You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by iv...@apache.org on 2010/04/02 22:10:47 UTC

svn commit: r930368 - in /wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https: HttpsRequestCycleProcessor.java SwitchProtocolRequestTarget.java

Author: ivaynberg
Date: Fri Apr  2 20:10:47 2010
New Revision: 930368

URL: http://svn.apache.org/viewvc?rev=930368&view=rev
Log:
WICKET-2799 @RequireHttps not switching to https when setting response page to non-bookmarkable page
Issue: WICKET-2799

Modified:
    wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java
    wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/SwitchProtocolRequestTarget.java

Modified: wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java
URL: http://svn.apache.org/viewvc/wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java?rev=930368&r1=930367&r2=930368&view=diff
==============================================================================
--- wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java (original)
+++ wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/HttpsRequestCycleProcessor.java Fri Apr  2 20:10:47 2010
@@ -131,36 +131,80 @@ public class HttpsRequestCycleProcessor 
 		}
 	}
 
+	/** @deprecated use checkSecureIncoming */
+	@Deprecated
 	protected IRequestTarget checkSecure(IRequestTarget target)
 	{
+		return checkSecureIncoming(target);
+	}
+
+	protected IRequestTarget checkSecureIncoming(IRequestTarget target)
+	{
+
+		if (target != null && target instanceof SwitchProtocolRequestTarget)
+		{
+			return target;
+		}
 		if (portConfig == null)
 		{
 			return target;
 		}
-		else
+
+		Class<?> pageClass = getPageClass(target);
+		if (pageClass != null)
 		{
-			Class<?> pageClass = getPageClass(target);
-			if (pageClass != null)
+			IRequestTarget redirect = null;
+			if (hasSecureAnnotation(pageClass))
 			{
-				IRequestTarget redirect = null;
-				if (hasSecureAnnotation(pageClass))
-				{
-					redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTPS);
-				}
-				else
-				{
-					redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTP);
-				}
-				if (redirect != null)
-				{
-					return redirect;
-				}
-
+				redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTPS);
+			}
+			else
+			{
+				redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTP);
 			}
+			if (redirect != null)
+			{
+				return redirect;
+			}
+
+		}
+		return target;
+	}
+
+	protected IRequestTarget checkSecureOutgoing(IRequestTarget target)
+	{
+
+		if (target != null && target instanceof SwitchProtocolRequestTarget)
+		{
+			return target;
+		}
+		if (portConfig == null)
+		{
 			return target;
 		}
+
+		Class<?> pageClass = getPageClass(target);
+		if (pageClass != null)
+		{
+			IRequestTarget redirect = null;
+			if (hasSecureAnnotation(pageClass))
+			{
+				redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTPS, target);
+			}
+			else
+			{
+				redirect = SwitchProtocolRequestTarget.requireProtocol(Protocol.HTTP, target);
+			}
+			if (redirect != null)
+			{
+				return redirect;
+			}
+
+		}
+		return target;
 	}
 
+
 	/** {@inheritDoc} */
 	@Override
 	public IRequestTarget resolve(RequestCycle rc, RequestParameters rp)
@@ -172,4 +216,23 @@ public class HttpsRequestCycleProcessor 
 		IRequestTarget target = super.resolve(rc, rp);
 		return checkSecure(target);
 	}
+
+	/** {@inheritDoc} */
+	@Override
+	public void respond(RequestCycle requestCycle)
+	{
+		IRequestTarget requestTarget = requestCycle.getRequestTarget();
+		if (requestTarget != null)
+		{
+			IRequestTarget secured = checkSecureOutgoing(requestTarget);
+			if (secured != requestTarget)
+			{
+				requestCycle.setRequestTarget(secured);
+				// respond will be called again because we called setrequesttarget(), so we do not
+				// process it this time
+				return;
+			}
+		}
+		super.respond(requestCycle);
+	}
 }

Modified: wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/SwitchProtocolRequestTarget.java
URL: http://svn.apache.org/viewvc/wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/SwitchProtocolRequestTarget.java?rev=930368&r1=930367&r2=930368&view=diff
==============================================================================
--- wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/SwitchProtocolRequestTarget.java (original)
+++ wicket/branches/wicket-1.4.x/wicket/src/main/java/org/apache/wicket/protocol/https/SwitchProtocolRequestTarget.java Fri Apr  2 20:10:47 2010
@@ -41,6 +41,7 @@ class SwitchProtocolRequestTarget implem
 	}
 
 	private final Protocol protocol;
+	private final IRequestTarget target;
 
 	/**
 	 * Constructor
@@ -50,6 +51,19 @@ class SwitchProtocolRequestTarget implem
 	 */
 	public SwitchProtocolRequestTarget(Protocol protocol)
 	{
+		this(protocol, null);
+	}
+
+	/**
+	 * Constructor
+	 * 
+	 * @param protocol
+	 *            required protocol
+	 * @param target
+	 *            target to redirect to, or {@code null} to replay the current url
+	 */
+	public SwitchProtocolRequestTarget(Protocol protocol, IRequestTarget target)
+	{
 		if (protocol == null)
 		{
 			throw new IllegalArgumentException("Argument 'protocol' may not be null.");
@@ -60,6 +74,7 @@ class SwitchProtocolRequestTarget implem
 				Protocol.PRESERVE_CURRENT.toString() + "'.");
 		}
 		this.protocol = protocol;
+		this.target = target;
 	}
 
 	/** {@inheritDoc} */
@@ -120,7 +135,15 @@ class SwitchProtocolRequestTarget implem
 			}
 		}
 
-		String url = getUrl(protocol.toString().toLowerCase(), port, request);
+		final String url;
+		if (target == null)
+		{
+			url = getUrl(protocol.toString().toLowerCase(), port, request);
+		}
+		else
+		{
+			url = requestCycle.urlFor(target).toString();
+		}
 
 		WebResponse response = (WebResponse)requestCycle.getResponse();
 
@@ -144,6 +167,21 @@ class SwitchProtocolRequestTarget implem
 	 */
 	public static IRequestTarget requireProtocol(Protocol protocol)
 	{
+		return requireProtocol(protocol, null);
+	}
+
+	/**
+	 * Returns a target that can be used to redirect to the specified protocol. If no change is
+	 * required null will be returned.
+	 * 
+	 * @param protocol
+	 *            required protocol
+	 * @param target
+	 *            request target to redirect to or {@code null} to redirect to current url
+	 * @return request target or null
+	 */
+	public static IRequestTarget requireProtocol(Protocol protocol, IRequestTarget target)
+	{
 		RequestCycle requestCycle = RequestCycle.get();
 		WebRequest webRequest = (WebRequest)requestCycle.getRequest();
 		HttpServletRequest request = webRequest.getHttpServletRequest();
@@ -154,7 +192,7 @@ class SwitchProtocolRequestTarget implem
 		}
 		else
 		{
-			return new SwitchProtocolRequestTarget(protocol);
+			return new SwitchProtocolRequestTarget(protocol, target);
 		}
 	}
 }