You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by as...@apache.org on 2015/04/17 15:30:58 UTC
svn commit: r1674302 - in /sling/trunk/bundles/servlets/post/src/main:
java/org/apache/sling/servlets/post/AbstractPostResponse.java
java/org/apache/sling/servlets/post/HtmlResponse.java
resources/org/apache/sling/servlets/post/HtmlNoGoBackResponse.html
Author: asanso
Date: Fri Apr 17 13:30:58 2015
New Revision: 1674302
URL: http://svn.apache.org/r1674302
Log:
SLING-4631 - Improve the HtmlResponse template for pseudo-URL referrer
Added:
sling/trunk/bundles/servlets/post/src/main/resources/org/apache/sling/servlets/post/HtmlNoGoBackResponse.html
Modified:
sling/trunk/bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java
sling/trunk/bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/HtmlResponse.java
Modified: sling/trunk/bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java?rev=1674302&r1=1674301&r2=1674302&view=diff
==============================================================================
--- sling/trunk/bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java (original)
+++ sling/trunk/bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/AbstractPostResponse.java Fri Apr 17 13:30:58 2015
@@ -358,6 +358,15 @@ public abstract class AbstractPostRespon
protected Object getProperty(String name) {
return properties.get(name);
}
+
+ protected boolean isSafeReferer(){
+ String referer = getReferer();
+ if (referer.startsWith("http://") || referer.startsWith("https://")) {
+ return true;
+ } else {
+ return false;
+ }
+ }
protected abstract void doSend(HttpServletResponse response) throws IOException;
Modified: sling/trunk/bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/HtmlResponse.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/HtmlResponse.java?rev=1674302&r1=1674301&r2=1674302&view=diff
==============================================================================
--- sling/trunk/bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/HtmlResponse.java (original)
+++ sling/trunk/bundles/servlets/post/src/main/java/org/apache/sling/servlets/post/HtmlResponse.java Fri Apr 17 13:30:58 2015
@@ -48,6 +48,11 @@ public class HtmlResponse extends Abstra
private static final String TEMPLATE_NAME = "HtmlResponse.html";
/**
+ * name of the html safe referer template
+ */
+ private static final String NO_GO_BACK_TEMPLATE_NAME = "HtmlNoGoBackResponse.html";
+
+ /**
* list of changes
*/
private final StringBuilder changes = new StringBuilder();
@@ -112,7 +117,15 @@ public class HtmlResponse extends Abstra
setProperty(PN_CHANGE_LOG, changes.toString());
Writer out = response.getWriter();
- InputStream template = getClass().getResourceAsStream(TEMPLATE_NAME);
+
+ String templateName;
+ if(isSafeReferer()) {
+ templateName = TEMPLATE_NAME;
+ } else {
+ templateName = NO_GO_BACK_TEMPLATE_NAME;
+ }
+
+ InputStream template = getClass().getResourceAsStream(templateName);
Reader in = new BufferedReader(new InputStreamReader(template));
StringBuilder varBuffer = new StringBuilder();
int state = 0;
Added: sling/trunk/bundles/servlets/post/src/main/resources/org/apache/sling/servlets/post/HtmlNoGoBackResponse.html
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/servlets/post/src/main/resources/org/apache/sling/servlets/post/HtmlNoGoBackResponse.html?rev=1674302&view=auto
==============================================================================
--- sling/trunk/bundles/servlets/post/src/main/resources/org/apache/sling/servlets/post/HtmlNoGoBackResponse.html (added)
+++ sling/trunk/bundles/servlets/post/src/main/resources/org/apache/sling/servlets/post/HtmlNoGoBackResponse.html Fri Apr 17 13:30:58 2015
@@ -0,0 +1,42 @@
+<html>
+<head>
+ <title>${title}</title>
+</head>
+ <body>
+ <h1>${title}</h1>
+ <table>
+ <tbody>
+ <tr>
+ <td>Status</td>
+ <td><div id="Status">${status.code}</div></td>
+ </tr>
+ <tr>
+ <td>Message</td>
+ <td><div id="Message">${status.message}</div></td>
+ </tr>
+ <tr>
+ <td>Location</td>
+ <td><a href="${location}" id="Location">${location}</a></td>
+ </tr>
+ <tr>
+ <td>Parent Location</td>
+ <td><a href="${parentLocation}" id="ParentLocation">${parentLocation}</a></td>
+ </tr>
+ <tr>
+ <td>Path</td>
+ <td><div id="Path">${path}</div></td>
+ </tr>
+ <tr>
+ <td>Referer</td>
+ <td><div id="Referer">${referer}</div></td>
+ </tr>
+ <tr>
+ <td>ChangeLog</td>
+ <td><div id="ChangeLog">${changeLog}</div></td>
+ </tr>
+ </tbody>
+ </table>
+ <p><a href="${location}">Modified Resource</a></p>
+ <p><a href="${parentLocation}">Parent of Modified Resource</a></p>
+ </body>
+</html>
\ No newline at end of file