You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by pa...@apache.org on 2020/02/07 16:13:23 UTC
[wicket] branch csp-examples updated (ed451e0 -> 01666e9)
This is an automated email from the ASF dual-hosted git repository.
papegaaij pushed a change to branch csp-examples
in repository https://gitbox.apache.org/repos/asf/wicket.git.
from ed451e0 WICKET-6737: Moved inline styling to css files
add 6b8ca7d WICKET-6737: submit form via triggered submit event
add 3f6a5d3 WICKET-6732: Do not render URL when link is disabled or invisible
add 0a5cdf1 WICKET-6727: first code drop for configurable CSP
add 3bed1e9 WICKET-6727: refactoring of CSP API
add 3afb562 WICKET-6727: fix license headers
add d1a59a8 WICKET-6727: more refactoring of the CSP API
add 6392eda WICKET-6727: do not extend WicketTester but WicketTestCase
add 8dd6557 WICKET-6727: enable CSP in WebApplication and provide default profiles
add cfc4615 WICKET-6727: Remove old CspNonceHeaderResponse and update example
add 1e509dd WICKET-6727: ContentSecurityPolicyEnforcer must not protect non-webresponses
add 3d8c018 WICKET-6727: Updated documentation, fixed websocket, fixed examples
add a83a01b WICKET-6727: fixed CSP in several examples
add dd868da WICKET-6727: improved documentation
add 1e618f3 WICKET-6727: Improved API
add aa5e0c3 WICKET-6727: API improvements and minor changes after review
add c83d67b WICKET-6727: do not unwrap HeaderItems before rendering
add cc2da2e WICKET-6727: easy reporting and use nonce per page
add eb3de89 WICKET-6727: license header
add 8f7ee84 WICKET-6727: do not yet enable CSP by default, see WICKET-6733
add 263cc1a Merge branch 'csp-configurable'
new d0dc891 Merge branch 'master' into csp-examples
new 01666e9 WICKET-6737: update expected HTML to fix test
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../java/org/apache/wicket/csp/CSPDirective.java | 194 +++++++++
.../wicket/csp/CSPDirectiveSandboxValue.java | 39 +-
.../apache/wicket/csp/CSPDirectiveSrcValue.java | 61 +++
.../apache/wicket/csp/CSPHeaderConfiguration.java | 343 +++++++++++++++
.../CSPHeaderMode.java} | 33 +-
.../CSPNonceHeaderResponseDecorator.java} | 51 +--
.../java/org/apache/wicket/csp/CSPRenderable.java | 57 +++
.../wicket/csp/ContentSecurityPolicyEnforcer.java | 227 ++++++++++
.../java/org/apache/wicket/csp/FixedCSPValue.java | 88 ++++
.../org/apache/wicket/csp/RelativeURICSPValue.java | 72 ++++
.../wicket/csp/ReportCSPViolationMapper.java | 126 ++++++
.../markup/head/filter/CspNonceHeaderResponse.java | 93 ----
.../org/apache/wicket/markup/html/form/Form.java | 19 +-
.../apache/wicket/markup/html/form/SubmitLink.java | 16 +-
.../wicket/markup/html/link/ExternalLink.java | 7 +-
.../org/apache/wicket/mock/MockWebResponse.java | 6 +
.../org/apache/wicket/page/PartialPageUpdate.java | 6 +
.../wicket/protocol/http/BufferedWebResponse.java | 6 +
.../protocol/http/HeaderBufferingWebResponse.java | 6 +
.../wicket/protocol/http/WebApplication.java | 37 ++
.../protocol/http/servlet/ServletWebResponse.java | 6 +
.../csp/CSPSettingRequestCycleListenerTest.java | 467 +++++++++++++++++++++
.../markup/head/filter/CspNoncePageExpected.html | 3 +-
.../head/filter/FilteringHeaderResponseTest.java | 31 +-
...WicketComponentTreeTestPage_ExpectedResult.html | 3 +-
.../apache/wicket/markup/html/form/FormTest.java | 4 +-
.../wicket/examples/WicketExampleApplication.java | 1 +
.../apache/wicket/examples/WicketExamplePage.html | 4 +-
.../examples/asemail/MailTemplateApplication.java | 4 +-
.../examples/authorization/RolesApplication.java | 4 +-
.../examples/breadcrumb/BreadCrumbApplication.java | 3 +-
.../apache/wicket/examples/cdi/CdiApplication.java | 4 +-
.../wicket/examples/compref/SubmitLinkPage.html | 2 +-
.../wicket/examples/compref/SubmitLinkPage.java | 15 +-
.../apache/wicket/examples/csp/CspApplication.java | 35 +-
.../CustomLoadedTemplate.html | 4 +-
.../examples/kittenCaptcha/WicketApplication.java | 4 +-
.../examples/repeater/RepeaterApplication.java | 4 +-
.../ResourceDecorationApplication.java | 3 +-
.../spring/common/web/ExampleApplication.java | 4 +-
.../wicket/examples/tree/TreeApplication.java | 3 +-
.../velocity/VelocityTemplateApplication.java | 4 +-
.../examples/websocket/JSR356Application.java | 7 +-
.../wicket/examples/wizard/WizardApplication.java | 4 +-
.../wicket/protocol/ws/api/WebSocketResponse.java | 5 +
.../apache/wicket/request/http/WebResponse.java | 9 +
46 files changed, 1887 insertions(+), 237 deletions(-)
create mode 100644 wicket-core/src/main/java/org/apache/wicket/csp/CSPDirective.java
copy wicket-request/src/main/java/org/apache/wicket/request/handler/EmptyRequestHandler.java => wicket-core/src/main/java/org/apache/wicket/csp/CSPDirectiveSandboxValue.java (57%)
create mode 100644 wicket-core/src/main/java/org/apache/wicket/csp/CSPDirectiveSrcValue.java
create mode 100644 wicket-core/src/main/java/org/apache/wicket/csp/CSPHeaderConfiguration.java
copy wicket-core/src/main/java/org/apache/wicket/{markup/head/IReferenceHeaderItem.java => csp/CSPHeaderMode.java} (66%)
copy wicket-core/src/main/java/org/apache/wicket/{markup/head/filter/SubresourceHeaderResponse.java => csp/CSPNonceHeaderResponseDecorator.java} (50%)
create mode 100644 wicket-core/src/main/java/org/apache/wicket/csp/CSPRenderable.java
create mode 100644 wicket-core/src/main/java/org/apache/wicket/csp/ContentSecurityPolicyEnforcer.java
create mode 100644 wicket-core/src/main/java/org/apache/wicket/csp/FixedCSPValue.java
create mode 100644 wicket-core/src/main/java/org/apache/wicket/csp/RelativeURICSPValue.java
create mode 100644 wicket-core/src/main/java/org/apache/wicket/csp/ReportCSPViolationMapper.java
delete mode 100644 wicket-core/src/main/java/org/apache/wicket/markup/head/filter/CspNonceHeaderResponse.java
create mode 100644 wicket-core/src/test/java/org/apache/wicket/csp/CSPSettingRequestCycleListenerTest.java
[wicket] 01/02: Merge branch 'master' into csp-examples
Posted by pa...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
papegaaij pushed a commit to branch csp-examples
in repository https://gitbox.apache.org/repos/asf/wicket.git
commit d0dc8917198e3a586cb0b9484da0cf3af12f748a
Merge: ed451e0 263cc1a
Author: Emond Papegaaij <em...@topicus.nl>
AuthorDate: Fri Feb 7 17:04:45 2020 +0100
Merge branch 'master' into csp-examples
.../java/org/apache/wicket/csp/CSPDirective.java | 194 +++++++++
.../wicket/csp/CSPDirectiveSandboxValue.java | 37 +-
.../apache/wicket/csp/CSPDirectiveSrcValue.java | 61 +++
.../apache/wicket/csp/CSPHeaderConfiguration.java | 343 +++++++++++++++
.../java/org/apache/wicket/csp/CSPHeaderMode.java | 31 +-
.../csp/CSPNonceHeaderResponseDecorator.java | 61 +++
.../java/org/apache/wicket/csp/CSPRenderable.java | 57 +++
.../wicket/csp/ContentSecurityPolicyEnforcer.java | 227 ++++++++++
.../java/org/apache/wicket/csp/FixedCSPValue.java | 88 ++++
.../org/apache/wicket/csp/RelativeURICSPValue.java | 72 ++++
.../wicket/csp/ReportCSPViolationMapper.java | 126 ++++++
.../markup/head/filter/CspNonceHeaderResponse.java | 93 ----
.../org/apache/wicket/markup/html/form/Form.java | 19 +-
.../apache/wicket/markup/html/form/SubmitLink.java | 16 +-
.../wicket/markup/html/link/ExternalLink.java | 7 +-
.../org/apache/wicket/mock/MockWebResponse.java | 6 +
.../org/apache/wicket/page/PartialPageUpdate.java | 6 +
.../wicket/protocol/http/BufferedWebResponse.java | 6 +
.../protocol/http/HeaderBufferingWebResponse.java | 6 +
.../wicket/protocol/http/WebApplication.java | 37 ++
.../protocol/http/servlet/ServletWebResponse.java | 6 +
.../csp/CSPSettingRequestCycleListenerTest.java | 467 +++++++++++++++++++++
.../markup/head/filter/CspNoncePageExpected.html | 3 +-
.../head/filter/FilteringHeaderResponseTest.java | 31 +-
.../apache/wicket/markup/html/form/FormTest.java | 4 +-
.../wicket/examples/WicketExampleApplication.java | 1 +
.../apache/wicket/examples/WicketExamplePage.html | 4 +-
.../examples/asemail/MailTemplateApplication.java | 4 +-
.../examples/authorization/RolesApplication.java | 4 +-
.../examples/breadcrumb/BreadCrumbApplication.java | 3 +-
.../apache/wicket/examples/cdi/CdiApplication.java | 4 +-
.../wicket/examples/compref/SubmitLinkPage.html | 2 +-
.../wicket/examples/compref/SubmitLinkPage.java | 15 +-
.../apache/wicket/examples/csp/CspApplication.java | 35 +-
.../CustomLoadedTemplate.html | 4 +-
.../examples/kittenCaptcha/WicketApplication.java | 4 +-
.../examples/repeater/RepeaterApplication.java | 4 +-
.../ResourceDecorationApplication.java | 3 +-
.../spring/common/web/ExampleApplication.java | 4 +-
.../wicket/examples/tree/TreeApplication.java | 3 +-
.../velocity/VelocityTemplateApplication.java | 4 +-
.../examples/websocket/JSR356Application.java | 7 +-
.../wicket/examples/wizard/WizardApplication.java | 4 +-
.../wicket/protocol/ws/api/WebSocketResponse.java | 5 +
.../apache/wicket/request/http/WebResponse.java | 9 +
45 files changed, 1924 insertions(+), 203 deletions(-)
[wicket] 02/02: WICKET-6737: update expected HTML to fix test
Posted by pa...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
papegaaij pushed a commit to branch csp-examples
in repository https://gitbox.apache.org/repos/asf/wicket.git
commit 01666e97eebf16c2a1e1e51636e50921846815cd
Author: Emond Papegaaij <em...@topicus.nl>
AuthorDate: Fri Feb 7 17:13:06 2020 +0100
WICKET-6737: update expected HTML to fix test
---
.../markup/html/debug/WicketComponentTreeTestPage_ExpectedResult.html | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/wicket-core/src/test/java/org/apache/wicket/markup/html/debug/WicketComponentTreeTestPage_ExpectedResult.html b/wicket-core/src/test/java/org/apache/wicket/markup/html/debug/WicketComponentTreeTestPage_ExpectedResult.html
index 62a6dc4..cd16924 100644
--- a/wicket-core/src/test/java/org/apache/wicket/markup/html/debug/WicketComponentTreeTestPage_ExpectedResult.html
+++ b/wicket-core/src/test/java/org/apache/wicket/markup/html/debug/WicketComponentTreeTestPage_ExpectedResult.html
@@ -13,7 +13,8 @@
limitations under the License.
-->
<html>
-<body>
+<head><link rel="stylesheet" type="text/css" href="../resource/org.apache.wicket.markup.html.debug.PageViewCSSResourceReference/pageview.css" />
+</head><body>
<span wicket:id="label1">test1</span>
<span wicket:id="label2">test22</span>
<span wicket:id="componentList"><wicket:panel>