You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by iv...@apache.org on 2010/04/02 22:10:47 UTC
svn commit: r930368 - in
/wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https:
HttpsRequestCycleProcessor.java SwitchProtocolRequestTarget.java
Author: ivaynberg
Date: Fri Apr 2 20:10:47 2010
New Revision: 930368
URL: http://svn.apache.org/viewvc?rev=930368&view=rev
Log:
WICKET-2799 @RequireHttps not switching to https when setting response page to non-bookmarkable page
Issue: WICKET-2799
Modified:
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java
wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/SwitchProtocolRequestTarget.java
Modified: wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java
URL: http://svn.apache.org/viewvc/wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java?rev=930368&r1=930367&r2=930368&view=diff
==============================================================================
--- wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java (original)
+++ wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java Fri Apr 2 20:10:47 2010
@@ -131,36 +131,80 @@ public class HttpsRequestCycleProcessor
}
}
+ /** @deprecated use checkSecureIncoming */
+ @Deprecated
protected IRequestTarget checkSecure(IRequestTarget target)
{
+ return checkSecureIncoming(target);
+ }
+
+ protected IRequestTarget checkSecureIncoming(IRequestTarget target)
+ {
+
+ if (target != null && target instanceof SwitchProtocolRequestTarget)
+ {
+ return target;
+ }
if (portConfig == null)
{
return target;
}
- else
+
+ Class<?> pageClass = getPageClass(target);
+ if (pageClass != null)
{
- Class<?> pageClass = getPageClass(target);
- if (pageClass != null)
+ IRequestTarget redirect = null;
+ if (hasSecureAnnotation(pageClass))
{
- IRequestTarget redirect = null;
- if (hasSecureAnnotation(pageClass))
- {
- redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTPS);
- }
- else
- {
- redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTP);
- }
- if (redirect != null)
- {
- return redirect;
- }
-
+ redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTPS);
+ }
+ else
+ {
+ redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTP);
}
+ if (redirect != null)
+ {
+ return redirect;
+ }
+
+ }
+ return target;
+ }
+
+ protected IRequestTarget checkSecureOutgoing(IRequestTarget target)
+ {
+
+ if (target != null && target instanceof SwitchProtocolRequestTarget)
+ {
+ return target;
+ }
+ if (portConfig == null)
+ {
return target;
}
+
+ Class<?> pageClass = getPageClass(target);
+ if (pageClass != null)
+ {
+ IRequestTarget redirect = null;
+ if (hasSecureAnnotation(pageClass))
+ {
+ redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTPS, target);
+ }
+ else
+ {
+ redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTP, target);
+ }
+ if (redirect != null)
+ {
+ return redirect;
+ }
+
+ }
+ return target;
}
+
/** {@inheritDoc} */
@Override
public IRequestTarget resolve(RequestCycle rc, RequestParameters rp)
@@ -172,4 +216,23 @@ public class HttpsRequestCycleProcessor
IRequestTarget target = super.resolve(rc, rp);
return checkSecure(target);
}
+
+ /** {@inheritDoc} */
+ @Override
+ public void respond(RequestCycle requestCycle)
+ {
+ IRequestTarget requestTarget = requestCycle.getRequestTarget();
+ if (requestTarget != null)
+ {
+ IRequestTarget secured = checkSecureOutgoing(requestTarget);
+ if (secured != requestTarget)
+ {
+ requestCycle.setRequestTarget(secured);
+ // respond will be called again because we called setrequesttarget(), so we do not
+ // process it this time
+ return;
+ }
+ }
+ super.respond(requestCycle);
+ }
}
Modified: wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/SwitchProtocolRequestTarget.java
URL: http://svn.apache.org/viewvc/wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/SwitchProtocolRequestTarget.java?rev=930368&r1=930367&r2=930368&view=diff
==============================================================================
--- wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/SwitchProtocolRequestTarget.java (original)
+++ wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/SwitchProtocolRequestTarget.java Fri Apr 2 20:10:47 2010
@@ -41,6 +41,7 @@ class SwitchProtocolRequestTarget implem
}
private final Protocol protocol;
+ private final IRequestTarget target;
/**
* Constructor
@@ -50,6 +51,19 @@ class SwitchProtocolRequestTarget implem
*/
public SwitchProtocolRequestTarget(Protocol protocol)
{
+ this(protocol, null);
+ }
+
+ /**
+ * Constructor
+ *
+ * @param protocol
+ * required protocol
+ * @param target
+ * target to redirect to, or {@code null} to replay the current url
+ */
+ public SwitchProtocolRequestTarget(Protocol protocol, IRequestTarget target)
+ {
if (protocol == null)
{
throw new IllegalArgumentException("Argument 'protocol' may not be null.");
@@ -60,6 +74,7 @@ class SwitchProtocolRequestTarget implem
Protocol.PRESERVE_CURRENT.toString() + "'.");
}
this.protocol = protocol;
+ this.target = target;
}
/** {@inheritDoc} */
@@ -120,7 +135,15 @@ class SwitchProtocolRequestTarget implem
}
}
- String url = getUrl(protocol.toString().toLowerCase(), port, request);
+ final String url;
+ if (target == null)
+ {
+ url = getUrl(protocol.toString().toLowerCase(), port, request);
+ }
+ else
+ {
+ url = requestCycle.urlFor(target).toString();
+ }
WebResponse response = (WebResponse)requestCycle.getResponse();
@@ -144,6 +167,21 @@ class SwitchProtocolRequestTarget implem
*/
public static IRequestTarget requireProtocol(Protocol protocol)
{
+ return requireProtocol(protocol, null);
+ }
+
+ /**
+ * Returns a target that can be used to redirect to the specified protocol. If no change is
+ * required null will be returned.
+ *
+ * @param protocol
+ * required protocol
+ * @param target
+ * request target to redirect to or {@code null} to redirect to current url
+ * @return request target or null
+ */
+ public static IRequestTarget requireProtocol(Protocol protocol, IRequestTarget target)
+ {
RequestCycle requestCycle = RequestCycle.get();
WebRequest webRequest = (WebRequest)requestCycle.getRequest();
HttpServletRequest request = webRequest.getHttpServletRequest();
@@ -154,7 +192,7 @@ class SwitchProtocolRequestTarget implem
}
else
{
- return new SwitchProtocolRequestTarget(protocol);
+ return new SwitchProtocolRequestTarget(protocol, target);
}
}
}