You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by oc...@apache.org on 2011/04/12 09:07:05 UTC
svn commit: r1091313 - in /archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF: jsp/decorators/default.jsp jsp/quickSearch.jsp jsp/results.jsp web.xml

Author: oching
Date: Tue Apr 12 07:07:05 2011
New Revision: 1091313

URL: http://svn.apache.org/viewvc?rev=1091313&view=rev
Log:
reverted previous csrf fixes committed in -r1081111

Modified:
    archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
    archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/quickSearch.jsp
    archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/results.jsp
    archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/web.xml

Modified: archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp?rev=1091313&r1=1091312&r2=1091313&view=diff
==============================================================================
--- archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp (original)
+++ archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/decorators/default.jsp Tue Apr 12 07:07:05 2011
@@ -80,7 +80,7 @@
 
 
 <div id="topSearchBox">
-    <s:form method="post" action="quickSearch" namespace="/" validate="true">
+    <s:form method="get" action="quickSearch" namespace="/" validate="true">
         <s:textfield label="Search for" size="30" name="q"/>
     </s:form>
 </div>

Modified: archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/quickSearch.jsp
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/quickSearch.jsp?rev=1091313&r1=1091312&r2=1091313&view=diff
==============================================================================
--- archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/quickSearch.jsp (original)
+++ archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/quickSearch.jsp Tue Apr 12 07:07:05 2011
@@ -94,7 +94,7 @@
 
   <c:url var="iconCreateUrl" value="/images/icons/create.png" />
   
-  <s:form method="post" id="quickSearch" action="quickSearch" validate="true">    
+  <s:form method="get" id="quickSearch" action="quickSearch" validate="true">    
     <s:textfield label="Search for" size="50" name="q"/> 
     <s:hidden name="completeQueryString" value="%{completeQueryString}"/>  
     <s:submit value="Search"/>      	
@@ -111,7 +111,7 @@
     </tr>
     <tr>
       <td>    
-        <s:form id="filteredSearch" method="post" action="filteredSearch" validate="true">
+        <s:form id="filteredSearch" method="get" action="filteredSearch" validate="true">  
           <label><strong>Advanced Search Fields: </strong></label><s:select name="searchField" list="searchFields" theme="simple"/> 
           <s:a href="#" title="Add Search Field" onclick="addSearchField( document.filteredSearch.searchField.options[document.filteredSearch.searchField.selectedIndex].text, document.filteredSearch.searchField.value, 'dynamicFields' )" theme="simple">
             <img src="${iconCreateUrl}" />

Modified: archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/results.jsp
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/results.jsp?rev=1091313&r1=1091312&r2=1091313&view=diff
==============================================================================
--- archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/results.jsp (original)
+++ archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/jsp/results.jsp Tue Apr 12 07:07:05 2011
@@ -85,7 +85,7 @@
         </tr>
         <tr>
           <td>
-          <s:form id="filteredSearch" method="post" action="filteredSearch" validate="true">
+          <s:form id="filteredSearch" method="get" action="filteredSearch" validate="true">
             <s:hidden name="fromFilterSearch" value="%{#attr.fromFilterSearch}" theme="simple"/>  
             <label><strong>Advanced Search Fields: </strong></label><s:select name="searchField" list="searchFields" theme="simple"/> 
             <s:a href="#" title="Add Search Field" onclick="addSearchField( document.filteredSearch.searchField.options[document.filteredSearch.searchField.selectedIndex].text, document.filteredSearch.searchField.value, 'dynamicFields' )" theme="simple">
@@ -108,7 +108,7 @@
       </table>
     </c:if>
     <c:if test="${fromFilterSearch == false}">
-      <s:form method="post" action="quickSearch" validate="true">
+      <s:form method="get" action="quickSearch" validate="true">
         <s:textfield label="Search for" size="50" name="q"/>
         <s:checkbox label="Search within results" name="searchResultsOnly"/>        
         <s:hidden name="completeQueryString" value="%{#attr.completeQueryString}"/>        

Modified: archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/web.xml?rev=1091313&r1=1091312&r2=1091313&view=diff
==============================================================================
--- archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/web.xml (original)
+++ archiva/branches/archiva-1.3.x/archiva-modules/archiva-web/archiva-webapp/src/main/webapp/WEB-INF/web.xml Tue Apr 12 07:07:05 2011
@@ -29,21 +29,6 @@
           <filter-class>org.apache.struts2.dispatcher.ActionContextCleanUp</filter-class>
         </filter>
 
-  <!-- To enable this filter, uncomment the corresponding filter-mapping -->
-  <filter>
-    <filter-name>redback-csrf</filter-name>
-    <filter-class>org.codehaus.plexus.redback.struts2.filter.RedbackCSRFFilter</filter-class>
-    <init-param>
-      <param-name>nonceCacheSize</param-name>
-      <param-value>20</param-value>
-    </init-param>
-    <init-param>
-      <param-name>excludedPaths</param-name>
-      <param-value>/css/**,/images/**,/struts/**,/favicon.ico,/js/**,//repository/**,//xmlrpc/**,//feeds/**</param-value>
-    </init-param>
-  </filter>
-
-
 	<filter>
 		<filter-name>sitemesh</filter-name>
 		<filter-class>
@@ -67,25 +52,18 @@
 			<param-name>forceEncoding</param-name>
 			<param-value>true</param-value>
 		</init-param>
-	</filter>
-
-  <!-- Uncomment this to apply the CSRF filter mapping in Archiva
-  <filter-mapping>
-    <filter-name>redback-csrf</filter-name>
-    <url-pattern>/*</url-pattern>
-  </filter-mapping>
-  -->
-
+	</filter>  
+  
 	<filter-mapping>
 		<filter-name>encodingFilter</filter-name>
 		<url-pattern>/*</url-pattern>
 	</filter-mapping>
 
-  <!-- this must be before the sitemesh filter -->
-  <filter-mapping>
-    <filter-name>webwork-cleanup</filter-name>
-    <url-pattern>/*</url-pattern>
-  </filter-mapping>
+	<!-- this must be before the sitemesh filter -->
+	<filter-mapping>
+		<filter-name>webwork-cleanup</filter-name>
+		<url-pattern>/*</url-pattern>
+	</filter-mapping>
 
 	<filter-mapping>
 		<filter-name>sitemesh</filter-name>