(); >>> + //X500Principal x500 = >>> clientCerts[i].getSubjectX500Principal(); >>> //Debug.log("Checking client certification >>> for authentication: " + x500.getName(), module); >>> >>> - Map x500Map = >>> KeyStoreUtil.getCertX500Map(clientCerts[i]); >>> + Map<String, String> x500Map = >>> KeyStoreUtil.getCertX500Map(clientCerts[i]); >>> if (i == 0) { >>> String cn = (String) x500Map.get("CN"); >>> cn = cn.replaceAll("\\\\", ""); >>> @@ -765,7 +763,7 @@ >>> return "success"; >>> } >>> >>> - protected static boolean checkValidIssuer(GenericDelegator >>> delegator, Map x500Map, BigInteger serialNumber) throws >>> GeneralException { >>> + protected static boolean checkValidIssuer(GenericDelegator >>> delegator, Map<String, String> x500Map, BigInteger serialNumber) >>> throws GeneralException { >>> List<EntityCondition> conds = FastList.newInstance(); >>> conds.add(EntityCondition.makeCondition(EntityOperator.OR, >>> EntityCondition.makeConditionMap("commonName", x500Map.get("CN")), >>> EntityCondition.makeConditionMap("commonName", null), >>> >>> Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >>> OfbizContentTransform.java >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java?rev=744418&r1=744417&r2=744418&view=diff >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> ==================================================================== >>> --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >>> OfbizContentTransform.java (original) >>> +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >>> OfbizContentTransform.java Sat Feb 14 08:17:05 2009 >>> @@ -24,7 +24,10 @@ >>> >>> import javax.servlet.http.HttpServletRequest; >>> >>> +import org.ofbiz.base.util.Debug; >>> +import org.ofbiz.base.util.StringUtil; >>> import org.ofbiz.webapp.taglib.ContentUrlTag; >>> +import org.owasp.esapi.errors.EncodingException; >>> >>> import freemarker.core.Environment; >>> import freemarker.ext.beans.BeanModel; >>> @@ -36,35 +39,45 @@ >>> */ >>> public class OfbizContentTransform implements >>> TemplateTransformModel { >>> >>> - public Writer getWriter(final Writer out, Map args) { >>> - final StringBuilder buf = new StringBuilder(); >>> - return new Writer(out) { >>> - public void write(char cbuf[], int off, int len) { >>> - buf.append(cbuf, off, len); >>> - } >>> - >>> - public void flush() throws IOException { >>> - out.flush(); >>> - } >>> - >>> - public void close() throws IOException { >>> - try { >>> - Environment env = >>> Environment.getCurrentEnvironment(); >>> - BeanModel req = >>> (BeanModel)env.getVariable("request"); >>> - HttpServletRequest request = req == >>> null ? null : (HttpServletRequest) req.getWrappedObject(); >>> - >>> - // make the link >>> - StringBuffer newURL = new StringBuffer(); >>> - >>> ContentUrlTag.appendContentPrefix(request, newURL); >>> - if (newURL.length() > 0 && >>> newURL.charAt(newURL.length() - 1) != '/' && buf.charAt(0) != '/') { >>> - newURL.append('/'); >>> - } >>> - newURL.append(buf.toString()); >>> - out.write(newURL.toString()); >>> - } catch (TemplateModelException e) { >>> - throw new IOException(e.getMessage()); >>> + public final static String module = >>> OfbizUrlTransform.class.getName(); >>> + >>> + public Writer getWriter(final Writer out, Map args) { >>> + final StringBuilder buf = new StringBuilder(); >>> + return new Writer(out) { >>> + public void write(char cbuf[], int off, int len) { >>> + buf.append(cbuf, off, len); >>> + } >>> + >>> + public void flush() throws IOException { >>> + out.flush(); >>> + } >>> + >>> + public void close() throws IOException { >>> + try { >>> + Environment env = >>> Environment.getCurrentEnvironment(); >>> + BeanModel req = >>> (BeanModel)env.getVariable("request"); >>> + HttpServletRequest request = req == null ? >>> null : (HttpServletRequest) req.getWrappedObject(); >>> + >>> + String requestUrl = buf.toString(); >>> + // just in case the request is encoded, >>> decode before making the link >>> + try { >>> + requestUrl = >>> StringUtil.defaultWebEncoder.decodeFromURL(requestUrl); >>> + } catch (EncodingException e) { >>> + Debug.logError(e, "Error decoding URL >>> string [" + requestUrl + "]: " + e.toString(), module); >>> + } >>> + >>> + // make the link >>> + StringBuffer newURL = new StringBuffer(); >>> + ContentUrlTag.appendContentPrefix(request, >>> newURL); >>> + if (newURL.length() > 0 && >>> newURL.charAt(newURL.length() - 1) != '/' && requestUrl.charAt(0) ! >>> = '/') { >>> + newURL.append('/'); >>> } >>> + newURL.append(requestUrl); >>> + out.write(newURL.toString()); >>> + } catch (TemplateModelException e) { >>> + throw new IOException(e.getMessage()); >>> } >>> - }; >>> - } >>> + } >>> + }; >>> } >>> +} >>> >>> Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >>> OfbizUrlTransform.java >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizUrlTransform.java?rev=744418&r1=744417&r2=744418&view=diff >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> = >>> ==================================================================== >>> --- ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >>> OfbizUrlTransform.java (original) >>> +++ ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ >>> OfbizUrlTransform.java Sat Feb 14 08:17:05 2009 >>> @@ -21,10 +21,16 @@ >>> import java.io.IOException; >>> import java.io.Writer; >>> import java.util.Map; >>> + >>> import javax.servlet.ServletContext; >>> import javax.servlet.http.HttpServletRequest; >>> import javax.servlet.http.HttpServletResponse; >>> >>> +import org.ofbiz.base.util.Debug; >>> +import org.ofbiz.base.util.StringUtil; >>> +import org.ofbiz.webapp.control.RequestHandler; >>> +import org.owasp.esapi.errors.EncodingException; >>> + >>> import freemarker.core.Environment; >>> import freemarker.ext.beans.BeanModel; >>> import freemarker.template.SimpleScalar; >>> @@ -32,12 +38,12 @@ >>> import freemarker.template.TemplateScalarModel; >>> import freemarker.template.TemplateTransformModel; >>> >>> -import org.ofbiz.webapp.control.RequestHandler; >>> - >>> /** >>> * OfbizUrlTransform - Freemarker Transform for URLs (links) >>> */ >>> public class OfbizUrlTransform implements TemplateTransformModel { >>> + >>> + public final static String module = >>> OfbizUrlTransform.class.getName(); >>> >>> public boolean checkArg(Map args, String key, boolean >>> defaultValue) { >>> if (!args.containsKey(key)) { >>> @@ -80,10 +86,18 @@ >>> if (res != null) { >>> response = (HttpServletResponse) >>> res.getWrappedObject(); >>> } >>> - >>> + >>> + String requestUrl = buf.toString(); >>> + // just in case the request is encoded, >>> decode before making the link >>> + try { >>> + requestUrl = >>> StringUtil.defaultWebEncoder.decodeFromURL(requestUrl); >>> + } catch (EncodingException e) { >>> + Debug.logError(e, "Error decoding URL >>> string [" + requestUrl + "]: " + e.toString(), module); >>> + } >>> + >>> // make the link >>> RequestHandler rh = (RequestHandler) >>> ctx.getAttribute("_REQUEST_HANDLER_"); >>> - out.write(rh.makeLink(request, response, >>> buf.toString(), fullPath, secure, encode)); >>> + out.write(rh.makeLink(request, response, >>> requestUrl, fullPath, secure, encode)); >>> } else if (prefix != null) { >>> if (prefix instanceof TemplateScalarModel) { >>> TemplateScalarModel s = >>> (TemplateScalarModel) prefix; >>> >> >> > |
«
Return to OFBiz - Dev
|
1 view|%1 views
| Free forum by Nabble | Edit this page |