You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@ofbiz.apache.org by "Leon Torres (JIRA)" <ji...@apache.org> on 2007/05/22 23:52:16 UTC
[jira] Updated: (OFBIZ-1010) RequestHandler can crash when URI has
~ in path
[ https://issues.apache.org/jira/browse/OFBIZ-1010?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Leon Torres updated OFBIZ-1010:
-------------------------------
Attachment: requestHandlerTilda.patch
requestHandlerTilda.patch fixes the issue.
Originally, it would parse the uri "/ordermgr/~category_id=XXX/~pcategory=YYY/LookupPartyName" and decide that the result is "null/LookupPartyName". This is of course wrong.
This fix corrects the problem by checking for null.
> RequestHandler can crash when URI has ~ in path
> -----------------------------------------------
>
> Key: OFBIZ-1010
> URL: https://issues.apache.org/jira/browse/OFBIZ-1010
> Project: OFBiz (The Open for Business Project)
> Issue Type: Bug
> Components: framework
> Affects Versions: Release Branch 4.0
> Reporter: Leon Torres
> Attachments: requestHandlerTilda.patch
>
>
> If you add a lookup popup to a page that uses the catalog browse system where the URIs are like "/ordermgr/control/category/~category_id=201/~pcategory=200", and you click on the lookup image to get the popup, then the reqeuest handler will crash or do really weird things like render the whole appliccation in the popup.
> The error is: The requested resource (/ordermgr/null/LookupPartyName) is not available
> I've traced the error to the RequestHandler.getNextPageUri() method and found a fix that should introduce no complications.
> Steps to reproduce:
> 1) In ordermgr's orderHeaderInfo.ftl, add the following small form (intent is to change the order party):
> <form name="setOrderParty" action="<@o...@ofbizUrl>" method="post">
> <input type='text' class='inputBox' name='partyId' value='${partyMap.person.partyId?if_exists}'/>
> <a href="javascript:call_fieldlookup2(document.setOrderParty.partyId,'LookupPartyName');">
> <img src='/images/fieldlookup.gif' width='15' height='14' border='0' alt='Click here For Field Lookup'/>
> </a>
> </form>
> 2) Create an order and browse the categories in the left bar to bring up the category [Small Widgets] or whatever. The URI should have a ~pcategory in it.
> 3) Click on the LookupPartyName button to get the popup.
> 4) Observe that a popup with the above noted error appears.
> 5) Browse [Small Widgets] or wherever you are and click on a product . Add it to the cart.
> 6) Click on the LookupPartyName button again. This time the entire OFBiz will be rendered inside the popup!
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.