You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by ta...@apache.org on 2017/12/10 10:52:01 UTC
svn commit: r1817690 - in
/myfaces/core/branches/2.3.x/impl/src/main/java/org/apache/myfaces/application/viewstate:
CounterKeyFactory.java CounterSessionViewStorageFactory.java
ServerSideStateCacheImpl.java
Author: tandraschko
Date: Sun Dec 10 10:52:00 2017
New Revision: 1817690
URL: http://svn.apache.org/viewvc?rev=1817690&view=rev
Log:
MYFACES-4133 removed sequence
Removed:
myfaces/core/branches/2.3.x/impl/src/main/java/org/apache/myfaces/application/viewstate/CounterKeyFactory.java
myfaces/core/branches/2.3.x/impl/src/main/java/org/apache/myfaces/application/viewstate/CounterSessionViewStorageFactory.java
Modified:
myfaces/core/branches/2.3.x/impl/src/main/java/org/apache/myfaces/application/viewstate/ServerSideStateCacheImpl.java
Modified: myfaces/core/branches/2.3.x/impl/src/main/java/org/apache/myfaces/application/viewstate/ServerSideStateCacheImpl.java
URL: http://svn.apache.org/viewvc/myfaces/core/branches/2.3.x/impl/src/main/java/org/apache/myfaces/application/viewstate/ServerSideStateCacheImpl.java?rev=1817690&r1=1817689&r2=1817690&view=diff
==============================================================================
--- myfaces/core/branches/2.3.x/impl/src/main/java/org/apache/myfaces/application/viewstate/ServerSideStateCacheImpl.java (original)
+++ myfaces/core/branches/2.3.x/impl/src/main/java/org/apache/myfaces/application/viewstate/ServerSideStateCacheImpl.java Sun Dec 10 10:52:00 2017
@@ -127,14 +127,13 @@ class ServerSideStateCacheImpl extends S
public static final String USE_FLASH_SCOPE_PURGE_VIEWS_IN_SESSION
= "org.apache.myfaces.USE_FLASH_SCOPE_PURGE_VIEWS_IN_SESSION";
- public static final String RANDOM_KEY_IN_VIEW_STATE_SESSION_TOKEN_NONE = "none";
public static final String RANDOM_KEY_IN_VIEW_STATE_SESSION_TOKEN_SECURE_RANDOM = "secureRandom";
public static final String RANDOM_KEY_IN_VIEW_STATE_SESSION_TOKEN_RANDOM = "random";
/**
* Adds a random key to the generated view state session token.
*/
- @JSFWebConfigParam(since="2.1.9, 2.0.15", expectedValues="secureRandom, random, none",
+ @JSFWebConfigParam(since="2.1.9, 2.0.15", expectedValues="secureRandom, random",
defaultValue="secureRandom", group="state")
public static final String RANDOM_KEY_IN_VIEW_STATE_SESSION_TOKEN_PARAM
= "org.apache.myfaces.RANDOM_KEY_IN_VIEW_STATE_SESSION_TOKEN";
@@ -204,7 +203,11 @@ class ServerSideStateCacheImpl extends S
}
else
{
- sessionViewStorageFactory = new CounterSessionViewStorageFactory(new CounterKeyFactory());
+ log.warning("org.apache.myfaces.RANDOM_KEY_IN_VIEW_STATE_SESSION_TOKEN \""
+ + randomMode + "\" is not supported (anymore)."
+ + " Fallback to \"secureRandom\"");
+ sessionViewStorageFactory = new RandomSessionViewStorageFactory(
+ new SecureRandomKeyFactory(facesContext));
}
String csrfRandomMode = WebConfigParamUtils.getStringInitParameter(facesContext.getExternalContext(),