You are viewing a plain text version of this content. The canonical link for it is here.
Posted to adffaces-issues@incubator.apache.org by "Scott O'Bryan (JIRA)" <ad...@incubator.apache.org> on 2006/10/10 17:48:22 UTC
[jira] Created: (ADFFACES-231) URL Encoding
URL Encoding
------------
Key: ADFFACES-231
URL: http://issues.apache.org/jira/browse/ADFFACES-231
Project: MyFaces ADF-Faces
Issue Type: Bug
Components: Portlet
Environment: JSR-168
Reporter: Scott O'Bryan
All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (ADFFACES-231) URL Encoding
Posted by "Scott O'Bryan (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=all ]
Scott O'Bryan updated ADFFACES-231:
-----------------------------------
Attachment: (was: patchWithNameIDEncod.patch)
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (ADFFACES-231) URL Encoding
Posted by "Adam Winer (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=comments#action_12445293 ]
Adam Winer commented on ADFFACES-231:
-------------------------------------
I've taken care of all the URLs I could find in renderkit.core. Anything in renderkit.htmlBasic, or inside "ui.laf" still needs to be done.
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (ADFFACES-231) URL Encoding
Posted by "Christiaan ten Klooster (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=all ]
Christiaan ten Klooster updated ADFFACES-231:
---------------------------------------------
Status: Patch Available (was: Open)
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (ADFFACES-231) URL Encoding
Posted by "Christiaan ten Klooster (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=all ]
Christiaan ten Klooster updated ADFFACES-231:
---------------------------------------------
Attachment: FormRenderer-patch.txt
Patch for FormRenderer. This bug is a serious problem when cookies are disabled.
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
> Attachments: FormRenderer-patch.txt
>
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (ADFFACES-231) URL Encoding
Posted by "John Fan (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=all ]
John Fan updated ADFFACES-231:
------------------------------
Attachment: patchWithNameIDEncod.patch
The purpose of this patch is to make sure that URLs rendered in pages are all encoded.
URLs are encoded by ultimately calling:
facesContext.getExternalContext().encodeActionURL()
facesContext.getExternalContext().encodeResourceURL()
In order for non faces major class to do encoding, the following new methods are created in BaseLafRenderer class:
protected String encodeActionURL
protected String encodeResourceURL
protected void renderEncodedActionURI
protected void renderEncodedResourceURI
For all HTML Id and name attributes rendered as URL, I am assuming they will be used as Action URLs.
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
> Attachments: patchWithNameIDEncod.patch
>
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (ADFFACES-231) URL Encoding
Posted by "Matthias Weßendorf (JIRA)" <ad...@incubator.apache.org>.
[ https://issues.apache.org/jira/browse/ADFFACES-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matthias Weßendorf updated ADFFACES-231:
----------------------------------------
Fix Version/s: 1.0.0-incubating-core
Affects Version/s: 1.0.0-incubating-core
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: https://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Affects Versions: 1.0.0-incubating-core
> Environment: JSR-168
> Reporter: Scott O'Bryan
> Fix For: 1.0.0-incubating-core
>
> Attachments: 3-ADFFACES-231.patch, 5-ADFFACES-231.patch
>
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (ADFFACES-231) URL Encoding
Posted by "Scott O'Bryan (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=all ]
Scott O'Bryan updated ADFFACES-231:
-----------------------------------
Attachment: 5-ADFFACES-231.patch
This file fixes some issues with the previous encoding work. The following issues are fixed:
1. StyleSheetRenederer was encoding the stylesheet using an encodeActionURL. This has been changed to encodeResourceURL since a stylesheet is a resource.
2. The XhtmlUtls were encoding the url of the javascript file only when in a servlet environment. This has been changed to encode the url at all times, especially in a remote portal environment where this encoding will prevent all navigation.
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
> Attachments: 3-ADFFACES-231.patch, 5-ADFFACES-231.patch
>
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Commented: (ADFFACES-231) URL Encoding
Posted by "Jeanne Waldman (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=comments#action_12456636 ]
Jeanne Waldman commented on ADFFACES-231:
-----------------------------------------
Applied patch 3 to my jwaldman-portlet branch
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
> Attachments: 3-ADFFACES-231.patch, 5-ADFFACES-231.patch
>
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (ADFFACES-231) URL Encoding
Posted by "Adam Winer (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=all ]
Adam Winer updated ADFFACES-231:
--------------------------------
Status: Open (was: Patch Available)
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
> Attachments: 3-ADFFACES-231.patch, 5-ADFFACES-231.patch
>
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Resolved: (ADFFACES-231) URL Encoding
Posted by "Scott O'Bryan (JIRA)" <ad...@incubator.apache.org>.
[ https://issues.apache.org/jira/browse/ADFFACES-231?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Scott O'Bryan resolved ADFFACES-231.
------------------------------------
Resolution: Fixed
Fixed ADFFACES-329
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: https://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
> Attachments: 3-ADFFACES-231.patch, 5-ADFFACES-231.patch
>
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (ADFFACES-231) URL Encoding
Posted by "Jeanne Waldman (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=comments#action_12455705 ]
Jeanne Waldman commented on ADFFACES-231:
-----------------------------------------
Note: Scott says that BOTH patches need to be applied.
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
> Attachments: 3-ADFFACES-231.patch, 5-ADFFACES-231.patch
>
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (ADFFACES-231) URL Encoding
Posted by "John Fan (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=all ]
John Fan updated ADFFACES-231:
------------------------------
Status: Patch Available (was: Open)
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] Updated: (ADFFACES-231) URL Encoding
Posted by "Scott O'Bryan (JIRA)" <ad...@incubator.apache.org>.
[ http://issues.apache.org/jira/browse/ADFFACES-231?page=all ]
Scott O'Bryan updated ADFFACES-231:
-----------------------------------
Attachment: 3-ADFFACES-231.patch
Based on some comments with Adam, this patch does not encode a select number of URL's. It also eliminated a problem with svn in trying to patch one of the golden files.
> URL Encoding
> ------------
>
> Key: ADFFACES-231
> URL: http://issues.apache.org/jira/browse/ADFFACES-231
> Project: MyFaces ADF-Faces
> Issue Type: Bug
> Components: Portlet
> Environment: JSR-168
> Reporter: Scott O'Bryan
> Attachments: 3-ADFFACES-231.patch
>
>
> All url's from the server need to be run through encodeResourceURL or encodeActionURL before they are sent to the client. There are many places where this is not done.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira