You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tapestry.apache.org by "Igor Drobiazko (JIRA)" <ji...@apache.org> on 2009/12/30 09:41:29 UTC
[jira] Created: (TAP5-963) RegexAuthorizer should allow access to
static resources (css, js, jpg, jpeg, png, gif) inside the app package
RegexAuthorizer should allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
-------------------------------------------------------------------------------------------------------------
Key: TAP5-963
URL: https://issues.apache.org/jira/browse/TAP5-963
Project: Tapestry 5
Issue Type: Improvement
Components: tapestry-core
Affects Versions: 5.1.0.6
Reporter: Igor Drobiazko
Following should be sufficient:
- add a contribution like:
public void contributeRegexAuthorizer(
final Configuration<String> regex,
@Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
}
- document how to make further resources accessible (e.g. outside the app package)
- document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (TAP5-963) Allow access to static resources (css,
js, jpg, jpeg, png, gif) inside the app package
Posted by "Robert Zeigler (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12795618#action_12795618 ]
Robert Zeigler commented on TAP5-963:
-------------------------------------
Do we really want to open up all paths under app-package? Or perhaps just .pages, .components, .mixins, and subdirectories of those?
> Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> --------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
> Fix For: 5.2.0, 5.1.0.7
>
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (TAP5-963) Allow access to static resources (css,
js, jpg, jpeg, png, gif) inside the app package
Posted by "Igor Drobiazko (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12795881#action_12795881 ]
Igor Drobiazko commented on TAP5-963:
-------------------------------------
Can you think of any images or css file that are not meant to be public? I can't and suppose it is ok to open up all path under app package.
> Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> --------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
> Fix For: 5.2.0, 5.1.0.7
>
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (TAP5-963) RegexAuthorizer should allow access to
static resources (css, js, jpg, jpeg, png, gif) inside the app package
Posted by "Igor Drobiazko (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Igor Drobiazko reassigned TAP5-963:
-----------------------------------
Assignee: Igor Drobiazko
> RegexAuthorizer should allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> -------------------------------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (TAP5-963) Allow access to static resources (css,
js, jpg, jpeg, png, gif) inside the app package
Posted by "Igor Drobiazko (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Igor Drobiazko closed TAP5-963.
-------------------------------
Resolution: Fixed
Fix Version/s: 5.1.0.7
5.2.0
> Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> --------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
> Fix For: 5.2.0, 5.1.0.7
>
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (TAP5-963) Allow access to static resources (css,
js, jpg, jpeg, png, gif) inside the app package
Posted by "Igor Drobiazko (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Igor Drobiazko updated TAP5-963:
--------------------------------
Summary: Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package (was: RegexAuthorizer should allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package)
> Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> --------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (TAP5-963) Allow access to static resources (css,
js, jpg, jpeg, png, gif) inside the app package
Posted by "Igor Drobiazko (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12795881#action_12795881 ]
Igor Drobiazko commented on TAP5-963:
-------------------------------------
Can you think of any images or css file that are not meant to be public? I can't and suppose it is ok to open up all path under app package.
> Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> --------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
> Fix For: 5.2.0, 5.1.0.7
>
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (TAP5-963) Allow access to static resources (css,
js, jpg, jpeg, png, gif) inside the app package
Posted by "Igor Drobiazko (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Igor Drobiazko closed TAP5-963.
-------------------------------
Resolution: Fixed
Fix Version/s: 5.1.0.7
5.2.0
> Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> --------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
> Fix For: 5.2.0, 5.1.0.7
>
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (TAP5-963) Allow access to static resources (css,
js, jpg, jpeg, png, gif) inside the app package
Posted by "Igor Drobiazko (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Igor Drobiazko updated TAP5-963:
--------------------------------
Summary: Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package (was: RegexAuthorizer should allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package)
> Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> --------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (TAP5-963) Allow access to static resources (css,
js, jpg, jpeg, png, gif) inside the app package
Posted by "Robert Zeigler (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12795618#action_12795618 ]
Robert Zeigler commented on TAP5-963:
-------------------------------------
Do we really want to open up all paths under app-package? Or perhaps just .pages, .components, .mixins, and subdirectories of those?
> Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> --------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
> Fix For: 5.2.0, 5.1.0.7
>
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (TAP5-963) Allow access to static resources (css,
js, jpg, jpeg, png, gif) inside the app package
Posted by "Robert Zeigler (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12795936#action_12795936 ]
Robert Zeigler commented on TAP5-963:
-------------------------------------
As a matter of fact, I can.
I have apps with images & css files that are supposed to be accessible only by one set of users or another, based on an affiliated site/location.
I prefer it if the framework doesn't dictate to me what it thinks should be accessible from the classpath. ;)
But I appear to be in the minority on this issue, so I'll contribute my own asset path analyzer ahead of regex analyzer to restrict those paths and make things easier for the majority of users that prefer images and css files under app to be accessible by default.
Cheers,
Robert
> Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> --------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
> Fix For: 5.2.0, 5.1.0.7
>
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (TAP5-963) Allow access to static resources (css,
js, jpg, jpeg, png, gif) inside the app package
Posted by "Robert Zeigler (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12795936#action_12795936 ]
Robert Zeigler commented on TAP5-963:
-------------------------------------
As a matter of fact, I can.
I have apps with images & css files that are supposed to be accessible only by one set of users or another, based on an affiliated site/location.
I prefer it if the framework doesn't dictate to me what it thinks should be accessible from the classpath. ;)
But I appear to be in the minority on this issue, so I'll contribute my own asset path analyzer ahead of regex analyzer to restrict those paths and make things easier for the majority of users that prefer images and css files under app to be accessible by default.
Cheers,
Robert
> Allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> --------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
> Fix For: 5.2.0, 5.1.0.7
>
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (TAP5-963) RegexAuthorizer should allow access to
static resources (css, js, jpg, jpeg, png, gif) inside the app package
Posted by "Igor Drobiazko (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/TAP5-963?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Igor Drobiazko reassigned TAP5-963:
-----------------------------------
Assignee: Igor Drobiazko
> RegexAuthorizer should allow access to static resources (css, js, jpg, jpeg, png, gif) inside the app package
> -------------------------------------------------------------------------------------------------------------
>
> Key: TAP5-963
> URL: https://issues.apache.org/jira/browse/TAP5-963
> Project: Tapestry 5
> Issue Type: Improvement
> Components: tapestry-core
> Affects Versions: 5.1.0.6
> Reporter: Igor Drobiazko
> Assignee: Igor Drobiazko
>
> Following should be sufficient:
> - add a contribution like:
> public void contributeRegexAuthorizer(
> final Configuration<String> regex,
> @Symbol(InternalConstants.TAPESTRY_APP_PACKAGE_PARAM) final String appPackageName) {
> final String pattern = "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^" + appPackageName.replace(".", "/") + "/" + pattern);
> }
> - document how to make further resources accessible (e.g. outside the app package)
> - document how to override asset protection defaults
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.