You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ofbiz.apache.org by "Jacques Le Roux (JIRA)" <ji...@apache.org> on 2009/04/05 15:39:12 UTC
[jira] Commented: (OFBIZ-2272) Secure URLs exceptions
[ https://issues.apache.org/jira/browse/OFBIZ-2272?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12695855#action_12695855 ]
Jacques Le Roux commented on OFBIZ-2272:
----------------------------------------
Here is the David's comment about the/CMSScreens.xml case
{quote}
From: "David E Jones" <da...@hotwaxmedia.com>
This is kind of a bad pattern since it puts presentation-specific code in the data preparation, ie the CMSContentFindQueryString
variable is a presentation-specific parameter string that is prepared in a the data preparation code. While not a terrible thing
to do, it does reduce reusability and complicates things like this.
The best solution is probably to find the code that maintains the "CMSContentFindQueryString" field, and then put the necessary
parameters in this link. It may be that the field is use to keep context for a chain of pages, which is a bit of a mess and while
I've seen that sort of thing done in different places it's a bit error- prone and there may be better approaches.
I guess in other words, find out of the parameters are necessary and include what you can and then the rest... well we can either
tear it apart and rewrite the stuff, or we might get lucky and whoever wrote will hop in... ;)
-David
{quote}
The [thread is here|http://markmail.org/message/qaz5peog4ci45qmn]
> Secure URLs exceptions
> ----------------------
>
> Key: OFBIZ-2272
> URL: https://issues.apache.org/jira/browse/OFBIZ-2272
> Project: OFBiz
> Issue Type: Improvement
> Components: ALL COMPONENTS
> Affects Versions: Release Branch 9.3, SVN trunk
> Reporter: Jacques Le Roux
> Fix For: Release Branch 9.3, SVN trunk
>
> Attachments: URLs secure exceptions.patch
>
>
> Here are theexceptions I crossed during the recent secure URLs action. I put it here for convenience but I attached also the patch. Beware this patch is only for demontration (to show problems, not solutions) and should *not* be applied of course.
> {code}
> Index: applications/content/widget/cms/CMSScreens.xml
> ===================================================================
> --- applications/content/widget/cms/CMSScreens.xml (revision 761874)
> +++ applications/content/widget/cms/CMSScreens.xml (working copy)
> @@ -171,7 +171,9 @@
> <container style="screenlet-body">
> <section>
> <widgets>
> - <link text="${uiLabelMap.ContentGoToFind}" target="CMSContentFind?VIEW_INDEX=${CMSContentFindViewIndex}&${CMSContentFindQueryString}" style="tabletext"/>
> + <link text="${uiLabelMap.ContentGoToFind}" target="CMSContentFind" style="tabletext">
> + <parameter param-name="VIEW_INDEX" value="${CMSContentFindViewIndex}&${CMSContentFindQueryString}"/>
> + </link>
> <include-form name="EditAddContentStuff" location="component://content/webapp/content/cms/CMSForms.xml" />
> <content content-id="${contentId}" enable-edit-name="notfound" edit-request="EditAddSubContent?MASTER_contentId=${MASTER_contentId}&MASTER_caContentIdTo=${MASTER_caContentIdTo}&MASTER_caContentAssocTypeId=${MASTER_caContentAssocTypeId}&MASTER_caFromDate=${MASTER_caFromDate}&MASTER_drDataResourceId=${MASTER_drDataResourceId}&caContentIdTo=${caContentIdTo}"/>
> </widgets>
> @@ -217,7 +219,9 @@
> <container style="screenlet-body">
> <section>
> <widgets>
> - <link text="${uiLabelMap.ContentGoToFind}" target="CMSContentFind?VIEW_INDEX=${CMSContentFindViewIndex}&${CMSContentFindQueryString}" style="tabletext"/>
> + <link text="${uiLabelMap.ContentGoToFind}" target="CMSContentFind" style="tabletext">
> + <parameter param-name="VIEW_INDEX" value="${CMSContentFindViewIndex}&${CMSContentFindQueryString}"/>
> + </link>
> <include-form name="EditAddSubContentStuff" location="component://content/webapp/content/cms/CMSForms.xml" />
> </widgets>
> </section>
> Index: applications/product/widget/facility/FacilityScreens.xml
> ===================================================================
> --- applications/product/widget/facility/FacilityScreens.xml (revision 761874)
> +++ applications/product/widget/facility/FacilityScreens.xml (working copy)
> @@ -431,8 +431,12 @@
> <!--<link target="ViewFacilityInventoryByProductSimple" text="${uiLabelMap.CommonPrint}" style="buttontext">
> <parameter param-name="facilityId" from-field="facilityId"/>
> </link>-->
> - <link target="ViewFacilityInventoryByProductReport?${searchParameterString}" text="${uiLabelMap.CommonPrint}" style="buttontext"/>
> - <link target="ViewFacilityInventoryByProductExport?${searchParameterString}" text="${uiLabelMap.CommonExport}" style="buttontext"/>
> + <link target="ViewFacilityInventoryByProductReport" style="buttontext">
> + <parameter param-name="${searchParameterString}" text" value=""${uiLabelMap.CommonPrint}"/>
> + </link>
> + <link target="ViewFacilityInventoryByProductExport" style="buttontext">
> + <parameter param-name="${searchParameterString}" text" value=""${uiLabelMap.CommonExport}"/>
> + </link>
> <link target="InventoryItemTotals" text="${uiLabelMap.ProductInventoryItemTotals}" style="buttontext">
> <parameter param-name="facilityId" from-field="facilityId"/>
> <parameter param-name="action" value="Y"/>
> Index: applications/product/widget/facility/ReportScreens.xml
> ===================================================================
> --- applications/product/widget/facility/ReportScreens.xml (revision 761874)
> +++ applications/product/widget/facility/ReportScreens.xml (working copy)
> @@ -54,8 +54,12 @@
> <label style="h1" text="${uiLabelMap.ProductInventoryByProduct} ${uiLabelMap.CommonFor} ${facility.facilityName}"/>
> </container>
> <container>
> - <link target="ViewFacilityInventoryByProductReport?${searchParameterString}" text="${uiLabelMap.CommonPrint}" style="buttontext"/>
> - <link target="ViewFacilityInventoryByProductExport?${searchParameterString}" text="${uiLabelMap.CommonExport}" style="buttontext"/>
> + <link target="ViewFacilityInventoryByProductReport" style="buttontext">
> + <parameter param-name="${searchParameterString}" text" value=""${uiLabelMap.CommonPrint}"/>
> + </link>
> + <link target="ViewFacilityInventoryByProductExport" style="buttontext">
> + <parameter param-name="${searchParameterString}" text" value=""${uiLabelMap.CommonExport}"/>
> + </link>
> </container>
> <container style="screenlet">
> <container style="screenlet-title-bar">
> Index: specialpurpose/assetmaint/widget/FacilityScreens.xml
> ===================================================================
> --- specialpurpose/assetmaint/widget/FacilityScreens.xml (revision 761874)
> +++ specialpurpose/assetmaint/widget/FacilityScreens.xml (working copy)
> @@ -59,8 +59,12 @@
> <!--<link target="ViewFacilityInventoryByProductSimple" text="${uiLabelMap.CommonPrint}" style="buttontext">
> <parameter param-name="facilityId" from-field="facilityId"/>
> </link>-->
> - <link target="ViewFacilityInventoryByProductReport?${searchParameterString}" text="${uiLabelMap.CommonPrint}" style="buttontext"/>
> - <link target="ViewFacilityInventoryByProductExport?${searchParameterString}" text="${uiLabelMap.CommonExport}" style="buttontext"/>
> + <link target="ViewFacilityInventoryByProductReport" style="buttontext">
> + <parameter param-name="${searchParameterString}" text" value=""${uiLabelMap.CommonPrint}"/>
> + </link>
> + <link target="ViewFacilityInventoryByProductExport" style="buttontext">
> + <parameter param-name="${searchParameterString}" text" value=""${uiLabelMap.CommonExport}"/>
> + </link>
> </container>
>
> <include-form name="FindFacilityInventoryByProduct" location="component://product/webapp/facility/facility/FacilityForms.xml"/>
> Index: specialpurpose/mypage/widget/MyPageMenus.xml
> ===================================================================
> --- specialpurpose/mypage/widget/MyPageMenus.xml (revision 761874)
> +++ specialpurpose/mypage/widget/MyPageMenus.xml (working copy)
> @@ -126,7 +126,7 @@
> </menu-item>
> <menu-item name="help" title="${uiLabelMap.CommonHelp}" align-style="opposed">
> <condition><not><if-empty field="userLogin"/></not></condition>
> - <link target="http://docs.ofbiz.org/display/OFBENDUSER/My+Page?decorator=printable" url-mode="plain" target-window="new"/>
> + <link target="http://docs.ofbiz.org/display/OFBENDUSER/My+Page" url-mode="plain" target-window="new"/>
> </menu-item>
> <menu-item name="preferences" title="${uiLabelMap.CommonPreferences}" align-style="opposed">
> <condition>
> {code}
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.