You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by sn...@apache.org on 2012/05/12 20:20:03 UTC
svn commit: r1337603 - in /roller/branches/roller_5.0: ./
weblogger-business/src/main/resources/org/apache/roller/weblogger/config/
weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/
weblogger-web/src/main/java/org/apache/roller/weblogger...
Author: snoopdave
Date: Sat May 12 18:20:01 2012
New Revision: 1337603
URL: http://svn.apache.org/viewvc?rev=1337603&view=rev
Log:
Added:
- salt field to every one of the 66 forms in the Roller UI
- a filter that checks every incoming POST for the presence of a valid salt
- salt cache uses Roller cache infrastructure (therefore can be cluster friendly)
Added:
roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/SaltCache.java
Modified:
roller/branches/roller_5.0/ (props changed)
roller/branches/roller_5.0/weblogger-business/src/main/resources/org/apache/roller/weblogger/config/roller.properties
roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/RollerSession.java
roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/filters/LoadSaltFilter.java
roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/filters/ValidateSaltFilter.java
roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/PlanetCache.java
roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/WeblogCacheWarmupJob.java
roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkAdd.java
roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CacheInfo.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetAdd.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetConfirm.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetEdit.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CreateUser.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalCommentManagement.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalCommentManagementSidebar.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalConfig.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/ModifyUser.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetConfig.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetGroups.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetSubscriptions.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/UserAdmin.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/CreateDatabase.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/CreateWeblog.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Profile.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Register.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Setup.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/UpgradeDatabase.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarkAdd.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarkEdit.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Bookmarks.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarksImport.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Categories.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryAdd.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryEdit.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryRemove.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Comments.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CommentsSidebar.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetAdd.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetConfirm.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetEdit.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntriesSidebar.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryAdd.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryEdit.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryRemove.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/FolderAdd.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/FolderEdit.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Maintenance.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAdd.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAddExternalInclude.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAddSuccess.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileEdit.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileImageChooser.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileSidebar.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileView.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Members.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MembersInvite.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Referrers.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/StylesheetEdit.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplateEdit.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplateRemove.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplatesSidebar.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/ThemeEdit.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/ThemeEditSharedThemesOnly.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogConfig.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogExport.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogRemoveConfirm.jsp
roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/web.xml
roller/branches/roller_5.0/weblogger-webapp/src/test/resources/jetty.xml
roller/branches/roller_5.0/weblogger-webapp/src/test/resources/roller-custom.properties
Propchange: roller/branches/roller_5.0/
------------------------------------------------------------------------------
--- svn:ignore (original)
+++ svn:ignore Sat May 12 18:20:01 2012
@@ -1,14 +1,15 @@
+roller-forms.txt
+roller-project.iws
+.idea
+roller-project.ipr
+build
+roller-project.iml
+.settings
velocity.log
roller-startup.log
tomcat
-.idea
+target
classes.eclipse
-build
dist-roller-weblogger-5.0-RC1
-roller-project.iml
-dist
-.settings
out
-roller-project.ipr
-roller-project.iws
-target
+dist
Modified: roller/branches/roller_5.0/weblogger-business/src/main/resources/org/apache/roller/weblogger/config/roller.properties
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-business/src/main/resources/org/apache/roller/weblogger/config/roller.properties?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-business/src/main/resources/org/apache/roller/weblogger/config/roller.properties (original)
+++ roller/branches/roller_5.0/weblogger-business/src/main/resources/org/apache/roller/weblogger/config/roller.properties Sat May 12 18:20:01 2012
@@ -335,6 +335,11 @@ cache.planet.enabled=true
cache.planet.size=10
cache.planet.timeout=1800
+# Salt cache (XSRF protection)
+cache.salt.enabled=true
+cache.salt.size=5000
+cache.salt.timeout=3600
+
#-----------------------------------------------------------------------------
# Security settings
Modified: roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/RollerSession.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/RollerSession.java?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/RollerSession.java (original)
+++ roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/RollerSession.java Sat May 12 18:20:01 2012
@@ -55,8 +55,7 @@ public class RollerSession
public static final String ROLLER_SESSION = "org.apache.roller.weblogger.rollersession";
public static final String ERROR_MESSAGE = "rollererror_message";
public static final String STATUS_MESSAGE = "rollerstatus_message";
-
-
+
/**
* Get RollerSession from request (and add user if not already present).
*/
Modified: roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/filters/LoadSaltFilter.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/filters/LoadSaltFilter.java?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/filters/LoadSaltFilter.java (original)
+++ roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/filters/LoadSaltFilter.java Sat May 12 18:20:01 2012
@@ -23,21 +23,19 @@ import java.security.SecureRandom;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import org.apache.commons.lang.RandomStringUtils;
-import org.apache.roller.weblogger.util.LRUCache2;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.roller.weblogger.ui.rendering.util.cache.SaltCache;
public class LoadSaltFilter implements Filter {
-
+ private static Log log = LogFactory.getLog(LoadSaltFilter.class);
+
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpReq = (HttpServletRequest) request;
- LRUCache2 saltCache = (LRUCache2)
- httpReq.getSession().getAttribute("saltCache");
- if (saltCache == null){
- saltCache = new LRUCache2(10000,3000);
- httpReq.getSession().setAttribute("saltCache", saltCache);
- }
+ SaltCache saltCache = SaltCache.getInstance();
String salt = RandomStringUtils.random(20, 0, 0, true, true, null, new SecureRandom());
saltCache.put(salt, Boolean.TRUE);
httpReq.setAttribute("salt", salt);
Modified: roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/filters/ValidateSaltFilter.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/filters/ValidateSaltFilter.java?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/filters/ValidateSaltFilter.java (original)
+++ roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/core/filters/ValidateSaltFilter.java Sat May 12 18:20:01 2012
@@ -21,24 +21,26 @@ package org.apache.roller.weblogger.ui.c
import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
-import org.apache.roller.weblogger.util.LRUCache2;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.roller.weblogger.ui.rendering.util.cache.SaltCache;
public class ValidateSaltFilter implements Filter {
-
+ private static Log log = LogFactory.getLog(ValidateSaltFilter.class);
+
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpReq = (HttpServletRequest) request;
- String salt = (String) httpReq.getParameter("salt");
- LRUCache2 saltCache = (LRUCache2)
- httpReq.getSession().getAttribute("saltCache");
-
- if (saltCache != null && salt != null && saltCache.get(salt) != null){
- chain.doFilter(request, response);
- } else {
- throw new ServletException("Security Violation");
- }
+ if (httpReq.getMethod().equals("POST")) {
+ String salt = (String) httpReq.getParameter("salt");
+ SaltCache saltCache = SaltCache.getInstance();
+ if (salt == null || saltCache.get(salt) == null || saltCache.get(salt).equals(false)) {
+ throw new ServletException("Security Violation");
+ }
+ }
+ chain.doFilter(request, response);
}
@Override
Modified: roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/PlanetCache.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/PlanetCache.java?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/PlanetCache.java (original)
+++ roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/PlanetCache.java Sat May 12 18:20:01 2012
@@ -24,12 +24,7 @@ import java.util.HashMap;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.config.WebloggerConfig;
-import org.apache.roller.weblogger.business.WebloggerFactory;
-import org.apache.roller.planet.business.Planet;
-import org.apache.roller.planet.business.PlanetFactory;
-import org.apache.roller.planet.business.PlanetManager;
import org.apache.roller.weblogger.ui.rendering.util.PlanetRequest;
import org.apache.roller.weblogger.util.cache.Cache;
import org.apache.roller.weblogger.util.cache.CacheManager;
Added: roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/SaltCache.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/SaltCache.java?rev=1337603&view=auto
==============================================================================
--- roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/SaltCache.java (added)
+++ roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/SaltCache.java Sat May 12 18:20:01 2012
@@ -0,0 +1,114 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. The ASF licenses this file to You
+ * under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License. For additional information regarding
+ * copyright in this work, please see the NOTICE file in the top level
+ * directory of this distribution.
+ */
+
+package org.apache.roller.weblogger.ui.rendering.util.cache;
+
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.roller.weblogger.config.WebloggerConfig;
+import org.apache.roller.weblogger.util.cache.Cache;
+import org.apache.roller.weblogger.util.cache.CacheManager;
+import org.apache.roller.weblogger.util.cache.ExpiringCacheEntry;
+
+/**
+ * For thwarting XSRF attacks. If you're running distributed,
+ * then you must use a distributed cache, e.g. memcached
+ */
+public class SaltCache {
+ private static Log log = LogFactory.getLog(SaltCache.class);
+
+ // a unique identifier for this cache, this is used as the prefix for
+ // roller config properties that apply to this cache
+ public static final String CACHE_ID = "cache.salt";
+
+ private Cache contentCache = null;
+
+ // reference to our singleton instance
+ private static SaltCache singletonInstance = new SaltCache();
+
+ private SaltCache() {
+
+ Map cacheProps = new HashMap();
+ cacheProps.put("id", CACHE_ID);
+ Enumeration allProps = WebloggerConfig.keys();
+ String prop = null;
+ while(allProps.hasMoreElements()) {
+ prop = (String) allProps.nextElement();
+
+ // we are only interested in props for this cache
+ if(prop.startsWith(CACHE_ID+".")) {
+ cacheProps.put(prop.substring(CACHE_ID.length()+1),
+ WebloggerConfig.getProperty(prop));
+ }
+ }
+
+ log.info(cacheProps);
+
+ contentCache = CacheManager.constructCache(null, cacheProps);
+ }
+
+
+ public static SaltCache getInstance() {
+ return singletonInstance;
+ }
+
+
+ public Object get(String key) {
+
+ Object entry = null;
+
+ ExpiringCacheEntry lazyEntry =
+ (ExpiringCacheEntry) this.contentCache.get(key);
+ if(lazyEntry != null) {
+ entry = lazyEntry.getValue();
+ if(entry != null) {
+ log.debug("HIT "+key);
+ } else {
+ log.debug("HIT-EXPIRED "+key);
+ }
+
+ } else {
+ log.debug("MISS "+key);
+ }
+
+ return entry;
+ }
+
+
+ public void put(String key, Object value) {
+ // expire after 60 minutes
+ contentCache.put(key, new ExpiringCacheEntry(value, 60 * 60 * 1000));
+ log.debug("PUT "+key);
+ }
+
+
+ public void remove(String key) {
+ contentCache.remove(key);
+ log.debug("REMOVE "+key);
+ }
+
+
+ public void clear() {
+ contentCache.clear();
+ log.debug("CLEAR");
+ }
+
+}
Modified: roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/WeblogCacheWarmupJob.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/WeblogCacheWarmupJob.java?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/WeblogCacheWarmupJob.java (original)
+++ roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/rendering/util/cache/WeblogCacheWarmupJob.java Sat May 12 18:20:01 2012
@@ -24,18 +24,13 @@ import java.util.List;
import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
-import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.runnable.Job;
import org.apache.roller.weblogger.config.WebloggerConfig;
-import org.apache.roller.weblogger.business.WebloggerFactory;
-import org.apache.roller.weblogger.business.UserManager;
import org.apache.roller.weblogger.pojos.StaticTemplate;
import org.apache.roller.weblogger.pojos.Template;
-import org.apache.roller.weblogger.pojos.Weblog;
import org.apache.roller.weblogger.ui.rendering.Renderer;
import org.apache.roller.weblogger.ui.rendering.RendererManager;
import org.apache.roller.weblogger.ui.rendering.model.ModelLoader;
-import org.apache.roller.weblogger.ui.rendering.util.cache.WeblogFeedCache;
import org.apache.roller.weblogger.ui.rendering.util.WeblogFeedRequest;
import org.apache.roller.weblogger.util.cache.CachedContent;
Modified: roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkAdd.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkAdd.java?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkAdd.java (original)
+++ roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/struts2/editor/BookmarkAdd.java Sat May 12 18:20:01 2012
@@ -22,6 +22,7 @@ import java.net.MalformedURLException;
import java.net.URL;
import java.util.Collections;
import java.util.List;
+import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -180,5 +181,5 @@ public class BookmarkAdd extends UIActio
public void setBean(BookmarkBean bean) {
this.bean = bean;
}
-
+
}
Modified: roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java (original)
+++ roller/branches/roller_5.0/weblogger-web/src/main/java/org/apache/roller/weblogger/ui/struts2/util/UIAction.java Sat May 12 18:20:01 2012
@@ -24,6 +24,7 @@ import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
+import java.util.Map;
import org.apache.roller.weblogger.business.UserManager;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.config.WebloggerConfig;
@@ -34,6 +35,7 @@ import org.apache.roller.weblogger.pojos
import org.apache.roller.weblogger.pojos.WeblogPermission;
import org.apache.roller.weblogger.ui.core.util.menu.Menu;
import org.apache.roller.weblogger.ui.core.util.menu.MenuHelper;
+import org.apache.struts2.interceptor.RequestAware;
/**
@@ -45,8 +47,8 @@ import org.apache.roller.weblogger.ui.co
* which point to a success in a resource bundle, so we automatically call
* getText(key) on the param passed into setError() and setSuccess().
*/
-public abstract class UIAction extends ActionSupport
- implements UIActionPreparable, UISecurityEnforced {
+public abstract class UIAction extends ActionSupport
+ implements UIActionPreparable, UISecurityEnforced, RequestAware {
// a result that sends the user to an access denied warning
public static final String DENIED = "access-denied";
@@ -71,12 +73,20 @@ public abstract class UIAction extends A
// page title
protected String pageTitle = null;
-
+
+ protected String salt = null;
public void myPrepare() {
// no-op
}
-
+
+ public void setRequest(Map<String, Object> map) {
+ this.salt = (String) map.get("salt");
+ }
+
+ public String getSalt() {
+ return salt;
+ }
// default action permissions, user is required
public boolean isUserRequired() {
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CacheInfo.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CacheInfo.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CacheInfo.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CacheInfo.jsp Sat May 12 18:20:01 2012
@@ -37,6 +37,7 @@
<tr>
<td colspan="2">
<s:form action="cacheInfo!clear">
+ <s:hidden name="salt" />
<s:hidden name="cache" value="%{#cache.key}" />
<s:submit value="%{getText('cacheInfo.clear')}" />
</s:form>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetAdd.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetAdd.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetAdd.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetAdd.jsp Sat May 12 18:20:01 2012
@@ -22,6 +22,7 @@
</p>
<s:form action="commonPingTargetAdd!save" >
+ <s:hidden name="salt" />
<div class="formrow">
<label for="name" class="formrow"><s:text name="pingTarget.name" /></label>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetConfirm.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetConfirm.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetConfirm.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetConfirm.jsp Sat May 12 18:20:01 2012
@@ -33,11 +33,13 @@
<div class="control">
<s:form action="commonPingTargets!delete">
+ <s:hidden name="salt" />
<s:hidden name="pingTargetId" />
<s:submit value="%{getText('pingTarget.removeOK')}" />
</s:form>
<s:form action="commonPingTargets">
+ <s:hidden name="salt" />
<s:submit value="%{getText('pingTarget.cancel')}" />
</s:form>
</div>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetEdit.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetEdit.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetEdit.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CommonPingTargetEdit.jsp Sat May 12 18:20:01 2012
@@ -22,6 +22,7 @@
</p>
<s:form action="commonPingTargetEdit!save" >
+ <s:hidden name="salt" />
<s:hidden name="bean.id" />
<div class="formrow">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CreateUser.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CreateUser.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CreateUser.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/CreateUser.jsp Sat May 12 18:20:01 2012
@@ -20,6 +20,7 @@
<p class="subtitle"><s:text name="userAdmin.subtitle.createNewUser" /></p>
<s:form action="createUser!save">
+ <s:hidden name="salt" />
<table class="formtable">
<tr>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalCommentManagement.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalCommentManagement.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalCommentManagement.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalCommentManagement.jsp Sat May 12 18:20:01 2012
@@ -90,6 +90,8 @@ function handleCommentResponse() {
<%-- ============================================================= --%>
<s:form action="globalCommentManagement!update">
+ <s:hidden name="salt" />
+
<s:hidden name="bean.ids" />
<s:hidden name="bean.offset" />
<s:hidden name="bean.count" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalCommentManagementSidebar.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalCommentManagementSidebar.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalCommentManagementSidebar.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalCommentManagementSidebar.jsp Sat May 12 18:20:01 2012
@@ -29,6 +29,7 @@
<p><s:text name="commentManagement.sidebarDescription" /></p>
<s:form action="globalCommentManagement!query" id="comments">
+ <s:hidden name="salt" />
<div class="sideformrow">
<label for="searchString" class="sideformrow"><s:text name="commentManagement.searchString" />:</label>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalConfig.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalConfig.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalConfig.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/GlobalConfig.jsp Sat May 12 18:20:01 2012
@@ -21,6 +21,7 @@
<p><s:text name="configForm.prompt" /></p>
<s:form action="globalConfig!save">
+ <s:hidden name="salt" />
<table class="formtableNoDesc">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/ModifyUser.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/ModifyUser.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/ModifyUser.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/ModifyUser.jsp Sat May 12 18:20:01 2012
@@ -24,6 +24,7 @@
</p>
<s:form action="modifyUser!save">
+ <s:hidden name="salt" />
<s:hidden name="bean.id" />
<table class="formtable">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetConfig.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetConfig.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetConfig.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetConfig.jsp Sat May 12 18:20:01 2012
@@ -23,6 +23,7 @@
<p><s:text name="planetConfig.prompt" /></a>
<s:form action="planetConfig!save">
+ <s:hidden name="salt" />
<table class="formtableNoDesc">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetGroups.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetGroups.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetGroups.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetGroups.jsp Sat May 12 18:20:01 2012
@@ -29,6 +29,7 @@
</p>
<s:form action="planetGroups!save">
+ <s:hidden name="salt" />
<s:hidden name="bean.id" />
<div class="formrow">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetSubscriptions.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetSubscriptions.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetSubscriptions.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/PlanetSubscriptions.jsp Sat May 12 18:20:01 2012
@@ -41,6 +41,7 @@ function confirmSubDelete(subUrl) {
<s:form action="planetSubscriptions!save">
+ <s:hidden name="salt" />
<s:hidden name="groupHandle" />
<div class="formrow">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/UserAdmin.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/UserAdmin.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/UserAdmin.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/admin/UserAdmin.jsp Sat May 12 18:20:01 2012
@@ -27,7 +27,8 @@
<p><s:text name="userAdmin.prompt.searchUser" /></p>
<s:form action="modifyUser" method="GET">
-
+ <s:hidden name="salt" />
+
<span style="margin:4px"><s:text name="inviteMember.userName" /></span>
<input name="userName" id="userName" size="30" maxlength="30"
onfocus="onUserNameFocus(null)" onkeyup="onUserNameChange(null)"
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/CreateDatabase.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/CreateDatabase.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/CreateDatabase.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/CreateDatabase.jsp Sat May 12 18:20:01 2012
@@ -54,6 +54,7 @@
<p><s:text name="installer.createTables" /></p>
<s:form action="install!create">
+ <s:hidden name="salt" />
<s:submit value="%{getText('installer.yesCreateTables')}" />
</s:form>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/CreateWeblog.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/CreateWeblog.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/CreateWeblog.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/CreateWeblog.jsp Sat May 12 18:20:01 2012
@@ -40,6 +40,7 @@ function handlePreview(handle) {
<br />
<s:form action="createWeblog!save">
+<s:hidden name="salt" />
<table class="formtable">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Profile.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Profile.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Profile.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Profile.jsp Sat May 12 18:20:01 2012
@@ -20,6 +20,7 @@
<p class="subtitle"><s:text name="yourProfile.description" /></p>
<s:form action="profile!save">
+ <s:hidden name="salt" />
<table class="formtable">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Register.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Register.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Register.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Register.jsp Sat May 12 18:20:01 2012
@@ -20,6 +20,7 @@
<p><s:text name="userRegister.prompt" /></p>
<s:form action="register!save" >
+ <s:hidden name="salt" />
<s:hidden name="bean.id" />
<s:hidden name="bean.enabled" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Setup.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Setup.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Setup.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/Setup.jsp Sat May 12 18:20:01 2012
@@ -65,6 +65,8 @@
<s:if test="blogCount > 0">
<s:form action="setup!save">
+ <s:hidden name="salt" />
+
<table style="margin-left:2em;width:70%">
<tr>
<td class="label">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/UpgradeDatabase.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/UpgradeDatabase.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/UpgradeDatabase.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/core/UpgradeDatabase.jsp Sat May 12 18:20:01 2012
@@ -39,6 +39,7 @@
<p><s:text name="installer.upgradeTables" /></p>
<s:form action="install!upgrade">
+ <s:hidden name="salt" />
<s:submit value="%{getText('installer.yesUpgradeTables')}" />
</s:form>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarkAdd.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarkAdd.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarkAdd.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarkAdd.jsp Sat May 12 18:20:01 2012
@@ -24,6 +24,7 @@
</p>
<s:form action="bookmarkAdd!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="folderId" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarkEdit.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarkEdit.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarkEdit.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarkEdit.jsp Sat May 12 18:20:01 2012
@@ -24,6 +24,7 @@
</p>
<s:form action="bookmarkEdit!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="bean.id" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Bookmarks.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Bookmarks.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Bookmarks.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Bookmarks.jsp Sat May 12 18:20:01 2012
@@ -76,6 +76,7 @@ function onMove()
<%-- Form is a table of folders followed by bookmarks, each with checkbox --%>
<s:form action="bookmarks!delete">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="folderId" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarksImport.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarksImport.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarksImport.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/BookmarksImport.jsp Sat May 12 18:20:01 2012
@@ -28,6 +28,7 @@
</p>
<s:form action="bookmarksImport!save" method="POST" enctype="multipart/form-data">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:file name="opmlFile" />
<br />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Categories.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Categories.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Categories.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Categories.jsp Sat May 12 18:20:01 2012
@@ -68,6 +68,7 @@ function onMove()
<%-- Form is a table of categories each with checkbox --%>
<s:form action="categories!move">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="categoryId" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryAdd.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryAdd.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryAdd.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryAdd.jsp Sat May 12 18:20:01 2012
@@ -26,6 +26,7 @@
</p>
<s:form action="categoryAdd!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="categoryId" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryEdit.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryEdit.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryEdit.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryEdit.jsp Sat May 12 18:20:01 2012
@@ -26,6 +26,7 @@
</p>
<s:form action="categoryEdit!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="bean.id" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryRemove.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryRemove.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryRemove.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CategoryRemove.jsp Sat May 12 18:20:01 2012
@@ -23,6 +23,7 @@
</h3>
<s:form action="categoryRemove!remove">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="removeId" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Comments.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Comments.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Comments.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Comments.jsp Sat May 12 18:20:01 2012
@@ -60,6 +60,7 @@
<%-- ============================================================= --%>
<s:form action="comments!update">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="bean.ids" />
<s:hidden name="bean.entryId" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CommentsSidebar.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CommentsSidebar.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CommentsSidebar.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CommentsSidebar.jsp Sat May 12 18:20:01 2012
@@ -29,6 +29,7 @@
<p><s:text name="commentManagement.sidebarDescription" /></p>
<s:form action="comments!query" id="commentsQuery">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<div class="sideformrow">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetAdd.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetAdd.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetAdd.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetAdd.jsp Sat May 12 18:20:01 2012
@@ -24,6 +24,7 @@
</p>
<s:form action="customPingTargetAdd!save" >
+ <s:hidden name="salt" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
<div class="formrow">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetConfirm.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetConfirm.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetConfirm.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetConfirm.jsp Sat May 12 18:20:01 2012
@@ -33,12 +33,14 @@
<div class="control">
<s:form action="customPingTargets!delete">
+ <s:hidden name="salt" />
<s:hidden name="pingTargetId" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
<s:submit value="%{getText('pingTarget.removeOK')}" />
</s:form>
<s:form action="customPingTargets">
+ <s:hidden name="salt" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
<s:submit value="%{getText('pingTarget.cancel')}" />
</s:form>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetEdit.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetEdit.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetEdit.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/CustomPingTargetEdit.jsp Sat May 12 18:20:01 2012
@@ -24,6 +24,7 @@
</p>
<s:form action="customPingTargetEdit!save" >
+ <s:hidden name="salt" />
<s:hidden name="bean.id" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntriesSidebar.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntriesSidebar.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntriesSidebar.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntriesSidebar.jsp Sat May 12 18:20:01 2012
@@ -29,6 +29,7 @@
<p><s:text name="weblogEntryQuery.sidebarDescription" /></p>
<s:form action="entries">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="bean.count" />
<s:hidden name="bean.offset" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryAdd.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryAdd.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryAdd.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryAdd.jsp Sat May 12 18:20:01 2012
@@ -42,6 +42,7 @@
</p>
<s:form id="entry" action="entryAdd!save" onsubmit="editorCleanup()">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<%-- ================================================================== --%>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryEdit.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryEdit.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryEdit.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryEdit.jsp Sat May 12 18:20:01 2012
@@ -51,6 +51,7 @@ function fullPreviewMode() {
</p>
<s:form id="entry" action="entryEdit!save" onsubmit="editorCleanup()">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="bean.id" />
<s:hidden name="bean.commentCount" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryRemove.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryRemove.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryRemove.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/EntryRemove.jsp Sat May 12 18:20:01 2012
@@ -31,6 +31,7 @@
<tr>
<td>
<s:form action="entryRemove!remove">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="removeId" />
<s:submit value="%{getText('weblogEntryRemove.yes')}" />
@@ -38,6 +39,7 @@
</td>
<td>
<s:form action="entryEdit">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="bean.id" value="%{removeId}" />
<s:submit value="%{getText('weblogEntryRemove.no')}" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/FolderAdd.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/FolderAdd.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/FolderAdd.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/FolderAdd.jsp Sat May 12 18:20:01 2012
@@ -24,6 +24,7 @@
</p>
<s:form action="folderAdd!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="folderId" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/FolderEdit.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/FolderEdit.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/FolderEdit.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/FolderEdit.jsp Sat May 12 18:20:01 2012
@@ -24,6 +24,7 @@
</p>
<s:form action="folderEdit!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="bean.id" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Maintenance.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Maintenance.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Maintenance.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Maintenance.jsp Sat May 12 18:20:01 2012
@@ -20,6 +20,7 @@
<p class="subtitle"><s:text name="maintenance.subtitle" /></p>
<s:form action="maintenance">
+ <s:hidden name="salt" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
<s:text name="maintenance.prompt.flush" /><br /><br />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAdd.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAdd.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAdd.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAdd.jsp Sat May 12 18:20:01 2012
@@ -68,6 +68,7 @@
</p>
<s:form id="entry" action="mediaFileAdd!save" method="POST" enctype="multipart/form-data">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<%-- ================================================================== --%>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAddExternalInclude.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAddExternalInclude.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAddExternalInclude.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAddExternalInclude.jsp Sat May 12 18:20:01 2012
@@ -29,6 +29,7 @@ function submitPage(frm) {
</script>
<s:form id="entry" action=" " onsubmit="editorCleanup()" method="POST">
+ <s:hidden name="salt" />
<table class="entryEditTable" cellpadding="0" cellspacing="0" width="100%">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAddSuccess.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAddSuccess.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAddSuccess.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileAddSuccess.jsp Sat May 12 18:20:01 2012
@@ -69,6 +69,7 @@
</p>
<s:form id="entry" action="entryAddWithMediaFile">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="enclosureUrl" id="enclosureUrl" />
<input type="hidden" name="type" value="weblog" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileEdit.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileEdit.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileEdit.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileEdit.jsp Sat May 12 18:20:01 2012
@@ -75,6 +75,7 @@ $("#d_clip_button").ready(function() {
</p>
<s:form id="entry" action="mediaFileEdit!save" method="POST" enctype="multipart/form-data">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="mediaFileId" id="mediaFileId" />
<s:hidden name="bean.permalink" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileImageChooser.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileImageChooser.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileImageChooser.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileImageChooser.jsp Sat May 12 18:20:01 2012
@@ -97,7 +97,7 @@
<s:if test="childFiles || childDirectories || (pager && pager.items.size() > 0)">
<s:form id="mediaFileChooserForm" name="mediaFileChooserForm" action="mediaFileView">
-
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="directoryId" />
<input type="hidden" name="mediaFileId" value="" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileSidebar.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileSidebar.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileSidebar.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileSidebar.jsp Sat May 12 18:20:01 2012
@@ -63,6 +63,7 @@
<s:form id="mediaFileSearchForm" name="mediaFileSearchForm"
action="mediaFileView!search" onsubmit="editorCleanup()">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<input type="hidden" name="mediaFileId" value="" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileView.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileView.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileView.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MediaFileView.jsp Sat May 12 18:20:01 2012
@@ -181,6 +181,7 @@
<s:form id="createPostForm" action='entryAddWithMediaFile'>
+ <s:hidden name="salt" />
<input type="hidden" name="weblog" value='<s:property value="actionWeblog.handle" />' />
<input type="hidden" name="selectedImage" id="selectedImage" />
<input type="hidden" name="type" id="type" />
@@ -286,6 +287,7 @@
<s:if test="childFiles || childDirectories || (pager && pager.items.size() > 0)">
<s:form id="mediaFileViewForm" name="mediaFileViewForm" action="mediaFileView">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="directoryId" />
<s:hidden name="newDirectoryName" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Members.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Members.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Members.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Members.jsp Sat May 12 18:20:01 2012
@@ -42,6 +42,7 @@ function save() {
<p><s:text name="memberPermissions.description" /></p>
<s:form action="members!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
<div style="text-align: right; padding-bottom: 6px;">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MembersInvite.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MembersInvite.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MembersInvite.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/MembersInvite.jsp Sat May 12 18:20:01 2012
@@ -27,6 +27,7 @@
<p><s:text name="inviteMember.prompt" /></p>
<s:form action="invite!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
<div class="formrow">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Referrers.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Referrers.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Referrers.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/Referrers.jsp Sat May 12 18:20:01 2012
@@ -28,6 +28,7 @@
</p>
<s:form action="referrers!remove">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<%-- Table of referers, with check box for each --%>
@@ -63,6 +64,7 @@
<h1><s:text name="referers.hitCounters" /></h1>
<p><s:text name="referers.hits" />: <s:property value="dayHits"/></p>
<s:form action="referrers!reset">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:submit value="%{getText('referers.reset')}" />
</s:form>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/StylesheetEdit.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/StylesheetEdit.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/StylesheetEdit.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/StylesheetEdit.jsp Sat May 12 18:20:01 2012
@@ -25,6 +25,7 @@
</p>
<s:form action="stylesheetEdit!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<%-- ================================================================== --%>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplateEdit.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplateEdit.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplateEdit.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplateEdit.jsp Sat May 12 18:20:01 2012
@@ -32,6 +32,7 @@
</s:else>
<s:form action="templateEdit!save" id="template">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="bean.id"/>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplateRemove.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplateRemove.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplateRemove.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplateRemove.jsp Sat May 12 18:20:01 2012
@@ -37,6 +37,8 @@
<tr>
<td>
<s:form action="templateRemove!remove">
+ <s:hidden name="salt" />
+
<s:hidden name="removeId" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplatesSidebar.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplatesSidebar.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplatesSidebar.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/TemplatesSidebar.jsp Sat May 12 18:20:01 2012
@@ -26,7 +26,8 @@
<hr size="1" noshade="noshade" />
<s:form action="templates!add">
- <s:hidden name="weblog" />
+ <s:hidden name="salt" />
+ <s:hidden name="weblog" />
<table cellpadding="0" cellspacing="6">
<tr>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/ThemeEdit.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/ThemeEdit.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/ThemeEdit.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/ThemeEdit.jsp Sat May 12 18:20:01 2012
@@ -59,6 +59,7 @@ function toggleImportThemeDisplay() {
</p>
<s:form action="themeEdit!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<table width="100%" cellpadding="0" cellspacing="0">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/ThemeEditSharedThemesOnly.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/ThemeEditSharedThemesOnly.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/ThemeEditSharedThemesOnly.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/ThemeEditSharedThemesOnly.jsp Sat May 12 18:20:01 2012
@@ -37,6 +37,7 @@ function fullPreview() {
</p>
<s:form action="themeEdit!save">
+ <s:hidden name="salt" />
<s:hidden name="weblog" />
<s:hidden name="themeType" value="shared" />
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogConfig.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogConfig.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogConfig.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogConfig.jsp Sat May 12 18:20:01 2012
@@ -24,7 +24,7 @@
</p>
<s:form action="weblogConfig!save">
-
+ <s:hidden name="salt" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
<s:hidden name="bean.defaultCategoryId" />
@@ -265,6 +265,7 @@
<s:form action="weblogRemove">
+ <s:hidden name="salt" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
<h2><s:text name="websiteSettings.removeWebsiteHeading" /></h2>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogExport.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogExport.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogExport.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogExport.jsp Sat May 12 18:20:01 2012
@@ -30,6 +30,7 @@
<h2><s:text name="weblogExport.entries" /></h2>
<p class="pagetip" style="width:50%"><s:text name="weblogExport.entries.tip" /></p>
<s:form name="entriesExport" action="weblogExport!exportEntries" method="POST">
+ <s:hidden name="salt" />
<table cellpadding="0" cellspacing="5" border="0">
<tr>
<td valign="baseline" align="right"><s:text name="weblogExport.baseUrl"/></td>
@@ -51,6 +52,7 @@
<h2><s:text name="weblogExport.resources" /></h2>
<p class="pagetip" style="width:50%"><s:text name="weblogExport.resources.tip" /></p>
<s:form name="resourcesExport" action="weblogExport!exportResources" method="POST">
+ <s:hidden name="salt" />
<table cellpadding="0" cellspacing="5" border="0">
<tr>
<td valign="baseline">
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogRemoveConfirm.jsp
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogRemoveConfirm.jsp?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogRemoveConfirm.jsp (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/jsps/editor/WeblogRemoveConfirm.jsp Sat May 12 18:20:01 2012
@@ -42,12 +42,14 @@
<tr>
<td>
<s:form action="weblogRemove!remove">
+ <s:hidden name="salt" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
<s:submit value="%{getText('application.yes')}" />
</s:form>
</td>
<td>
<s:form action="weblogConfig" method="post">
+ <s:hidden name="salt" />
<s:hidden name="weblog" value="%{actionWeblog.handle}" />
<s:submit value="%{getText('application.no')}" />
</s:form>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/web.xml?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/web.xml (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/main/webapp/WEB-INF/web.xml Sat May 12 18:20:01 2012
@@ -160,17 +160,15 @@
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
-<!--
<filter-mapping>
<filter-name>LoadSaltFilter</filter-name>
- <url-pattern>/roller-ui</url-pattern>
+ <url-pattern>/roller-ui/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>ValidateSaltFilter</filter-name>
- <url-pattern>/roller-ui</url-pattern>
+ <url-pattern>/roller-ui/*</url-pattern>
</filter-mapping>
--->
<!-- Request mapping. this is what allows the urls to work -->
<filter-mapping>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/test/resources/jetty.xml
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/test/resources/jetty.xml?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/test/resources/jetty.xml (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/test/resources/jetty.xml Sat May 12 18:20:01 2012
@@ -5,7 +5,7 @@
<!-- Configure a log -->
- <New id="ServerLog" class="java.io.PrintStream">
+<!-- <New id="ServerLog" class="java.io.PrintStream">
<Arg>
<New class="org.mortbay.util.RolloverFileOutputStream">
<Arg>${project.build.directory}/yyyy_mm_dd.stderrout.log</Arg>
@@ -19,9 +19,9 @@
<Get id="ServerLogName" name="datedFilename"/>
</New>
</Arg>
- </New>
+ </New>-->
- <Call class="org.mortbay.log.Log" name="info">
+<!-- <Call class="org.mortbay.log.Log" name="info">
<Arg>Redirecting stderr/stdout to
<Ref id="ServerLogName"/>
</Arg>
@@ -35,6 +35,6 @@
<Arg>
<Ref id="ServerLog"/>
</Arg>
- </Call>
+ </Call>-->
</Configure>
Modified: roller/branches/roller_5.0/weblogger-webapp/src/test/resources/roller-custom.properties
URL: http://svn.apache.org/viewvc/roller/branches/roller_5.0/weblogger-webapp/src/test/resources/roller-custom.properties?rev=1337603&r1=1337602&r2=1337603&view=diff
==============================================================================
--- roller/branches/roller_5.0/weblogger-webapp/src/test/resources/roller-custom.properties (original)
+++ roller/branches/roller_5.0/weblogger-webapp/src/test/resources/roller-custom.properties Sat May 12 18:20:01 2012
@@ -45,5 +45,16 @@ cache.weblogpage.enabled=false
cache.weblogfeed.enabled=false
cache.planet.enabled=false
+
+
# logging - you can set Log4J properties here
+log4j.rootLogger=WARN, stdout
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.ConversionPattern=%d %p [%t] %C{1} - %m\n
+
#log4j.logger.org.apache.roller.weblogger.business=DEBUG
+log4j.logger.org.apache.roller=ERROR
+log4j.logger.org.apache.roller.weblogger.ui.core.filters.LoadSaltFilter=DEBUG
+log4j.logger.org.apache.roller.weblogger.ui.core.filters.ValidateSaltFilter=DEBUG
+log4j.logger.org.apache.roller.weblogger.ui.rendering.util.cache.SaltCache=DEBUG