You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@wicket.apache.org by sv...@apache.org on 2013/03/12 15:16:47 UTC
git commit: WICKET-5094 enforce mount for mounted pages only
Updated Branches:
refs/heads/master 3bf98ca71 -> 74e776763
WICKET-5094 enforce mount for mounted pages only
Project: http://git-wip-us.apache.org/repos/asf/wicket/repo
Commit: http://git-wip-us.apache.org/repos/asf/wicket/commit/74e77676
Tree: http://git-wip-us.apache.org/repos/asf/wicket/tree/74e77676
Diff: http://git-wip-us.apache.org/repos/asf/wicket/diff/74e77676
Branch: refs/heads/master
Commit: 74e7767635b5f1f20c61c07be34c4141e1da2571
Parents: 3bf98ca
Author: svenmeier <sv...@apache.org>
Authored: Tue Mar 12 15:16:16 2013 +0100
Committer: svenmeier <sv...@apache.org>
Committed: Tue Mar 12 15:16:16 2013 +0100
----------------------------------------------------------------------
.../core/request/mapper/BookmarkableMapper.java | 39 ++++++++++-----
.../wicket/settings/ISecuritySettingsTest.java | 8 +++
2 files changed, 34 insertions(+), 13 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/wicket/blob/74e77676/wicket-core/src/main/java/org/apache/wicket/core/request/mapper/BookmarkableMapper.java
----------------------------------------------------------------------
diff --git a/wicket-core/src/main/java/org/apache/wicket/core/request/mapper/BookmarkableMapper.java b/wicket-core/src/main/java/org/apache/wicket/core/request/mapper/BookmarkableMapper.java
index f8c7ffe..b1418bf 100644
--- a/wicket-core/src/main/java/org/apache/wicket/core/request/mapper/BookmarkableMapper.java
+++ b/wicket-core/src/main/java/org/apache/wicket/core/request/mapper/BookmarkableMapper.java
@@ -17,6 +17,8 @@
package org.apache.wicket.core.request.mapper;
import org.apache.wicket.Application;
+import org.apache.wicket.core.request.handler.PageProvider;
+import org.apache.wicket.core.request.handler.RenderPageRequestHandler;
import org.apache.wicket.request.Request;
import org.apache.wicket.request.Url;
import org.apache.wicket.request.component.IRequestablePage;
@@ -28,21 +30,21 @@ import org.apache.wicket.util.lang.Args;
/**
* Decodes and encodes the following URLs:
- *
+ *
* <pre>
* Page Class - Render (BookmarkablePageRequestHandler)
* /wicket/bookmarkable/org.apache.wicket.MyPage
* (will redirect to hybrid alternative if page is not stateless)
- *
+ *
* Page Instance - Render Hybrid (RenderPageRequestHandler for pages that were created using bookmarkable URLs)
* /wicket/bookmarkable/org.apache.wicket.MyPage?2
- *
+ *
* Page Instance - Bookmarkable Listener (BookmarkableListenerInterfaceRequestHandler)
* /wicket/bookmarkable/org.apache.wicket.MyPage?2-click-foo-bar-baz
* /wicket/bookmarkable/org.apache.wicket.MyPage?2-click.1-foo-bar-baz (1 is behavior index)
* (these will redirect to hybrid if page is not stateless)
* </pre>
- *
+ *
* @author Matej Knopp
*/
public class BookmarkableMapper extends AbstractBookmarkableMapper
@@ -51,7 +53,7 @@ public class BookmarkableMapper extends AbstractBookmarkableMapper
/**
* Construct.
- *
+ *
* @param pageParametersEncoder
*/
public BookmarkableMapper(IPageParametersEncoder pageParametersEncoder)
@@ -91,14 +93,6 @@ public class BookmarkableMapper extends AbstractBookmarkableMapper
@Override
protected UrlInfo parseRequest(Request request)
{
- if (Application.exists())
- {
- if (Application.get().getSecuritySettings().getEnforceMounts())
- {
- return null;
- }
- }
-
Url url = request.getUrl();
if (matches(url))
{
@@ -111,6 +105,25 @@ public class BookmarkableMapper extends AbstractBookmarkableMapper
if (pageClass != null && IRequestablePage.class.isAssignableFrom(pageClass))
{
+ if (Application.exists())
+ {
+ Application application = Application.get();
+
+ if (application.getSecuritySettings().getEnforceMounts())
+ {
+ // we make an excepion if the homepage itself was mounted, see WICKET-1898
+ if (!pageClass.equals(application.getHomePage()))
+ {
+ // WICKET-5094 only enforce mount if page is mounted
+ Url reverseUrl = application.getRootRequestMapper().mapHandler(
+ new RenderPageRequestHandler(new PageProvider(pageClass)));
+ if (!matches(reverseUrl))
+ {
+ return null;
+ }
+ }
+ }
+ }
// extract the PageParameters from URL if there are any
PageParameters pageParameters = extractPageParameters(request, 3,
http://git-wip-us.apache.org/repos/asf/wicket/blob/74e77676/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java
----------------------------------------------------------------------
diff --git a/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java b/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java
index ddcde75..7822531 100644
--- a/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java
+++ b/wicket-core/src/test/java/org/apache/wicket/settings/ISecuritySettingsTest.java
@@ -58,6 +58,14 @@ public class ISecuritySettingsTest extends WicketTestCase
tester.assertRenderedPage(UnknownPage.class);
tester.getApplication().getSecuritySettings().setEnforceMounts(true);
+
+ tester.startPage(pageWithLink);
+ tester.assertRenderedPage(MockPageWithLink.class);
+ tester.clickLink(MockPageWithLink.LINK_ID);
+ tester.assertRenderedPage(UnknownPage.class);
+
+ tester.getApplication().mountPackage("unknown", UnknownPage.class);
+
tester.startPage(pageWithLink);
tester.assertRenderedPage(MockPageWithLink.class);
tester.clickLink(MockPageWithLink.LINK_ID);