You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tapestry.apache.org by Jim O'Callaghan <jc...@yahoo.co.uk> on 2010/06/02 08:25:57 UTC
RE: Asset protection and upgrade notes
It would appear that even with this code to check the version number,
without a T5.2.0 equivalent for the RegexAuthorizer service to allow some
variation on:
("com/orientimport/.*\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif)|(html)|(ico)|(s
wf)|(xml))$")
... to grant access to resources the t5easyfckEditor won't work. It's a
pity no workaround seems to be available for this, unless I am missing
something.
Regards,
Jim.
-----Original Message-----
From: Ville Virtanen [mailto:ville.virtanen@cerion.fi]
Sent: 31 May 2010 18:00
To: users@tapestry.apache.org
Subject: Re: Asset protection and upgrade notes
Also this choice forces us library writers to either
a) support two separate deployment jars for different T5 versions
b) fork the code depending on the T5 version
So my approach is probably this:
public static void
contributeClasspathAssetAliasManager(MappedConfiguration<String, String>
configuration,
@Inject @Symbol(FckEditorConstants.EDITOR_CONTEXT) String
location,
@Inject @Symbol(SymbolConstants.TAPESTRY_VERSION) String
t5Version)
{
if(!location.equalsIgnoreCase("easyfck") ||
getTapestryVersion(t5Version) < 5106) {
configuration.add(location, "com/orientimport/easyfck/js");
}
}
private static int getTapestryVersion(String version) {
return Integer.parseInt(version.replaceAll("\\.", ""));
}
Not elegant, not good code (assumes something about the future version
numbers..), not maintainable in long run, if these dicisions will keep
popping up.
Also the automatic classpath asset addition works for this library only if
the user who uses the library hasn't decided to use custom url for his/hers
fck editor. It should not be depended on the TAG prefix?
My 2c,
- Ville
Ville Virtanen wrote:
>
> Hi,
>
> I've been tracking the documentation to understand the change in asset
> protection, but haven't found anything useful.
>
> I've checked the upgrade guide from svn (last update 4 days ago):
>
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/src/site/apt/upgrade.a
pt?revision=948226&view=markup
>
> But really it only mentions the no-slashes-in-virtual-folders restriction.
> Where is the asset protection part or am I looking from wrong sources?
>
> Also, what is the rationale behind removing library specific versions?
> Even if the 3rd party library doesn't change any resources browsers are
> forced to download all assets again when updating the main program.
> Technical challenges I presume?
>
> Anyhow, the info on asset protection is very important for me, or at least
> just plain cold "We're working on it and have no eta.". (Then I know to
> stop reading through sources.)
>
> - Ville
>
--
View this message in context:
http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28733093
.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Asset protection and upgrade notes
Posted by Howard Lewis Ship <hl...@gmail.com>.
There aren't any plans to create a direct replacement for RegexAuthorizer.
Tapestry now protects WEB-INF and META-INF.
A much more limited stretch of the classpath is exposed; only
classpath resources below your application's root package are made
visible.
For resources you want to make protected, contribute file name
extensions to the ResourceDigestGenerator service.
Protected resources require a valid checksum (it appears as a query
parameter). This checksum can only be calculated from the content of
the file; thus it can only be computed by the server. By default
"class" and "tml" are protected.
We're still working on the best way to prevent the generation of
directory listings via the asset dispatcher.
On Thu, Jun 10, 2010 at 1:31 AM, Jim O'Callaghan <jc...@yahoo.co.uk> wrote:
> Sorry for bumping this thread, but has there been any update to the notes /
> direction to take on a replacement for the RegexAuthorizer - has the dev in
> this area finished in T5.2.0-SNAPSHOT?
>
> Thanks,
> Jim.
>
> -----Original Message-----
> From: Jim O'Callaghan [mailto:jc1000001@yahoo.co.uk]
> Sent: 02 June 2010 13:06
> To: 'Tapestry users'
> Subject: RE: Asset protection and upgrade notes
>
> Thanks for the input Dmitry. I don't think this is related to the problem
> Ville is talking about (contributeClasspathAssetAliasManager manually
> depending on T5 version), but from my perspective, it doesn't fix the
> problem of what is an alternative to the RegexAuthorizer. The
> ComponentClassResolver auto adds a ClasspathAssetAlias when a LibraryMapping
> is added to the configuration, and a second contribute causes a collision on
> the map key (hence Ville's query). It would be great if the devs making the
> change could chip in with some advice, or perhaps the path to take isn't
> finalised yet.
>
> Regards,
> Jim.
>
> -----Original Message-----
> From: Dmitry Gusev [mailto:dmitry.gusev@gmail.com]
> Sent: 02 June 2010 11:37
> To: Tapestry users
> Subject: Re: Asset protection and upgrade notes
>
> I had to replace my RegexAutorizer contribution with contribution to
> ClasspathAssetAliasManager to make my app working with latest
> T5.2.0-SNAPSHOT:
>
> was:
>
> public void contributeRegexAuthorizer(Configuration<String> regex)
>> {
>> String pathPattern =
>> "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
>> regex.add("^anjlab/cubics/css/" + pathPattern);
>> regex.add("^anjlab/cubics/images/" + pathPattern);
>> regex.add("^anjlab/cubics/js/" + pathPattern);
>> regex.add("^anjlab/cubics/js/jquery-1.3.2.js");
>> }
>>
>
> become:
>
> public static void
>> contributeClasspathAssetAliasManager(MappedConfiguration<String, String>
>> configuration)
>> {
>> configuration.add("cubics", "anjlab/cubics");
>> }
>>
>
> May be this will help.
>
> On Wed, Jun 2, 2010 at 12:51, Ville Virtanen
> <vi...@cerion.fi>wrote:
>
>>
>> Exactly,
>>
>> the message was only to point out that changes like these make library
>> writer's life hard in the long run. So I was only questioning the
> rationale
>> behind the change in no-slashes-in-virtual-folders and how it auto
>> contributes the associated contribution to ClasspathAssetAliasManager.
>>
>> In my opinion that auto contribution should be removed.
>>
>> The missing RegexAuthorizer is quite a wall to climb for me. Perhaps I
> need
>> to contribute my own implementation of AssetPathAuthorizer? Anyone?
>>
>> - Ville
>>
>>
>> jc1001 wrote:
>> >
>> > It would appear that even with this code to check the version number,
>> > without a T5.2.0 equivalent for the RegexAuthorizer service to allow
> some
>> > variation on:
>> >
>> >
>>
> ("com/orientimport/.*\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif)|(html)|(ico)|(s
>> > wf)|(xml))$")
>> >
>> > ... to grant access to resources the t5easyfckEditor won't work. It's a
>> > pity no workaround seems to be available for this, unless I am missing
>> > something.
>> >
>> > Regards,
>> > Jim.
>> >
>> > -----Original Message-----
>> > From: Ville Virtanen [mailto:ville.virtanen@cerion.fi]
>> > Sent: 31 May 2010 18:00
>> > To: users@tapestry.apache.org
>> > Subject: Re: Asset protection and upgrade notes
>> >
>> >
>> > Also this choice forces us library writers to either
>> >
>> > a) support two separate deployment jars for different T5 versions
>> > b) fork the code depending on the T5 version
>> >
>> > So my approach is probably this:
>> > public static void
>> > contributeClasspathAssetAliasManager(MappedConfiguration<String, String>
>> > configuration,
>> > @Inject @Symbol(FckEditorConstants.EDITOR_CONTEXT) String
>> > location,
>> > @Inject @Symbol(SymbolConstants.TAPESTRY_VERSION) String
>> > t5Version)
>> > {
>> > if(!location.equalsIgnoreCase("easyfck") ||
>> > getTapestryVersion(t5Version) < 5106) {
>> > configuration.add(location, "com/orientimport/easyfck/js");
>> > }
>> > }
>> >
>> > private static int getTapestryVersion(String version) {
>> > return Integer.parseInt(version.replaceAll("\\.", ""));
>> > }
>> >
>> > Not elegant, not good code (assumes something about the future version
>> > numbers..), not maintainable in long run, if these dicisions will keep
>> > popping up.
>> >
>> > Also the automatic classpath asset addition works for this library only
>> if
>> > the user who uses the library hasn't decided to use custom url for
>> > his/hers
>> > fck editor. It should not be depended on the TAG prefix?
>> >
>> > My 2c,
>> >
>> > - Ville
>> >
>> >
>> >
>> >
>> > Ville Virtanen wrote:
>> >>
>> >> Hi,
>> >>
>> >> I've been tracking the documentation to understand the change in asset
>> >> protection, but haven't found anything useful.
>> >>
>> >> I've checked the upgrade guide from svn (last update 4 days ago):
>> >>
>> >
>>
> http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/src/site/apt/upgrade.a
>> > pt?revision=948226&view=markup
>> >>
>> >> But really it only mentions the no-slashes-in-virtual-folders
>> >> restriction.
>> >> Where is the asset protection part or am I looking from wrong sources?
>> >>
>> >> Also, what is the rationale behind removing library specific versions?
>> >> Even if the 3rd party library doesn't change any resources browsers are
>> >> forced to download all assets again when updating the main program.
>> >> Technical challenges I presume?
>> >>
>> >> Anyhow, the info on asset protection is very important for me, or at
>> >> least
>> >> just plain cold "We're working on it and have no eta.". (Then I know to
>> >> stop reading through sources.)
>> >>
>> >> - Ville
>> >>
>> >
>> > --
>> > View this message in context:
>> >
>>
> http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28733093
>> > .html
>> > Sent from the Tapestry - User mailing list archive at Nabble.com.
>> >
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> > For additional commands, e-mail: users-help@tapestry.apache.org
>> >
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> > For additional commands, e-mail: users-help@tapestry.apache.org
>> >
>> >
>> >
>>
>> --
>> View this message in context:
>>
> http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28751736
> .html
>> Sent from the Tapestry - User mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
>> For additional commands, e-mail: users-help@tapestry.apache.org
>>
>>
>
>
> --
> Dmitry Gusev
>
> AnjLab Team
> http://anjlab.com
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Howard M. Lewis Ship
Creator of Apache Tapestry
The source for Tapestry training, mentoring and support. Contact me to
learn how I can get you up and productive in Tapestry fast!
(971) 678-5210
http://howardlewisship.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: Asset protection and upgrade notes
Posted by Jim O'Callaghan <jc...@yahoo.co.uk>.
Sorry for bumping this thread, but has there been any update to the notes /
direction to take on a replacement for the RegexAuthorizer - has the dev in
this area finished in T5.2.0-SNAPSHOT?
Thanks,
Jim.
-----Original Message-----
From: Jim O'Callaghan [mailto:jc1000001@yahoo.co.uk]
Sent: 02 June 2010 13:06
To: 'Tapestry users'
Subject: RE: Asset protection and upgrade notes
Thanks for the input Dmitry. I don't think this is related to the problem
Ville is talking about (contributeClasspathAssetAliasManager manually
depending on T5 version), but from my perspective, it doesn't fix the
problem of what is an alternative to the RegexAuthorizer. The
ComponentClassResolver auto adds a ClasspathAssetAlias when a LibraryMapping
is added to the configuration, and a second contribute causes a collision on
the map key (hence Ville's query). It would be great if the devs making the
change could chip in with some advice, or perhaps the path to take isn't
finalised yet.
Regards,
Jim.
-----Original Message-----
From: Dmitry Gusev [mailto:dmitry.gusev@gmail.com]
Sent: 02 June 2010 11:37
To: Tapestry users
Subject: Re: Asset protection and upgrade notes
I had to replace my RegexAutorizer contribution with contribution to
ClasspathAssetAliasManager to make my app working with latest
T5.2.0-SNAPSHOT:
was:
public void contributeRegexAuthorizer(Configuration<String> regex)
> {
> String pathPattern =
> "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^anjlab/cubics/css/" + pathPattern);
> regex.add("^anjlab/cubics/images/" + pathPattern);
> regex.add("^anjlab/cubics/js/" + pathPattern);
> regex.add("^anjlab/cubics/js/jquery-1.3.2.js");
> }
>
become:
public static void
> contributeClasspathAssetAliasManager(MappedConfiguration<String, String>
> configuration)
> {
> configuration.add("cubics", "anjlab/cubics");
> }
>
May be this will help.
On Wed, Jun 2, 2010 at 12:51, Ville Virtanen
<vi...@cerion.fi>wrote:
>
> Exactly,
>
> the message was only to point out that changes like these make library
> writer's life hard in the long run. So I was only questioning the
rationale
> behind the change in no-slashes-in-virtual-folders and how it auto
> contributes the associated contribution to ClasspathAssetAliasManager.
>
> In my opinion that auto contribution should be removed.
>
> The missing RegexAuthorizer is quite a wall to climb for me. Perhaps I
need
> to contribute my own implementation of AssetPathAuthorizer? Anyone?
>
> - Ville
>
>
> jc1001 wrote:
> >
> > It would appear that even with this code to check the version number,
> > without a T5.2.0 equivalent for the RegexAuthorizer service to allow
some
> > variation on:
> >
> >
>
("com/orientimport/.*\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif)|(html)|(ico)|(s
> > wf)|(xml))$")
> >
> > ... to grant access to resources the t5easyfckEditor won't work. It's a
> > pity no workaround seems to be available for this, unless I am missing
> > something.
> >
> > Regards,
> > Jim.
> >
> > -----Original Message-----
> > From: Ville Virtanen [mailto:ville.virtanen@cerion.fi]
> > Sent: 31 May 2010 18:00
> > To: users@tapestry.apache.org
> > Subject: Re: Asset protection and upgrade notes
> >
> >
> > Also this choice forces us library writers to either
> >
> > a) support two separate deployment jars for different T5 versions
> > b) fork the code depending on the T5 version
> >
> > So my approach is probably this:
> > public static void
> > contributeClasspathAssetAliasManager(MappedConfiguration<String, String>
> > configuration,
> > @Inject @Symbol(FckEditorConstants.EDITOR_CONTEXT) String
> > location,
> > @Inject @Symbol(SymbolConstants.TAPESTRY_VERSION) String
> > t5Version)
> > {
> > if(!location.equalsIgnoreCase("easyfck") ||
> > getTapestryVersion(t5Version) < 5106) {
> > configuration.add(location, "com/orientimport/easyfck/js");
> > }
> > }
> >
> > private static int getTapestryVersion(String version) {
> > return Integer.parseInt(version.replaceAll("\\.", ""));
> > }
> >
> > Not elegant, not good code (assumes something about the future version
> > numbers..), not maintainable in long run, if these dicisions will keep
> > popping up.
> >
> > Also the automatic classpath asset addition works for this library only
> if
> > the user who uses the library hasn't decided to use custom url for
> > his/hers
> > fck editor. It should not be depended on the TAG prefix?
> >
> > My 2c,
> >
> > - Ville
> >
> >
> >
> >
> > Ville Virtanen wrote:
> >>
> >> Hi,
> >>
> >> I've been tracking the documentation to understand the change in asset
> >> protection, but haven't found anything useful.
> >>
> >> I've checked the upgrade guide from svn (last update 4 days ago):
> >>
> >
>
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/src/site/apt/upgrade.a
> > pt?revision=948226&view=markup
> >>
> >> But really it only mentions the no-slashes-in-virtual-folders
> >> restriction.
> >> Where is the asset protection part or am I looking from wrong sources?
> >>
> >> Also, what is the rationale behind removing library specific versions?
> >> Even if the 3rd party library doesn't change any resources browsers are
> >> forced to download all assets again when updating the main program.
> >> Technical challenges I presume?
> >>
> >> Anyhow, the info on asset protection is very important for me, or at
> >> least
> >> just plain cold "We're working on it and have no eta.". (Then I know to
> >> stop reading through sources.)
> >>
> >> - Ville
> >>
> >
> > --
> > View this message in context:
> >
>
http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28733093
> > .html
> > Sent from the Tapestry - User mailing list archive at Nabble.com.
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: users-help@tapestry.apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: users-help@tapestry.apache.org
> >
> >
> >
>
> --
> View this message in context:
>
http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28751736
.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Dmitry Gusev
AnjLab Team
http://anjlab.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
RE: Asset protection and upgrade notes
Posted by Jim O'Callaghan <jc...@yahoo.co.uk>.
Thanks for the input Dmitry. I don't think this is related to the problem
Ville is talking about (contributeClasspathAssetAliasManager manually
depending on T5 version), but from my perspective, it doesn't fix the
problem of what is an alternative to the RegexAuthorizer. The
ComponentClassResolver auto adds a ClasspathAssetAlias when a LibraryMapping
is added to the configuration, and a second contribute causes a collision on
the map key (hence Ville's query). It would be great if the devs making the
change could chip in with some advice, or perhaps the path to take isn't
finalised yet.
Regards,
Jim.
-----Original Message-----
From: Dmitry Gusev [mailto:dmitry.gusev@gmail.com]
Sent: 02 June 2010 11:37
To: Tapestry users
Subject: Re: Asset protection and upgrade notes
I had to replace my RegexAutorizer contribution with contribution to
ClasspathAssetAliasManager to make my app working with latest
T5.2.0-SNAPSHOT:
was:
public void contributeRegexAuthorizer(Configuration<String> regex)
> {
> String pathPattern =
> "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^anjlab/cubics/css/" + pathPattern);
> regex.add("^anjlab/cubics/images/" + pathPattern);
> regex.add("^anjlab/cubics/js/" + pathPattern);
> regex.add("^anjlab/cubics/js/jquery-1.3.2.js");
> }
>
become:
public static void
> contributeClasspathAssetAliasManager(MappedConfiguration<String, String>
> configuration)
> {
> configuration.add("cubics", "anjlab/cubics");
> }
>
May be this will help.
On Wed, Jun 2, 2010 at 12:51, Ville Virtanen
<vi...@cerion.fi>wrote:
>
> Exactly,
>
> the message was only to point out that changes like these make library
> writer's life hard in the long run. So I was only questioning the
rationale
> behind the change in no-slashes-in-virtual-folders and how it auto
> contributes the associated contribution to ClasspathAssetAliasManager.
>
> In my opinion that auto contribution should be removed.
>
> The missing RegexAuthorizer is quite a wall to climb for me. Perhaps I
need
> to contribute my own implementation of AssetPathAuthorizer? Anyone?
>
> - Ville
>
>
> jc1001 wrote:
> >
> > It would appear that even with this code to check the version number,
> > without a T5.2.0 equivalent for the RegexAuthorizer service to allow
some
> > variation on:
> >
> >
>
("com/orientimport/.*\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif)|(html)|(ico)|(s
> > wf)|(xml))$")
> >
> > ... to grant access to resources the t5easyfckEditor won't work. It's a
> > pity no workaround seems to be available for this, unless I am missing
> > something.
> >
> > Regards,
> > Jim.
> >
> > -----Original Message-----
> > From: Ville Virtanen [mailto:ville.virtanen@cerion.fi]
> > Sent: 31 May 2010 18:00
> > To: users@tapestry.apache.org
> > Subject: Re: Asset protection and upgrade notes
> >
> >
> > Also this choice forces us library writers to either
> >
> > a) support two separate deployment jars for different T5 versions
> > b) fork the code depending on the T5 version
> >
> > So my approach is probably this:
> > public static void
> > contributeClasspathAssetAliasManager(MappedConfiguration<String, String>
> > configuration,
> > @Inject @Symbol(FckEditorConstants.EDITOR_CONTEXT) String
> > location,
> > @Inject @Symbol(SymbolConstants.TAPESTRY_VERSION) String
> > t5Version)
> > {
> > if(!location.equalsIgnoreCase("easyfck") ||
> > getTapestryVersion(t5Version) < 5106) {
> > configuration.add(location, "com/orientimport/easyfck/js");
> > }
> > }
> >
> > private static int getTapestryVersion(String version) {
> > return Integer.parseInt(version.replaceAll("\\.", ""));
> > }
> >
> > Not elegant, not good code (assumes something about the future version
> > numbers..), not maintainable in long run, if these dicisions will keep
> > popping up.
> >
> > Also the automatic classpath asset addition works for this library only
> if
> > the user who uses the library hasn't decided to use custom url for
> > his/hers
> > fck editor. It should not be depended on the TAG prefix?
> >
> > My 2c,
> >
> > - Ville
> >
> >
> >
> >
> > Ville Virtanen wrote:
> >>
> >> Hi,
> >>
> >> I've been tracking the documentation to understand the change in asset
> >> protection, but haven't found anything useful.
> >>
> >> I've checked the upgrade guide from svn (last update 4 days ago):
> >>
> >
>
http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/src/site/apt/upgrade.a
> > pt?revision=948226&view=markup
> >>
> >> But really it only mentions the no-slashes-in-virtual-folders
> >> restriction.
> >> Where is the asset protection part or am I looking from wrong sources?
> >>
> >> Also, what is the rationale behind removing library specific versions?
> >> Even if the 3rd party library doesn't change any resources browsers are
> >> forced to download all assets again when updating the main program.
> >> Technical challenges I presume?
> >>
> >> Anyhow, the info on asset protection is very important for me, or at
> >> least
> >> just plain cold "We're working on it and have no eta.". (Then I know to
> >> stop reading through sources.)
> >>
> >> - Ville
> >>
> >
> > --
> > View this message in context:
> >
>
http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28733093
> > .html
> > Sent from the Tapestry - User mailing list archive at Nabble.com.
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: users-help@tapestry.apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: users-help@tapestry.apache.org
> >
> >
> >
>
> --
> View this message in context:
>
http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28751736
.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Dmitry Gusev
AnjLab Team
http://anjlab.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org
Re: Asset protection and upgrade notes
Posted by Dmitry Gusev <dm...@gmail.com>.
I had to replace my RegexAutorizer contribution with contribution to
ClasspathAssetAliasManager to make my app working with latest
T5.2.0-SNAPSHOT:
was:
public void contributeRegexAuthorizer(Configuration<String> regex)
> {
> String pathPattern =
> "([^/.]+/)*[^/.]+\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif))$";
> regex.add("^anjlab/cubics/css/" + pathPattern);
> regex.add("^anjlab/cubics/images/" + pathPattern);
> regex.add("^anjlab/cubics/js/" + pathPattern);
> regex.add("^anjlab/cubics/js/jquery-1.3.2.js");
> }
>
become:
public static void
> contributeClasspathAssetAliasManager(MappedConfiguration<String, String>
> configuration)
> {
> configuration.add("cubics", "anjlab/cubics");
> }
>
May be this will help.
On Wed, Jun 2, 2010 at 12:51, Ville Virtanen <vi...@cerion.fi>wrote:
>
> Exactly,
>
> the message was only to point out that changes like these make library
> writer's life hard in the long run. So I was only questioning the rationale
> behind the change in no-slashes-in-virtual-folders and how it auto
> contributes the associated contribution to ClasspathAssetAliasManager.
>
> In my opinion that auto contribution should be removed.
>
> The missing RegexAuthorizer is quite a wall to climb for me. Perhaps I need
> to contribute my own implementation of AssetPathAuthorizer? Anyone?
>
> - Ville
>
>
> jc1001 wrote:
> >
> > It would appear that even with this code to check the version number,
> > without a T5.2.0 equivalent for the RegexAuthorizer service to allow some
> > variation on:
> >
> >
> ("com/orientimport/.*\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif)|(html)|(ico)|(s
> > wf)|(xml))$")
> >
> > ... to grant access to resources the t5easyfckEditor won't work. It's a
> > pity no workaround seems to be available for this, unless I am missing
> > something.
> >
> > Regards,
> > Jim.
> >
> > -----Original Message-----
> > From: Ville Virtanen [mailto:ville.virtanen@cerion.fi]
> > Sent: 31 May 2010 18:00
> > To: users@tapestry.apache.org
> > Subject: Re: Asset protection and upgrade notes
> >
> >
> > Also this choice forces us library writers to either
> >
> > a) support two separate deployment jars for different T5 versions
> > b) fork the code depending on the T5 version
> >
> > So my approach is probably this:
> > public static void
> > contributeClasspathAssetAliasManager(MappedConfiguration<String, String>
> > configuration,
> > @Inject @Symbol(FckEditorConstants.EDITOR_CONTEXT) String
> > location,
> > @Inject @Symbol(SymbolConstants.TAPESTRY_VERSION) String
> > t5Version)
> > {
> > if(!location.equalsIgnoreCase("easyfck") ||
> > getTapestryVersion(t5Version) < 5106) {
> > configuration.add(location, "com/orientimport/easyfck/js");
> > }
> > }
> >
> > private static int getTapestryVersion(String version) {
> > return Integer.parseInt(version.replaceAll("\\.", ""));
> > }
> >
> > Not elegant, not good code (assumes something about the future version
> > numbers..), not maintainable in long run, if these dicisions will keep
> > popping up.
> >
> > Also the automatic classpath asset addition works for this library only
> if
> > the user who uses the library hasn't decided to use custom url for
> > his/hers
> > fck editor. It should not be depended on the TAG prefix?
> >
> > My 2c,
> >
> > - Ville
> >
> >
> >
> >
> > Ville Virtanen wrote:
> >>
> >> Hi,
> >>
> >> I've been tracking the documentation to understand the change in asset
> >> protection, but haven't found anything useful.
> >>
> >> I've checked the upgrade guide from svn (last update 4 days ago):
> >>
> >
> http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/src/site/apt/upgrade.a
> > pt?revision=948226&view=markup
> >>
> >> But really it only mentions the no-slashes-in-virtual-folders
> >> restriction.
> >> Where is the asset protection part or am I looking from wrong sources?
> >>
> >> Also, what is the rationale behind removing library specific versions?
> >> Even if the 3rd party library doesn't change any resources browsers are
> >> forced to download all assets again when updating the main program.
> >> Technical challenges I presume?
> >>
> >> Anyhow, the info on asset protection is very important for me, or at
> >> least
> >> just plain cold "We're working on it and have no eta.". (Then I know to
> >> stop reading through sources.)
> >>
> >> - Ville
> >>
> >
> > --
> > View this message in context:
> >
> http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28733093
> > .html
> > Sent from the Tapestry - User mailing list archive at Nabble.com.
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: users-help@tapestry.apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> > For additional commands, e-mail: users-help@tapestry.apache.org
> >
> >
> >
>
> --
> View this message in context:
> http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28751736.html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
--
Dmitry Gusev
AnjLab Team
http://anjlab.com
RE: Asset protection and upgrade notes
Posted by Ville Virtanen <vi...@cerion.fi>.
Exactly,
the message was only to point out that changes like these make library
writer's life hard in the long run. So I was only questioning the rationale
behind the change in no-slashes-in-virtual-folders and how it auto
contributes the associated contribution to ClasspathAssetAliasManager.
In my opinion that auto contribution should be removed.
The missing RegexAuthorizer is quite a wall to climb for me. Perhaps I need
to contribute my own implementation of AssetPathAuthorizer? Anyone?
- Ville
jc1001 wrote:
>
> It would appear that even with this code to check the version number,
> without a T5.2.0 equivalent for the RegexAuthorizer service to allow some
> variation on:
>
> ("com/orientimport/.*\\.((css)|(js)|(jpg)|(jpeg)|(png)|(gif)|(html)|(ico)|(s
> wf)|(xml))$")
>
> ... to grant access to resources the t5easyfckEditor won't work. It's a
> pity no workaround seems to be available for this, unless I am missing
> something.
>
> Regards,
> Jim.
>
> -----Original Message-----
> From: Ville Virtanen [mailto:ville.virtanen@cerion.fi]
> Sent: 31 May 2010 18:00
> To: users@tapestry.apache.org
> Subject: Re: Asset protection and upgrade notes
>
>
> Also this choice forces us library writers to either
>
> a) support two separate deployment jars for different T5 versions
> b) fork the code depending on the T5 version
>
> So my approach is probably this:
> public static void
> contributeClasspathAssetAliasManager(MappedConfiguration<String, String>
> configuration,
> @Inject @Symbol(FckEditorConstants.EDITOR_CONTEXT) String
> location,
> @Inject @Symbol(SymbolConstants.TAPESTRY_VERSION) String
> t5Version)
> {
> if(!location.equalsIgnoreCase("easyfck") ||
> getTapestryVersion(t5Version) < 5106) {
> configuration.add(location, "com/orientimport/easyfck/js");
> }
> }
>
> private static int getTapestryVersion(String version) {
> return Integer.parseInt(version.replaceAll("\\.", ""));
> }
>
> Not elegant, not good code (assumes something about the future version
> numbers..), not maintainable in long run, if these dicisions will keep
> popping up.
>
> Also the automatic classpath asset addition works for this library only if
> the user who uses the library hasn't decided to use custom url for
> his/hers
> fck editor. It should not be depended on the TAG prefix?
>
> My 2c,
>
> - Ville
>
>
>
>
> Ville Virtanen wrote:
>>
>> Hi,
>>
>> I've been tracking the documentation to understand the change in asset
>> protection, but haven't found anything useful.
>>
>> I've checked the upgrade guide from svn (last update 4 days ago):
>>
> http://svn.apache.org/viewvc/tapestry/tapestry5/trunk/src/site/apt/upgrade.a
> pt?revision=948226&view=markup
>>
>> But really it only mentions the no-slashes-in-virtual-folders
>> restriction.
>> Where is the asset protection part or am I looking from wrong sources?
>>
>> Also, what is the rationale behind removing library specific versions?
>> Even if the 3rd party library doesn't change any resources browsers are
>> forced to download all assets again when updating the main program.
>> Technical challenges I presume?
>>
>> Anyhow, the info on asset protection is very important for me, or at
>> least
>> just plain cold "We're working on it and have no eta.". (Then I know to
>> stop reading through sources.)
>>
>> - Ville
>>
>
> --
> View this message in context:
> http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28733093
> .html
> Sent from the Tapestry - User mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
> For additional commands, e-mail: users-help@tapestry.apache.org
>
>
>
--
View this message in context: http://old.nabble.com/Asset-protection-and-upgrade-notes-tp28732735p28751736.html
Sent from the Tapestry - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org