svn commit: r1784762 - in /ofbiz/branches/release16.11: ./ framework/webapp/config/ framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

svn commit: r1784762 - in /ofbiz/branches/release16.11: ./ framework/webapp/config/ framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/ framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/

jleroux@apache.org
Author: jleroux
Date: Tue Feb 28 15:38:15 2017
New Revision: 1784762

URL: http://svn.apache.org/viewvc?rev=1784762&view=rev
Log:
"Applied fix from trunk framework for revision: 1784760  "
------------------------------------------------------------------------
r1784760 | jleroux | 2017-02-28 16:36:42 +0100 (mar. 28 févr. 2017) | 33 lignes

Reverts revisions 1784558, 1784555, 1784549
No functional change, cleaner code
........
No functional change, fixes a typo
........
Fixed: "Login and logout process in demos shows a certificate issue"
(OFBIZ-9206)

Also fixes "16.11 ofbizUrl include host+port and break some reverse-proxy/docker
 setups"
(OFBIZ-9224)

It was an easy fix, I just imported
<SystemProperty systemPropertyId="port.https" systemResourceId="url"
systemPropertyValue=""/>
in trunk demo and all work perfectly.

I also tried to replace locally
port.https=8443
by
port.https=
in url.properties (w/o SystemProperty) and did not face any issue but with
portOffset. This is due to the WebSiteProperties class works and there is also
an easy fix: don't add twice the portOffset when it's build from the request,
and only then. Keep it as is when it's build from a WebSite GenericValue.
We then trust the user and don't rely on the request.

I also removed the deprecated RequestHandler.getDefaultServerRootUrl()
I think it was time...

Thanks: Pierre Smits and Leonard Lin for reports
........

------------------------------------------------------------------------


Modified:
    ofbiz/branches/release16.11/   (props changed)
    ofbiz/branches/release16.11/framework/webapp/config/url.properties
    ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
    ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/WebSiteProperties.java

Propchange: ofbiz/branches/release16.11/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Tue Feb 28 15:38:15 2017
@@ -10,5 +10,5 @@
 /ofbiz/branches/json-integration-refactoring:1634077-1635900
 /ofbiz/branches/multitenant20100310:921280-927264
 /ofbiz/branches/release13.07:1547657
-/ofbiz/ofbiz-framework/trunk:1783202,1783388,1784549,1784558,1784708
+/ofbiz/ofbiz-framework/trunk:1783202,1783388,1784549,1784558,1784708,1784760
 /ofbiz/trunk:1770481,1770490,1770540,1771440,1771448,1771516,1771935,1772346,1772880,1774772,1775441,1779724,1780659,1781109,1781125,1781979,1782498,1782520

Modified: ofbiz/branches/release16.11/framework/webapp/config/url.properties
URL: http://svn.apache.org/viewvc/ofbiz/branches/release16.11/framework/webapp/config/url.properties?rev=1784762&r1=1784761&r2=1784762&view=diff
==============================================================================
--- ofbiz/branches/release16.11/framework/webapp/config/url.properties (original)
+++ ofbiz/branches/release16.11/framework/webapp/config/url.properties Tue Feb 28 15:38:15 2017
@@ -20,20 +20,19 @@
 # OFBiz Global URL Settings - WebSite specific settings found in WebSite entity
 ####
 
-# If you want to use HTTP then set no.http=N. Else all requests will use HTTPS (also enforced by a HSTS header) except if put in the http.request-map.list  
-no.http=Y
-http.request-map.list=SOAPService,xmlrpc
-
 # HTTPS Port (Secure port)
 port.https.enabled=Y
-# empty by default see OFBIZ-9206
-port.https=
+port.https=8443
 force.https.host=
 
 # HTTP Port (Not Secure port)
 port.http=8080
 force.http.host=
 
+# If you want to use HTTP then set no.http=N. Else all requests will use HTTPS except if put in the http.request-map.list  
+no.http=Y
+http.request-map.list=SOAPService,xmlrpc
+
 # Static Content URLs to make it easy to move the serving load for static content to other machines
 # -- thse are for general content such as images, js & css files, or non-dynamic HTML files
 content.url.prefix.secure=

Modified: ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java?rev=1784762&r1=1784761&r2=1784762&view=diff
==============================================================================
--- ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java (original)
+++ ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java Tue Feb 28 15:38:15 2017
@@ -35,6 +35,7 @@ import javax.servlet.http.HttpServletReq
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
+import org.apache.ofbiz.base.start.Start;
 import org.apache.ofbiz.base.util.Debug;
 import org.apache.ofbiz.base.util.SSLUtil;
 import org.apache.ofbiz.base.util.StringUtil;
@@ -1008,6 +1009,62 @@ public class RequestHandler {
     }
 
     /**
+     * Returns a URL String that contains only the scheme and host parts. This method
+     * should not be used because it ignores settings in the WebSite entity.
+     *
+     * @param request
+     * @param secure
+     * @deprecated Use OfbizUrlBuilder
+     */
+    @Deprecated
+    public static String getDefaultServerRootUrl(HttpServletRequest request, boolean secure) {
+        Delegator delegator = (Delegator) request.getAttribute("delegator");
+        String httpsPort = EntityUtilProperties.getPropertyValue("url", "port.https", "443", delegator);
+        String httpsServer = EntityUtilProperties.getPropertyValue("url", "force.https.host", delegator);
+        String httpPort = EntityUtilProperties.getPropertyValue("url", "port.http", "80", delegator);
+        String httpServer = EntityUtilProperties.getPropertyValue("url", "force.http.host", delegator);
+        boolean useHttps = EntityUtilProperties.propertyValueEqualsIgnoreCase("url", "port.https.enabled", "Y", delegator);
+
+        if (Start.getInstance().getConfig().portOffset != 0) {
+            Integer httpPortValue = Integer.valueOf(httpPort);
+            httpPortValue += Start.getInstance().getConfig().portOffset;
+            httpPort = httpPortValue.toString();
+            Integer httpsPortValue = Integer.valueOf(httpsPort);
+            httpsPortValue += Start.getInstance().getConfig().portOffset;
+            httpsPort = httpsPortValue.toString();
+        }
+        
+        StringBuilder newURL = new StringBuilder();
+
+        if (secure && useHttps) {
+            String server = httpsServer;
+            if (UtilValidate.isEmpty(server)) {
+                server = request.getServerName();
+            }
+
+            newURL.append("https://");
+            newURL.append(server);
+            if (!httpsPort.equals("443")) {
+                newURL.append(":").append(httpsPort);
+            }
+
+        } else {
+            String server = httpServer;
+            if (UtilValidate.isEmpty(server)) {
+                server = request.getServerName();
+            }
+
+            newURL.append("http://");
+            newURL.append(server);
+            if (!httpPort.equals("80")) {
+                newURL.append(":").append(httpPort);
+            }
+        }
+        return newURL.toString();
+    }
+
+
+    /**
      * Creates a query string based on the redirect parameters for a request response, if specified, or for all request parameters if no redirect parameters are specified.
      *
      * @param request the Http request

Modified: ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/WebSiteProperties.java
URL: http://svn.apache.org/viewvc/ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/WebSiteProperties.java?rev=1784762&r1=1784761&r2=1784762&view=diff
==============================================================================
--- ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/WebSiteProperties.java (original)
+++ ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/WebSiteProperties.java Tue Feb 28 15:38:15 2017
@@ -57,7 +57,6 @@ public final class WebSiteProperties {
         Assert.notNull("request", request);
         WebSiteProperties webSiteProps = (WebSiteProperties) request.getAttribute("_WEBSITE_PROPS_");
         if (webSiteProps == null) {
-            Boolean dontAdd = false;
             Delegator delegator = (Delegator) request.getAttribute("delegator");
             WebSiteProperties defaults = new WebSiteProperties(delegator);
             String httpPort = defaults.getHttpPort();
@@ -96,7 +95,6 @@ public final class WebSiteProperties {
             }
             if (httpsPort.isEmpty() && request.isSecure()) {
                 httpsPort = String.valueOf(request.getServerPort());
-                dontAdd = true; // We take the port from the request, don't add the portOffset
             }
             if (httpsHost.isEmpty()) {
                 httpsHost = request.getServerName();
@@ -106,14 +104,10 @@ public final class WebSiteProperties {
                 Integer httpPortValue = Integer.valueOf(httpPort);
                 httpPortValue += Start.getInstance().getConfig().portOffset;
                 httpPort = httpPortValue.toString();
-                if (!dontAdd) {
-                    Integer httpsPortValue = Integer.valueOf(httpsPort);
-                    if (!httpsPort.isEmpty()) {
-                        httpsPortValue += Start.getInstance().getConfig().portOffset;
-                    }
-                    httpsPort = httpsPortValue.toString();
-                }
-            }
+                Integer httpsPortValue = Integer.valueOf(httpsPort);
+                httpsPortValue += Start.getInstance().getConfig().portOffset;
+                httpsPort = httpsPortValue.toString();
+            }                
             
             webSiteProps = new WebSiteProperties(httpPort, httpHost, httpsPort, httpsHost, enableHttps);
             request.setAttribute("_WEBSITE_PROPS_", webSiteProps);
@@ -144,9 +138,9 @@ public final class WebSiteProperties {
             httpPortValue += Start.getInstance().getConfig().portOffset;
             httpPort = httpPortValue.toString();
             Integer httpsPortValue = Integer.valueOf(httpsPort);
-            httpsPortValue += Start.getInstance().getConfig().portOffset; // Here unlike above we trust the user and don't rely on the request, no dontAdd.
+            httpsPortValue += Start.getInstance().getConfig().portOffset;
             httpsPort = httpsPortValue.toString();
-        }
+        }                
         
         return new WebSiteProperties(httpPort, httpHost, httpsPort, httpsHost, enableHttps);
     }