You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by mg...@apache.org on 2014/03/13 11:09:06 UTC
git commit: WICKET-5522 Failing HTTPS redirect to RequireHttps
annotated pages with ONE_PASS_RENDER strategy
Repository: wicket
Updated Branches:
refs/heads/wicket-6.x 98825c887 -> 625470588
WICKET-5522 Failing HTTPS redirect to RequireHttps annotated pages with ONE_PASS_RENDER strategy
Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/62547058
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/62547058
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/62547058
Branch: refs/heads/wicket-6.x
Commit: 625470588754680d6b256473e8f218c981a0808c
Parents: 98825c8
Author: Martin Tzvetanov Grigorov <mg...@apache.org>
Authored: Thu Mar 13 12:08:35 2014 +0200
Committer: Martin Tzvetanov Grigorov <mg...@apache.org>
Committed: Thu Mar 13 12:08:35 2014 +0200
----------------------------------------------------------------------
.../request/handler/render/WebPageRenderer.java | 24 ++++++++++-
.../handler/render/WebPageRendererTest.java | 43 +++++++++++++++++++-
2 files changed, 65 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/wicket/blob/62547058/wicket-core/src/main/java/org/apache/wicket/request/handler/render/WebPageRenderer.java
----------------------------------------------------------------------
diff --git a/wicket-core/src/main/java/org/apache/wicket/request/handler/render/WebPageRenderer.java b/wicket-core/src/main/java/org/apache/wicket/request/handler/render/WebPageRenderer.java
index c641b58..75bc5d7 100644
--- a/wicket-core/src/main/java/org/apache/wicket/request/handler/render/WebPageRenderer.java
+++ b/wicket-core/src/main/java/org/apache/wicket/request/handler/render/WebPageRenderer.java
@@ -33,6 +33,7 @@ import org.apache.wicket.request.component.IRequestablePage;
import org.apache.wicket.request.cycle.RequestCycle;
import org.apache.wicket.request.http.WebRequest;
import org.apache.wicket.request.http.WebResponse;
+import org.apache.wicket.util.lang.Objects;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -200,7 +201,8 @@ public class WebPageRenderer extends PageRenderer
// if there is saved response for this URL render it
bufferedResponse.writeTo((WebResponse)requestCycle.getResponse());
}
- else if (isAjax == false && (//
+ else if ((isAjax == false)
+ && (compatibleProtocols(currentUrl.getProtocol(), targetUrl.getProtocol())) && (//
getRedirectPolicy() == RedirectPolicy.NEVER_REDIRECT //
|| (isOnePassRender() && getRedirectPolicy() != RedirectPolicy.ALWAYS_REDIRECT) //
|| ((targetUrl.equals(currentUrl) && !getPageProvider().isNewPageInstance() && !getPage()
@@ -318,4 +320,24 @@ public class WebPageRenderer extends PageRenderer
}
}
}
+
+ /**
+ * Compares the protocols of two {@link Url}s
+ *
+ * @param p1
+ * the first protocol
+ * @param p2
+ * the second protocol
+ * @return {@code false} if the protocols are both non-null and not equal,
+ * {@code true} - otherwise
+ */
+ protected boolean compatibleProtocols(String p1, String p2)
+ {
+ if (p1 != null && p2 != null)
+ {
+ return Objects.equal(p1, p2);
+ }
+
+ return true;
+ }
}
http://git-wip-us.apache.org/repos/asf/wicket/blob/62547058/wicket-core/src/test/java/org/apache/wicket/request/handler/render/WebPageRendererTest.java
----------------------------------------------------------------------
diff --git a/wicket-core/src/test/java/org/apache/wicket/request/handler/render/WebPageRendererTest.java b/wicket-core/src/test/java/org/apache/wicket/request/handler/render/WebPageRendererTest.java
index 3c6ce7e..2200b14 100644
--- a/wicket-core/src/test/java/org/apache/wicket/request/handler/render/WebPageRendererTest.java
+++ b/wicket-core/src/test/java/org/apache/wicket/request/handler/render/WebPageRendererTest.java
@@ -46,7 +46,7 @@ import org.junit.Test;
/**
* Tests for the calculation whether or not to redirect or directly render a page
*/
-public class WebPageRendererTest
+public class WebPageRendererTest extends Assert
{
private RenderPageRequestHandler handler;
@@ -112,6 +112,47 @@ public class WebPageRendererTest
}
/**
+ * Tests that when {@link IRequestCycleSettings.RenderStrategy#ONE_PASS_RENDER} is configured
+ * there will be a redirect issued if the protocols of the current and target urls
+ * are different
+ *
+ * https://issues.apache.org/jira/browse/WICKET-5522
+ */
+ @Test
+ public void testOnePassRenderDifferentProtocols()
+ {
+ final AtomicBoolean responseBuffered = new AtomicBoolean(false);
+
+ PageRenderer renderer = new TestPageRenderer(handler)
+ {
+ @Override
+ protected boolean isOnePassRender()
+ {
+ return true;
+ }
+
+ @Override
+ protected void storeBufferedResponse(Url url, BufferedWebResponse response)
+ {
+ responseBuffered.set(true);
+ }
+ };
+
+ // uses HTTPS
+ when(urlRenderer.getBaseUrl()).thenReturn(Url.parse("https://host/base"));
+
+ when(requestCycle.mapUrlFor(eq(handler))).thenReturn(Url.parse("http://host/base/a"));
+
+ when(request.shouldPreserveClientUrl()).thenReturn(false);
+
+ renderer.respond(requestCycle);
+
+ verify(response, never()).write(any(byte[].class));
+ verify(response).sendRedirect(anyString());
+ assertTrue(responseBuffered.get());
+ }
+
+ /**
* Tests that even when {@link IRequestCycleSettings.RenderStrategy#ONE_PASS_RENDER} is
* configured but the {@link RedirectPolicy} says that it needs to redirect it will redirect.
*/