This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release17.12
in repository
https://gitbox.apache.org/repos/asf/ofbiz-framework.gitThe following commit(s) were added to refs/heads/release17.12 by this push:
new 78cb314 Improved: Implemented: Documented: Completed: Reverted: Fixed:
78cb314 is described below
commit 78cb3140663c855b02487adf17a6b973317853f1
Author: Jacques Le Roux <
[hidden email]>
AuthorDate: Mon May 18 15:26:15 2020 +0200
Improved:
Implemented:
Documented:
Completed:
Reverted:
Fixed:
(OFBIZ-)
Explanation
Thanks:
---
.../ofbiz/base/util/template/FreeMarkerWorker.java | 26 +++++++++++++---------
1 file changed, 16 insertions(+), 10 deletions(-)
diff --git a/framework/base/src/main/java/org/apache/ofbiz/base/util/template/FreeMarkerWorker.java b/framework/base/src/main/java/org/apache/ofbiz/base/util/template/FreeMarkerWorker.java
index 814031a..f6b7222 100644
--- a/framework/base/src/main/java/org/apache/ofbiz/base/util/template/FreeMarkerWorker.java
+++ b/framework/base/src/main/java/org/apache/ofbiz/base/util/template/FreeMarkerWorker.java
@@ -63,7 +63,6 @@ import freemarker.template.TemplateHashModel;
import freemarker.template.TemplateModel;
import freemarker.template.TemplateModelException;
import freemarker.template.Version;
-import freemarker.template.utility.ClassUtil;
/**
* FreeMarkerWorker - Freemarker Template Engine Utilities.
@@ -110,21 +109,28 @@ public final class FreeMarkerWorker {
newConfig.setAutoImports(freemarkerImports);
}
newConfig.setLogTemplateExceptions(false);
- String templateClassResolver = UtilProperties.getPropertyValue("security", "templateClassResolver",
- "SAFER_RESOLVER");
+ newConfig.setTemplateExceptionHandler(new FreeMarkerWorker.OFBizTemplateExceptionHandler());
try {
- newConfig.setNewBuiltinClassResolver((TemplateClassResolver)
- ClassUtil.forName("freemarker.core.TemplateClassResolver" + templateClassResolver)
- .cast(templateClassResolver));
- } catch (ClassNotFoundException e) {
- Debug.logError("No TemplateClassResolver." + templateClassResolver, module);
- } try {
newConfig.setSetting("datetime_format", "yyyy-MM-dd HH:mm:ss.SSS");
newConfig.setSetting("number_format", "0.##########");
} catch (TemplateException e) {
Debug.logError("Unable to set date/time and number formats in FreeMarker: " + e, module);
}
- newConfig.setNewBuiltinClassResolver(TemplateClassResolver.SAFER_RESOLVER);
+ String templateClassResolver = UtilProperties.getPropertyValue("security", "templateClassResolver", "SAFER_RESOLVER");
+ switch (templateClassResolver) {
+ case "UNRESTRICTED_RESOLVER":
+ newConfig.setNewBuiltinClassResolver(TemplateClassResolver.UNRESTRICTED_RESOLVER);
+ break;
+ case "SAFER_RESOLVER":
+ newConfig.setNewBuiltinClassResolver(TemplateClassResolver.SAFER_RESOLVER);
+ break;
+ case "ALLOWS_NOTHING_RESOLVER":
+ newConfig.setNewBuiltinClassResolver(TemplateClassResolver.ALLOWS_NOTHING_RESOLVER);
+ break;
+ default:
+ Debug.logError("Not a TemplateClassResolver.", module);
+ break;
+ }
// Transforms properties file set up as key=transform name, property=transform class name
ClassLoader loader = Thread.currentThread().getContextClassLoader();
Enumeration<URL> resources;
Locked
