You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@deltaspike.apache.org by ta...@apache.org on 2015/05/06 20:14:50 UTC
deltaspike git commit: DELTASPIKE-880 Restrict initial redirect to
GET requests
Repository: deltaspike
Updated Branches:
refs/heads/master 4d6aadc54 -> 5630c49d0
DELTASPIKE-880 Restrict initial redirect to GET requests
Project: http://git-wip-us.apache.org/repos/asf/deltaspike/repo
Commit: http://git-wip-us.apache.org/repos/asf/deltaspike/commit/5630c49d
Tree: http://git-wip-us.apache.org/repos/asf/deltaspike/tree/5630c49d
Diff: http://git-wip-us.apache.org/repos/asf/deltaspike/diff/5630c49d
Branch: refs/heads/master
Commit: 5630c49d05473be309aed48eaf81406a4cac0139
Parents: 4d6aadc
Author: Thomas Andraschko <ta...@apache.org>
Authored: Wed May 6 20:14:23 2015 +0200
Committer: Thomas Andraschko <ta...@apache.org>
Committed: Wed May 6 20:14:43 2015 +0200
----------------------------------------------------------------------
.../impl/scope/window/DefaultClientWindow.java | 30 ++++++++++++++++++--
1 file changed, 27 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/deltaspike/blob/5630c49d/deltaspike/modules/jsf/impl/src/main/java/org/apache/deltaspike/jsf/impl/scope/window/DefaultClientWindow.java
----------------------------------------------------------------------
diff --git a/deltaspike/modules/jsf/impl/src/main/java/org/apache/deltaspike/jsf/impl/scope/window/DefaultClientWindow.java b/deltaspike/modules/jsf/impl/src/main/java/org/apache/deltaspike/jsf/impl/scope/window/DefaultClientWindow.java
index 7ba8c97..c6f4932 100644
--- a/deltaspike/modules/jsf/impl/src/main/java/org/apache/deltaspike/jsf/impl/scope/window/DefaultClientWindow.java
+++ b/deltaspike/modules/jsf/impl/src/main/java/org/apache/deltaspike/jsf/impl/scope/window/DefaultClientWindow.java
@@ -38,6 +38,7 @@ import java.io.OutputStream;
import java.util.HashMap;
import java.util.Map;
import java.util.Random;
+import javax.servlet.http.HttpServletRequest;
import org.apache.deltaspike.core.util.StringUtils;
import static org.apache.deltaspike.jsf.spi.scope.window.ClientWindowConfig.ClientWindowRenderMode;
@@ -158,14 +159,16 @@ public class DefaultClientWindow implements ClientWindow
windowId = externalContext.getRequestParameterMap().get(DELTASPIKE_WINDOW_ID_URL_PARAM);
}
- if (StringUtils.isEmpty(windowId) && facesContext.isPostback())
+ boolean post = isPost(facesContext);
+
+ if (StringUtils.isEmpty(windowId) && post)
{
windowId = getPostBackWindowId(facesContext);
}
if (StringUtils.isEmpty(windowId))
{
- if (this.jsfModuleConfig.isInitialRedirectEnabled() && !facesContext.isPostback())
+ if (this.jsfModuleConfig.isInitialRedirectEnabled() && !post)
{
ClientWindowHelper.handleInitialRedirect(facesContext, generateNewWindowId());
facesContext.responseComplete();
@@ -179,7 +182,9 @@ public class DefaultClientWindow implements ClientWindow
}
else if (ClientWindowRenderMode.CLIENTWINDOW.equals(clientWindowRenderMode))
{
- if (facesContext.isPostback())
+ boolean post = isPost(facesContext);
+
+ if (post)
{
windowId = getPostBackWindowId(facesContext);
}
@@ -230,6 +235,25 @@ public class DefaultClientWindow implements ClientWindow
return "" + (new Random()).nextInt() % 10000;
}
+ private boolean isPost(FacesContext context)
+ {
+ if (context.isPostback())
+ {
+ return true;
+ }
+
+ Object request = context.getExternalContext().getRequest();
+ if (request instanceof HttpServletRequest)
+ {
+ if ("POST".equals(((HttpServletRequest) request).getMethod()))
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
/**
* Extract the windowId for http POST
*/