You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by gh...@apache.org on 2014/06/16 09:35:05 UTC
svn commit: r1602813 - in /roller/trunk/app/src/main:
java/org/apache/roller/weblogger/ui/rendering/servlets/CommentServlet.java
resources/ApplicationResources.properties webapp/WEB-INF/velocity/weblog.vm
Author: ghuber
Date: Mon Jun 16 07:35:05 2014
New Revision: 1602813
URL: http://svn.apache.org/r1602813
Log:
ROL-2002
Modified:
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/rendering/servlets/CommentServlet.java
roller/trunk/app/src/main/resources/ApplicationResources.properties
roller/trunk/app/src/main/webapp/WEB-INF/velocity/weblog.vm
Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/rendering/servlets/CommentServlet.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/rendering/servlets/CommentServlet.java?rev=1602813&r1=1602812&r2=1602813&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/rendering/servlets/CommentServlet.java (original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/rendering/servlets/CommentServlet.java Mon Jun 16 07:35:05 2014
@@ -21,14 +21,17 @@ package org.apache.roller.weblogger.ui.r
import java.io.IOException;
import java.sql.Timestamp;
import java.util.Iterator;
+
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
+import org.apache.commons.validator.routines.UrlValidator;
import org.apache.roller.util.RollerConstants;
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.config.WebloggerConfig;
@@ -276,6 +279,14 @@ public class CommentServlet extends Http
.getString("error.commentPostFailedEmailAddress");
log.debug("Email Adddress is invalid : "
+ commentRequest.getEmail());
+ // if there is an URL it must be valid
+ } else if (commentRequest.getUrl() != null) {
+ String[] customSchemes = { "http", "https" };
+ if (!new UrlValidator(customSchemes).isValid(commentRequest
+ .getUrl())) {
+ error = messageUtils.getString("error.commentPostFailedURL");
+ log.debug("URL is invalid : " + commentRequest.getUrl());
+ }
// if this is a real comment post then authenticate request
} else if (!preview && !this.authenticator.authenticate(request)) {
String[] msg = { request.getParameter("answer") };
Modified: roller/trunk/app/src/main/resources/ApplicationResources.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/resources/ApplicationResources.properties?rev=1602813&r1=1602812&r2=1602813&view=diff
==============================================================================
--- roller/trunk/app/src/main/resources/ApplicationResources.properties (original)
+++ roller/trunk/app/src/main/resources/ApplicationResources.properties Mon Jun 16 07:35:05 2014
@@ -235,6 +235,7 @@ comments.ldapAuthenticatorPassword=Pleas
error.commentAuthFailed=The response {0} is not correct. Please try again.
error.commentPostFailedEmailAddress=The e-mail address is invalid.
+error.commentPostFailedURL=The URL is invalid.
# -------------------------------------------------------- comment validators
Modified: roller/trunk/app/src/main/webapp/WEB-INF/velocity/weblog.vm
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/velocity/weblog.vm?rev=1602813&r1=1602812&r2=1602813&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/velocity/weblog.vm (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/velocity/weblog.vm Mon Jun 16 07:35:05 2014
@@ -373,7 +373,7 @@ Show comments form for weblog entry.
<span class="status">$cform.message</span>
#end
- <form method="post" action="$url.entry($entry.anchor)" focus="name" name="commentForm" onsubmit="fixURL(this); return validateComments(this)">
+ <form method="post" action="$url.entry($entry.anchor)" focus="name" name="commentForm" onsubmit="saveUserInformation(this); return validateComments(this)">
<input type="hidden" name="method" value="post" />
<ul>
@@ -449,14 +449,6 @@ Show comments form for weblog entry.
document.forms['commentForm'].rememberInfo.checked = true;
}
- function fixURL(theForm) {
- if (theForm.url.value != "" &&
- theForm.url.value.indexOf("http://") == -1) { //prepend http://
- theForm.url.value = "http://"+theForm.url.value;
- }
- saveUserInformation(theForm);
- }
-
function saveUserInformation(theForm) {
if (theForm.rememberInfo.checked) {
rememberUser(theForm);