You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@wicket.apache.org by Dirk Forchel <di...@exedio.com> on 2012/10/18 11:42:18 UTC

UrlRenderer renders wrong HTTPS links

First have a look at issue https://issues.apache.org/jira/browse/WICKET-4776.
I've adapted the solution to preserve the port and the protocol in the
UrlRender in our UrlRender subclass and at the first glance it might work.
On my local developer machine running our webapplication on a Tomcat
webserver the generated links to secure pages seem to be correct, e.g.
requesting the Home Page Url http://localhost:8080/home.html now contains
links to secure pages like https://localhost:8443/account.html with correct
Urls.
But running the same application on a Tomcat server with an Apache Http
Server (with an AJP connector and the default ports 80/443) results in wrong
rendered Https links.
The Home Page with the Url http://domainname.com/home.html now contains the
wrong link https://domainname.com:80/account.html. 
I reckon the preserved Http port (Http port 80) leads to this problem. I'm
not sure, whether a prober solution would be to check the HTTP header first.
If the HTTP header contains a port, preserve it, otherwise not.




--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/UrlRenderer-renders-wrong-HTTPS-links-tp4653054.html
Sent from the Forum for Wicket Core developers mailing list archive at Nabble.com.

Re: UrlRenderer renders wrong HTTPS links

Posted by Dirk Forchel <di...@exedio.com>.

In addition: I could figure out, that on my local machine, the preserved
values for protocol and port are 'https' and '8443' which is correct, but on
the system with the Apache webserver and Tomcat the values are 'https' and
'null'. With these values, the method resolvePort(Url) returns the value for
fallback2, which is '80' and not the right one. 
Why is the preserved value 'null'?

@Override
	public String renderUrl(final Url url)
	{
		final String renderedUrl;
		if (shouldRenderAsFull(url))
		{
			if (url.isAbsolute()==false)
			{
				// relative Url
				String relativeUrl = renderRelativeUrl(url);
				Url relative = Url.parse(relativeUrl, url.getCharset());
				// intermediate relative url is missing port and protocol preserve it
				// see https://issues.apache.org/jira/browse/WICKET-4776
				LOGGER.debug( "Preserve Protocol: {} Port: {} ", url.getProtocol(),
url.getPort());
				relative.setPort(url.getPort());
				relative.setProtocol(url.getProtocol());
				renderedUrl = renderFullUrl(relative);
				LOGGER.debug( "Relative render as full renderedUrl: {} => {}", url,
renderedUrl );
			}
			else
			{
				renderedUrl = renderFullUrl(url);
				LOGGER.debug( "Absolute render as full renderedUrl: {} => {}", url,
renderedUrl );
			}
		}
		else
		{
			renderedUrl = renderRelativeUrl(url);
			LOGGER.debug( "Relative renderedUrl: {} => {}",url, renderedUrl );
		}
		return renderedUrl;
	}

	@Override
	protected Integer resolvePort(final Url url)
	{
		LOGGER.info( "Resolve Port: "+url.getPort()+" Base Url:
"+getBaseUrl().getPort()+" ClientUrl: "+request.getClientUrl().getPort() );
		return choose(url.getPort(), getBaseUrl().getPort(),
request.getClientUrl().getPort());
	}



--
View this message in context: http://apache-wicket.1842946.n4.nabble.com/UrlRenderer-renders-wrong-HTTPS-links-tp4653054p4653058.html
Sent from the Forum for Wicket Core developers mailing list archive at Nabble.com.