Author: lektran
Date: Mon Mar 8 16:11:00 2010
New Revision: 920380
URL:
http://svn.apache.org/viewvc?rev=920380&view=revLog:
Merged from trunk r920370
Added an OFBiz specific FreeMarker TemplateExceptionHandler, ensures that any stack trace error messages are properly encoded before being dumped to the browser (or anywhere else).
Modified:
ofbiz/branches/release09.04/framework/base/src/org/ofbiz/base/util/template/FreeMarkerWorker.java
Modified: ofbiz/branches/release09.04/framework/base/src/org/ofbiz/base/util/template/FreeMarkerWorker.java
URL:
http://svn.apache.org/viewvc/ofbiz/branches/release09.04/framework/base/src/org/ofbiz/base/util/template/FreeMarkerWorker.java?rev=920380&r1=920379&r2=920380&view=diff==============================================================================
--- ofbiz/branches/release09.04/framework/base/src/org/ofbiz/base/util/template/FreeMarkerWorker.java (original)
+++ ofbiz/branches/release09.04/framework/base/src/org/ofbiz/base/util/template/FreeMarkerWorker.java Mon Mar 8 16:11:00 2010
@@ -21,8 +21,10 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
+import java.io.PrintWriter;
import java.io.Reader;
import java.io.StringReader;
+import java.io.StringWriter;
import java.io.Writer;
import java.net.MalformedURLException;
import java.net.URL;
@@ -50,6 +52,7 @@
import org.ofbiz.base.util.UtilMisc;
import org.ofbiz.base.util.UtilProperties;
import org.ofbiz.base.util.UtilValidate;
+import org.ofbiz.base.util.StringUtil.SimpleEncoder;
import org.ofbiz.base.util.cache.UtilCache;
import freemarker.cache.TemplateLoader;
@@ -61,6 +64,7 @@
import freemarker.template.SimpleScalar;
import freemarker.template.Template;
import freemarker.template.TemplateException;
+import freemarker.template.TemplateExceptionHandler;
import freemarker.template.TemplateModel;
import freemarker.template.TemplateModelException;
@@ -84,6 +88,7 @@
newConfig.setLocalizedLookup(false);
newConfig.setSharedVariable("StringUtil", new BeanModel(new StringUtil(), wrapper));
newConfig.setTemplateLoader(new FlexibleTemplateLoader());
+ newConfig.setTemplateExceptionHandler(new FreeMarkerWorker.OFBizTemplateExceptionHandler());
try {
newConfig.setSetting("datetime_format", "yyyy-MM-dd HH:mm:ss.SSS");
newConfig.setSetting("number_format", "0.##########");
@@ -618,4 +623,30 @@
// do nothing
}
}
+
+ /**
+ * OFBiz specific TemplateExceptionHandler. Sanitizes any error messages present in
+ * the stack trace prior to printing to the output writer.
+ *
+ */
+ static class OFBizTemplateExceptionHandler implements TemplateExceptionHandler {
+
+ @Override
+ public void handleTemplateException(TemplateException te, Environment env, Writer out) throws TemplateException {
+ StringWriter tempWriter = new StringWriter();
+ PrintWriter pw = new PrintWriter(tempWriter, true);
+ te.printStackTrace(pw);
+ String stackTrace = tempWriter.toString();
+
+ StringUtil.SimpleEncoder simpleEncoder = (SimpleEncoder) FreeMarkerWorker.getWrappedObject("simpleEncoder", env);
+ if (simpleEncoder != null) {
+ stackTrace = simpleEncoder.encode(stackTrace);
+ }
+ try {
+ out.write(stackTrace);
+ } catch (IOException e) {
+ Debug.logError(e, module);
+ }
+ }
+ }
}
Locked
