OFBiz OFBiz - Commits

[ofbiz-framework] branch trunk updated: Improved: Improve description encoding in 2 classes: MacroFormRenderer and renderableFtlFormElementsBuilder (OFBIZ-12159)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
jleroux@apache.org
Reply | Threaded
Open this post in threaded view
|

[ofbiz-framework] branch trunk updated: Improved: Improve description encoding in 2 classes: MacroFormRenderer and renderableFtlFormElementsBuilder (OFBIZ-12159)

jleroux@apache.org
This is an automated email from the ASF dual-hosted git repository.

jleroux pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git


The following commit(s) were added to refs/heads/trunk by this push:
     new c54dced  Improved: Improve description encoding in 2 classes: MacroFormRenderer and renderableFtlFormElementsBuilder  (OFBIZ-12159)
c54dced is described below

commit c54dced51c92e511d8112546e7117fdfe4c6f652
Author: Jacques Le Roux <[hidden email]>
AuthorDate: Sat Jan 23 18:18:16 2021 +0100

    Improved: Improve description encoding in 2 classes: MacroFormRenderer and renderableFtlFormElementsBuilder  (OFBIZ-12159)
   
    Concern MacroFormRenderer::makeHyperlinkByType and renderableFtlFormElementsBuilder::encode
    I'm not sure it's useful but it's harmless
---
 .../widget/renderer/macro/MacroFormRenderer.java   | 17 ++++++++---
 .../macro/RenderableFtlFormElementsBuilder.java    | 35 +++++++++++-----------
 2 files changed, 31 insertions(+), 21 deletions(-)

diff --git a/framework/widget/src/main/java/org/apache/ofbiz/widget/renderer/macro/MacroFormRenderer.java b/framework/widget/src/main/java/org/apache/ofbiz/widget/renderer/macro/MacroFormRenderer.java
index c1bbb64..27eb9f1 100644
--- a/framework/widget/src/main/java/org/apache/ofbiz/widget/renderer/macro/MacroFormRenderer.java
+++ b/framework/widget/src/main/java/org/apache/ofbiz/widget/renderer/macro/MacroFormRenderer.java
@@ -38,6 +38,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
+import org.apache.commons.text.StringEscapeUtils;
 import org.apache.ofbiz.base.util.Debug;
 import org.apache.ofbiz.base.util.StringUtil;
 import org.apache.ofbiz.base.util.UtilCodec;
@@ -90,13 +91,12 @@ import org.apache.ofbiz.widget.renderer.FormStringRenderer;
 import org.apache.ofbiz.widget.renderer.Paginator;
 import org.apache.ofbiz.widget.renderer.UtilHelpText;
 import org.apache.ofbiz.widget.renderer.VisualTheme;
+import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtl;
+import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtlMacroCall;
 import org.jsoup.nodes.Element;
 
 import com.ibm.icu.util.Calendar;
 
-import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtlMacroCall;
-import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtl;
-
 /**
  * Widget Library - Form Renderer implementation based on Freemarker macros
  */
@@ -3017,7 +3017,16 @@ public final class MacroFormRenderer implements FormStringRenderer {
             String> parameterMap, String description, String targetWindow, String confirmation, ModelFormField modelFormField,
             HttpServletRequest request, HttpServletResponse response, Map<String, Object> context) throws IOException {
         String realLinkType = WidgetWorker.determineAutoLinkType(linkType, target, targetType, request);
-        String encodedDescription = internalEncoder.encode(description);
+        UtilCodec.SimpleEncoder simpleEncoder = null;
+        String encodedDescription = null;
+        if (description.equals(StringEscapeUtils.unescapeEcmaScript(StringEscapeUtils.unescapeHtml4(description)))) {
+            simpleEncoder = (UtilCodec.SimpleEncoder) context.get("simpleEncoder");
+        } else {
+            simpleEncoder = UtilCodec.getEncoder("string");
+        }
+        if (simpleEncoder != null) {
+            encodedDescription = simpleEncoder.encode(description);
+        }
         // get the parameterized pagination index and size fields
         int paginatorNumber = WidgetWorker.getPaginatorNumber(context);
         ModelForm modelForm = modelFormField.getModelForm();
diff --git a/framework/widget/src/main/java/org/apache/ofbiz/widget/renderer/macro/RenderableFtlFormElementsBuilder.java b/framework/widget/src/main/java/org/apache/ofbiz/widget/renderer/macro/RenderableFtlFormElementsBuilder.java
index a2a5402..30cb6fe 100644
--- a/framework/widget/src/main/java/org/apache/ofbiz/widget/renderer/macro/RenderableFtlFormElementsBuilder.java
+++ b/framework/widget/src/main/java/org/apache/ofbiz/widget/renderer/macro/RenderableFtlFormElementsBuilder.java
@@ -18,6 +18,20 @@
  *******************************************************************************/
 package org.apache.ofbiz.widget.renderer.macro;
 
+import java.io.StringWriter;
+import java.net.URI;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Set;
+import java.util.UUID;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.commons.text.StringEscapeUtils;
 import org.apache.ofbiz.base.util.Debug;
 import org.apache.ofbiz.base.util.UtilCodec;
 import org.apache.ofbiz.base.util.UtilFormatOut;
@@ -36,27 +50,15 @@ import org.apache.ofbiz.widget.model.ModelScreenWidget.Label;
 import org.apache.ofbiz.widget.model.ModelTheme;
 import org.apache.ofbiz.widget.renderer.Paginator;
 import org.apache.ofbiz.widget.renderer.VisualTheme;
-import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtlMacroCall;
 import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtl;
+import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtlMacroCall;
 import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtlMacroCall.RenderableFtlMacroCallBuilder;
+import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtlNoop;
 import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtlSequence;
 import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtlString;
-import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtlNoop;
 import org.apache.ofbiz.widget.renderer.macro.renderable.RenderableFtlString.RenderableFtlStringBuilder;
 import org.jsoup.nodes.Element;
 
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import java.io.StringWriter;
-import java.net.URI;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Locale;
-import java.util.Map;
-import java.util.Set;
-import java.util.UUID;
-
 /**
  * Creates RenderableFtl objects used to render the various elements of a form.
  */
@@ -499,7 +501,8 @@ public final class RenderableFtlFormElementsBuilder {
             return value;
         }
         UtilCodec.SimpleEncoder encoder = (UtilCodec.SimpleEncoder) context.get("simpleEncoder");
-        if (modelFormField.getEncodeOutput() && encoder != null) {
+        boolean alreadyEncoded = value.equals(StringEscapeUtils.unescapeEcmaScript(StringEscapeUtils.unescapeHtml4(value)));
+        if (modelFormField.getEncodeOutput() && encoder != null && !alreadyEncoded) {
             value = encoder.encode(value);
         } else {
             value = internalEncoder.encode(value);
@@ -584,8 +587,6 @@ public final class RenderableFtlFormElementsBuilder {
                     .build();
             setPostMultiFormRenderableFtl(wrapper, context);
         }
-
-        final Map<String, Object> wholeFormContext = UtilGenerics.cast(context.get("wholeFormContext"));
     }
 
     private RenderableFtl getPostMultiFormRenderableFtl(final Map<String, Object> context) {

Free forum by Nabble Edit this page