svn commit: r1784762 - in /ofbiz/branches/release16.11: ./ framework/webapp/config/ framework/webapp/src/main/java
Locked
svn commit: r1784762 - in /ofbiz/branches/release16.11: ./ framework/webapp/config/ framework/webapp/src/main/java
 
|
Author: jleroux
Date: Tue Feb 28 15:38:15 2017 New Revision: 1784762 URL: http://svn.apache.org/viewvc?rev=1784762&view=rev Log: "Applied fix from trunk framework for revision: 1784760 " ------------------------------------------------------------------------ r1784760 | jleroux | 2017-02-28 16:36:42 +0100 (mar. 28 févr. 2017) | 33 lignes Reverts revisions 1784558, 1784555, 1784549 No functional change, cleaner code ........ No functional change, fixes a typo ........ Fixed: "Login and logout process in demos shows a certificate issue" (OFBIZ-9206) Also fixes "16.11 ofbizUrl include host+port and break some reverse-proxy/docker setups" (OFBIZ-9224) It was an easy fix, I just imported <SystemProperty systemPropertyId="port.https" systemResourceId="url" systemPropertyValue=""/> in trunk demo and all work perfectly. I also tried to replace locally port.https=8443 by port.https= in url.properties (w/o SystemProperty) and did not face any issue but with portOffset. This is due to the WebSiteProperties class works and there is also an easy fix: don't add twice the portOffset when it's build from the request, and only then. Keep it as is when it's build from a WebSite GenericValue. We then trust the user and don't rely on the request. I also removed the deprecated RequestHandler.getDefaultServerRootUrl() I think it was time... Thanks: Pierre Smits and Leonard Lin for reports ........ ------------------------------------------------------------------------ Modified: ofbiz/branches/release16.11/ (props changed) ofbiz/branches/release16.11/framework/webapp/config/url.properties ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/WebSiteProperties.java Propchange: ofbiz/branches/release16.11/ ------------------------------------------------------------------------------ --- svn:mergeinfo (original) +++ svn:mergeinfo Tue Feb 28 15:38:15 2017 @@ -10,5 +10,5 @@ /ofbiz/branches/json-integration-refactoring:1634077-1635900 /ofbiz/branches/multitenant20100310:921280-927264 /ofbiz/branches/release13.07:1547657 -/ofbiz/ofbiz-framework/trunk:1783202,1783388,1784549,1784558,1784708 +/ofbiz/ofbiz-framework/trunk:1783202,1783388,1784549,1784558,1784708,1784760 /ofbiz/trunk:1770481,1770490,1770540,1771440,1771448,1771516,1771935,1772346,1772880,1774772,1775441,1779724,1780659,1781109,1781125,1781979,1782498,1782520 Modified: ofbiz/branches/release16.11/framework/webapp/config/url.properties URL: http://svn.apache.org/viewvc/ofbiz/branches/release16.11/framework/webapp/config/url.properties?rev=1784762&r1=1784761&r2=1784762&view=diff ============================================================================== --- ofbiz/branches/release16.11/framework/webapp/config/url.properties (original) +++ ofbiz/branches/release16.11/framework/webapp/config/url.properties Tue Feb 28 15:38:15 2017 @@ -20,20 +20,19 @@ # OFBiz Global URL Settings - WebSite specific settings found in WebSite entity #### -# If you want to use HTTP then set no.http=N. Else all requests will use HTTPS (also enforced by a HSTS header) except if put in the http.request-map.list -no.http=Y -http.request-map.list=SOAPService,xmlrpc - # HTTPS Port (Secure port) port.https.enabled=Y -# empty by default see OFBIZ-9206 -port.https= +port.https=8443 force.https.host= # HTTP Port (Not Secure port) port.http=8080 force.http.host= +# If you want to use HTTP then set no.http=N. Else all requests will use HTTPS except if put in the http.request-map.list +no.http=Y +http.request-map.list=SOAPService,xmlrpc + # Static Content URLs to make it easy to move the serving load for static content to other machines # -- thse are for general content such as images, js & css files, or non-dynamic HTML files content.url.prefix.secure= Modified: ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java URL: http://svn.apache.org/viewvc/ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java?rev=1784762&r1=1784761&r2=1784762&view=diff ============================================================================== --- ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java (original) +++ ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/control/RequestHandler.java Tue Feb 28 15:38:15 2017 @@ -35,6 +35,7 @@ import javax.servlet.http.HttpServletReq import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; +import org.apache.ofbiz.base.start.Start; import org.apache.ofbiz.base.util.Debug; import org.apache.ofbiz.base.util.SSLUtil; import org.apache.ofbiz.base.util.StringUtil; @@ -1008,6 +1009,62 @@ public class RequestHandler { } /** + * Returns a URL String that contains only the scheme and host parts. This method + * should not be used because it ignores settings in the WebSite entity. + * + * @param request + * @param secure + * @deprecated Use OfbizUrlBuilder + */ + @Deprecated + public static String getDefaultServerRootUrl(HttpServletRequest request, boolean secure) { + Delegator delegator = (Delegator) request.getAttribute("delegator"); + String httpsPort = EntityUtilProperties.getPropertyValue("url", "port.https", "443", delegator); + String httpsServer = EntityUtilProperties.getPropertyValue("url", "force.https.host", delegator); + String httpPort = EntityUtilProperties.getPropertyValue("url", "port.http", "80", delegator); + String httpServer = EntityUtilProperties.getPropertyValue("url", "force.http.host", delegator); + boolean useHttps = EntityUtilProperties.propertyValueEqualsIgnoreCase("url", "port.https.enabled", "Y", delegator); + + if (Start.getInstance().getConfig().portOffset != 0) { + Integer httpPortValue = Integer.valueOf(httpPort); + httpPortValue += Start.getInstance().getConfig().portOffset; + httpPort = httpPortValue.toString(); + Integer httpsPortValue = Integer.valueOf(httpsPort); + httpsPortValue += Start.getInstance().getConfig().portOffset; + httpsPort = httpsPortValue.toString(); + } + + StringBuilder newURL = new StringBuilder(); + + if (secure && useHttps) { + String server = httpsServer; + if (UtilValidate.isEmpty(server)) { + server = request.getServerName(); + } + + newURL.append("https://"); + newURL.append(server); + if (!httpsPort.equals("443")) { + newURL.append(":").append(httpsPort); + } + + } else { + String server = httpServer; + if (UtilValidate.isEmpty(server)) { + server = request.getServerName(); + } + + newURL.append("http://"); + newURL.append(server); + if (!httpPort.equals("80")) { + newURL.append(":").append(httpPort); + } + } + return newURL.toString(); + } + + + /** * Creates a query string based on the redirect parameters for a request response, if specified, or for all request parameters if no redirect parameters are specified. * * @param request the Http request Modified: ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/WebSiteProperties.java URL: http://svn.apache.org/viewvc/ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/WebSiteProperties.java?rev=1784762&r1=1784761&r2=1784762&view=diff ============================================================================== --- ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/WebSiteProperties.java (original) +++ ofbiz/branches/release16.11/framework/webapp/src/main/java/org/apache/ofbiz/webapp/website/WebSiteProperties.java Tue Feb 28 15:38:15 2017 @@ -57,7 +57,6 @@ public final class WebSiteProperties { Assert.notNull("request", request); WebSiteProperties webSiteProps = (WebSiteProperties) request.getAttribute("_WEBSITE_PROPS_"); if (webSiteProps == null) { - Boolean dontAdd = false; Delegator delegator = (Delegator) request.getAttribute("delegator"); WebSiteProperties defaults = new WebSiteProperties(delegator); String httpPort = defaults.getHttpPort(); @@ -96,7 +95,6 @@ public final class WebSiteProperties { } if (httpsPort.isEmpty() && request.isSecure()) { httpsPort = String.valueOf(request.getServerPort()); - dontAdd = true; // We take the port from the request, don't add the portOffset } if (httpsHost.isEmpty()) { httpsHost = request.getServerName(); @@ -106,14 +104,10 @@ public final class WebSiteProperties { Integer httpPortValue = Integer.valueOf(httpPort); httpPortValue += Start.getInstance().getConfig().portOffset; httpPort = httpPortValue.toString(); - if (!dontAdd) { - Integer httpsPortValue = Integer.valueOf(httpsPort); - if (!httpsPort.isEmpty()) { - httpsPortValue += Start.getInstance().getConfig().portOffset; - } - httpsPort = httpsPortValue.toString(); - } - } + Integer httpsPortValue = Integer.valueOf(httpsPort); + httpsPortValue += Start.getInstance().getConfig().portOffset; + httpsPort = httpsPortValue.toString(); + } webSiteProps = new WebSiteProperties(httpPort, httpHost, httpsPort, httpsHost, enableHttps); request.setAttribute("_WEBSITE_PROPS_", webSiteProps); @@ -144,9 +138,9 @@ public final class WebSiteProperties { httpPortValue += Start.getInstance().getConfig().portOffset; httpPort = httpPortValue.toString(); Integer httpsPortValue = Integer.valueOf(httpsPort); - httpsPortValue += Start.getInstance().getConfig().portOffset; // Here unlike above we trust the user and don't rely on the request, no dontAdd. + httpsPortValue += Start.getInstance().getConfig().portOffset; httpsPort = httpsPortValue.toString(); - } + } return new WebSiteProperties(httpPort, httpHost, httpsPort, httpsHost, enableHttps); } |
«
Return to OFBiz - Commits
|
1 view|%1 views
| Free forum by Nabble | Edit this page |