You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@myfaces.apache.org by lo...@apache.org on 2022/11/18 08:30:08 UTC
[myfaces-tobago] branch tobago-5.x updated: Tobago 5.x fix code scanning (#3429)
This is an automated email from the ASF dual-hosted git repository.
lofwyr pushed a commit to branch tobago-5.x
in repository https://gitbox.apache.org/repos/asf/myfaces-tobago.git
The following commit(s) were added to refs/heads/tobago-5.x by this push:
new 3bb0c0adcb Tobago 5.x fix code scanning (#3429)
3bb0c0adcb is described below
commit 3bb0c0adcbc981b87dd0f1b51074a2f867980150
Author: Udo Schnurpfeil <gi...@schnurpfeil.de>
AuthorDate: Fri Nov 18 09:30:03 2022 +0100
Tobago 5.x fix code scanning (#3429)
* next release version 4.6
* demo(textarea): use model
* refactor(security): fix github code scanning issue
* fix: Polynomial regular expression used on uncontrolled data
* refactor(security): fix github code scanning issue
* fix: Polynomial regular expression used on uncontrolled data
* refactor(security): fix github code scanning issue
* fix: Polynomial regular expression used on uncontrolled data
---
.../tobago/internal/component/AbstractUIPage.java | 47 ++++++++++++++++---
.../internal/component/AbstractUIPageUnitTest.java | 53 ++++++++++++++++++++++
.../internal/config/AbstractTobagoTestBase.java | 9 ++--
3 files changed, 99 insertions(+), 10 deletions(-)
diff --git a/tobago-core/src/main/java/org/apache/myfaces/tobago/internal/component/AbstractUIPage.java b/tobago-core/src/main/java/org/apache/myfaces/tobago/internal/component/AbstractUIPage.java
index e063f94cb5..3f0bd381c0 100644
--- a/tobago-core/src/main/java/org/apache/myfaces/tobago/internal/component/AbstractUIPage.java
+++ b/tobago-core/src/main/java/org/apache/myfaces/tobago/internal/component/AbstractUIPage.java
@@ -96,21 +96,20 @@ public abstract class AbstractUIPage extends AbstractUIFormBase implements Clien
LOG.warn("No sourceId found!");
}
- // TODO: Remove this if block if proven this never happens anymore
- // TODO: This workaround is stil needed for Mojarra
- // TODO: Otherwise actions in tree/sheet will not be detected
- if (command == null
- && sourceId != null && sourceId.matches(".*:\\d+:.*")) {
+ if (command == null && sourceId != null) {
// If currentActionId component was inside a sheet the id contains the
// rowIndex and is therefore not found here.
// We do not need the row here because we want just to find the
// related form, so removing the rowIndex will help here.
- sourceId = sourceId.replaceAll(":\\d+:", ":");
+ sourceId = cutIteratorFromId(sourceId);
try {
command = viewRoot.findComponent(sourceId);
- //LOG.info("command = \"" + command + "\"", new Exception());
} catch (final Exception e) {
// ignore
+ if (LOG.isTraceEnabled()) {
+ LOG.trace("sourceId='{}'", sourceId);
+ LOG.trace("Exception in findComponent", e);
+ }
}
}
@@ -140,6 +139,40 @@ public abstract class AbstractUIPage extends AbstractUIFormBase implements Clien
}
}
+ // TODO: Remove this method if proven this never happens anymore
+ // TODO: This workaround is stil needed for Mojarra
+ // TODO: Otherwise actions in tree/sheet will not be detected
+ protected String cutIteratorFromId(final String sourceId) {
+
+ final char[] chars = sourceId.toCharArray();
+ final int n = chars.length;
+ final char colon = getFacesContext().getNamingContainerSeparatorChar();
+ final StringBuilder builder = new StringBuilder(n);
+ char lastInBuilder = ' '; // any non-colon
+ for (char c : chars) {
+ if (c == colon) { // colon
+ if (lastInBuilder != colon) {
+ builder.append(c);
+ lastInBuilder = c;
+ }
+ } else if ('0' <= c && c <= '9') { // number
+
+ } else { // any other
+ builder.append(c);
+ lastInBuilder = c;
+ }
+ }
+
+ if (builder.length() == n) {
+ return sourceId;
+ } else if (lastInBuilder == colon) {
+ builder.deleteCharAt(builder.length() - 1);
+ return builder.toString();
+ } else {
+ return builder.toString();
+ }
+ }
+
public abstract String getLabel();
public abstract String getFocusId();
diff --git a/tobago-core/src/test/java/org/apache/myfaces/tobago/internal/component/AbstractUIPageUnitTest.java b/tobago-core/src/test/java/org/apache/myfaces/tobago/internal/component/AbstractUIPageUnitTest.java
new file mode 100644
index 0000000000..5adc5af62e
--- /dev/null
+++ b/tobago-core/src/test/java/org/apache/myfaces/tobago/internal/component/AbstractUIPageUnitTest.java
@@ -0,0 +1,53 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.myfaces.tobago.internal.component;
+
+import org.apache.myfaces.tobago.component.RendererTypes;
+import org.apache.myfaces.tobago.component.Tags;
+import org.apache.myfaces.tobago.internal.config.AbstractTobagoTestBase;
+import org.apache.myfaces.tobago.util.ComponentUtils;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+
+public class AbstractUIPageUnitTest extends AbstractTobagoTestBase {
+
+ @Test
+ public void testCutIteratorFromId() {
+
+ final AbstractUIPage page = (AbstractUIPage) ComponentUtils.createComponent(
+ facesContext, Tags.page.componentType(), RendererTypes.Page, null);
+
+ Assertions.assertEquals("abc", page.cutIteratorFromId("abc"));
+
+ Assertions.assertEquals("a:b:c", page.cutIteratorFromId("a:b:c"));
+
+ Assertions.assertEquals("a:c", page.cutIteratorFromId("a:5:c"));
+
+ Assertions.assertEquals("a:c", page.cutIteratorFromId("a:55555555555555:c"));
+
+ Assertions.assertEquals("a:c", page.cutIteratorFromId("a:555:555:555:55555:c"));
+
+ Assertions.assertEquals("", page.cutIteratorFromId(""));
+
+ Assertions.assertEquals("", page.cutIteratorFromId("5"));
+
+ Assertions.assertEquals("sheet", page.cutIteratorFromId("sheet:5"));
+ }
+}
diff --git a/tobago-core/src/test/java/org/apache/myfaces/tobago/internal/config/AbstractTobagoTestBase.java b/tobago-core/src/test/java/org/apache/myfaces/tobago/internal/config/AbstractTobagoTestBase.java
index b0bb727473..020ca4276c 100644
--- a/tobago-core/src/test/java/org/apache/myfaces/tobago/internal/config/AbstractTobagoTestBase.java
+++ b/tobago-core/src/test/java/org/apache/myfaces/tobago/internal/config/AbstractTobagoTestBase.java
@@ -38,6 +38,7 @@ import org.apache.myfaces.tobago.component.UIIn;
import org.apache.myfaces.tobago.component.UILink;
import org.apache.myfaces.tobago.component.UILinks;
import org.apache.myfaces.tobago.component.UIOut;
+import org.apache.myfaces.tobago.component.UIPage;
import org.apache.myfaces.tobago.component.UIPanel;
import org.apache.myfaces.tobago.component.UIPopup;
import org.apache.myfaces.tobago.component.UIRange;
@@ -63,6 +64,7 @@ import org.apache.myfaces.tobago.component.UITreeIndent;
import org.apache.myfaces.tobago.component.UITreeNode;
import org.apache.myfaces.tobago.component.UITreeSelect;
import org.apache.myfaces.tobago.config.TobagoConfig;
+import static org.apache.myfaces.tobago.config.TobagoConfig.TOBAGO_CONFIG;
import org.apache.myfaces.tobago.context.TobagoContext;
import org.apache.myfaces.tobago.internal.behavior.EventBehavior;
import org.apache.myfaces.tobago.internal.renderkit.renderer.BadgeRenderer;
@@ -78,6 +80,7 @@ import org.apache.myfaces.tobago.internal.renderkit.renderer.InRenderer;
import org.apache.myfaces.tobago.internal.renderkit.renderer.LinkRenderer;
import org.apache.myfaces.tobago.internal.renderkit.renderer.LinksRenderer;
import org.apache.myfaces.tobago.internal.renderkit.renderer.OutRenderer;
+import org.apache.myfaces.tobago.internal.renderkit.renderer.PageRenderer;
import org.apache.myfaces.tobago.internal.renderkit.renderer.PanelRenderer;
import org.apache.myfaces.tobago.internal.renderkit.renderer.PopupRenderer;
import org.apache.myfaces.tobago.internal.renderkit.renderer.RangeRenderer;
@@ -103,6 +106,7 @@ import org.apache.myfaces.tobago.internal.renderkit.renderer.TreeNodeRenderer;
import org.apache.myfaces.tobago.internal.renderkit.renderer.TreeRenderer;
import org.apache.myfaces.tobago.internal.renderkit.renderer.TreeSelectRenderer;
import org.apache.myfaces.tobago.internal.webapp.HtmlResponseWriter;
+import static org.apache.myfaces.tobago.util.ResourceUtils.TOBAGO_RESOURCE_BUNDLE;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.BeforeEach;
@@ -116,9 +120,6 @@ import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.Locale;
-import static org.apache.myfaces.tobago.config.TobagoConfig.TOBAGO_CONFIG;
-import static org.apache.myfaces.tobago.util.ResourceUtils.TOBAGO_RESOURCE_BUNDLE;
-
/**
* <p>Abstract JUnit test case base class, which sets up the JavaServer Faces
* mock object environment for a particular simulated request.
@@ -170,6 +171,7 @@ public abstract class AbstractTobagoTestBase extends AbstractJsfTestCase {
application.addComponent(Tags.link.componentType(), UILink.class.getName());
application.addComponent(Tags.links.componentType(), UILinks.class.getName());
application.addComponent(Tags.out.componentType(), UIOut.class.getName());
+ application.addComponent(Tags.page.componentType(), UIPage.class.getName());
application.addComponent(Tags.panel.componentType(), UIPanel.class.getName());
application.addComponent(Tags.popup.componentType(), UIPopup.class.getName());
application.addComponent(Tags.range.componentType(), UIRange.class.getName());
@@ -216,6 +218,7 @@ public abstract class AbstractTobagoTestBase extends AbstractJsfTestCase {
renderKit.addRenderer(UILink.COMPONENT_FAMILY, RendererTypes.LINK, new LinkRenderer<UILink>());
renderKit.addRenderer(UILinks.COMPONENT_FAMILY, RendererTypes.LINKS, new LinksRenderer<UILinks>());
renderKit.addRenderer(UIOut.COMPONENT_FAMILY, RendererTypes.OUT, new OutRenderer<UIOut>());
+ renderKit.addRenderer(UIPage.COMPONENT_FAMILY, RendererTypes.PAGE, new PageRenderer<UIPage>());
renderKit.addRenderer(UIPanel.COMPONENT_FAMILY, RendererTypes.PANEL, new PanelRenderer<UIPanel>());
renderKit.addRenderer(UIPopup.COMPONENT_FAMILY, RendererTypes.POPUP, new PopupRenderer<UIPopup>());
renderKit.addRenderer(UIRange.COMPONENT_FAMILY, RendererTypes.RANGE, new RangeRenderer<UIRange>());