You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by jc...@apache.org on 2008/10/27 11:17:11 UTC
svn commit: r708127 -
/wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/request/CryptedUrlWebRequestCodingStrategy.java
Author: jcompagner
Date: Mon Oct 27 03:17:09 2008
New Revision: 708127
URL: http://svn.apache.org/viewvc?rev=708127&view=rev
Log:
throw page expired message if an url couldnt be decrypted correctly. (the url was tampered with by an attacker or the session was really expired, both ways a page expired is fine)
Modified:
wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/request/CryptedUrlWebRequestCodingStrategy.java
Modified: wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/request/CryptedUrlWebRequestCodingStrategy.java
URL: http://svn.apache.org/viewvc/wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/request/CryptedUrlWebRequestCodingStrategy.java?rev=708127&r1=708126&r2=708127&view=diff
==============================================================================
--- wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/request/CryptedUrlWebRequestCodingStrategy.java (original)
+++ wicket/branches/wicket-1.3.x/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/request/CryptedUrlWebRequestCodingStrategy.java Mon Oct 27 03:17:09 2008
@@ -26,6 +26,7 @@
import org.apache.wicket.Request;
import org.apache.wicket.RequestCycle;
import org.apache.wicket.WicketRuntimeException;
+import org.apache.wicket.protocol.http.PageExpiredException;
import org.apache.wicket.protocol.http.RequestUtils;
import org.apache.wicket.protocol.http.WicketURLDecoder;
import org.apache.wicket.protocol.http.WicketURLEncoder;
@@ -270,13 +271,12 @@
*/
protected String onError(final Exception ex)
{
- throw new HackAttackException("Invalid URL");
+ throw new PageExpiredException("Invalid URL");
}
protected String onError(final Exception ex, String url)
{
- log.error("Invalid URL: " + url, ex);
-
+ log.info("Invalid URL: " + url + ", message:" + ex.getMessage());
return onError(ex);
}