You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@struts.apache.org by lu...@apache.org on 2015/10/20 09:38:13 UTC

struts git commit: WW-4526 Checks if passed in scheme param is valid (cherry picked from commit 3e2d5da)

Repository: struts
Updated Branches:
  refs/heads/master 87dfa3f6f -> b44fa2934


WW-4526 Checks if passed in scheme param is valid
(cherry picked from commit 3e2d5da)


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/b44fa293
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/b44fa293
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/b44fa293

Branch: refs/heads/master
Commit: b44fa2934fbdcbe5b0c1e2abfc03d08f8771990c
Parents: 87dfa3f
Author: Lukasz Lenart <lu...@apache.org>
Authored: Tue Oct 20 08:16:41 2015 +0200
Committer: Lukasz Lenart <lu...@apache.org>
Committed: Tue Oct 20 09:37:54 2015 +0200

----------------------------------------------------------------------
 .../org/apache/struts2/views/util/DefaultUrlHelper.java  | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/struts/blob/b44fa293/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java b/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
index 9459b7d..4e62c21 100644
--- a/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
+++ b/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
@@ -80,12 +80,17 @@ public class DefaultUrlHelper implements UrlHelper {
     	return buildUrl(action, request, response, params, scheme, includeContext, encodeResult, forceAddSchemeHostAndPort, true);
     }
 
-    public String buildUrl(String action, HttpServletRequest request, HttpServletResponse response, Map<String, Object> params, String scheme,
+    public String buildUrl(String action, HttpServletRequest request, HttpServletResponse response, Map<String, Object> params, String urlScheme,
                            boolean includeContext, boolean encodeResult, boolean forceAddSchemeHostAndPort, boolean escapeAmp) {
 
         StringBuilder link = new StringBuilder();
         boolean changedScheme = false;
 
+        String scheme = null;
+        if (isValidScheme(urlScheme)) {
+            scheme = urlScheme;
+        }
+
         // only append scheme if it is different to the current scheme *OR*
         // if we explicity want it to be appended by having forceAddSchemeHostAndPort = true
         if (forceAddSchemeHostAndPort) {
@@ -234,6 +239,10 @@ public class DefaultUrlHelper implements UrlHelper {
         }
     }
 
+    protected boolean isValidScheme(String scheme) {
+        return HTTP_PROTOCOL.equals(scheme) || HTTPS_PROTOCOL.equals(scheme);
+    }
+
     private String buildParameterSubstring(String name, String value) {
         StringBuilder builder = new StringBuilder();
         builder.append(encode(name));