[ICE-1723] Auto-add single quotes to the connectionLostRedirectURI to avoid js errors - ICEsoft JIRA Issue Tracker

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.6DR#5
Fix Version/s: 1.7.1
Component/s: Framework
Labels:
None
Environment:
any

Support Case References:
https://www.icesoft.ca:4443/supportilla/show_bug.cgi?id=4833

Description

If you specify the connectionLostRedirectURI in your web.xml and forget to single quote the URL, the resulting js configuration string will be corrupted. We should check for this when loading the parameter.

Activity

Ascending order - Click to sort in descending order

Hide

Permalink

Philip Breau added a comment - 29/Jun/07 8:11 PM

suggested fix:

Index: C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/context/DOMResponseWriter.java
===================================================================
— C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/context/DOMResponseWriter.java (revision 14269)
+++ C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/context/DOMResponseWriter.java (working copy)
@@ -354,10 +354,15 @@
ElementController.from(session).addInto(body);

String sessionIDScript = "window.session='" + context.getIceFacesId() + "'; ";
+ String connectionLostRedirectURI = configuration.getAttributeAsSingleQuotedRelativeURL("connectionLostRedirectURI", "null");
+ if( connectionLostRedirectURI == null )

{ + log.warn( configuration.getAttribute("connectionLostRedirectURI","") + " is not a valid URL for 'connectionLostRedirectURI'"); + connectionLostRedirectURI = "null"; + }

String configurationScript =
"window.configuration = {" +
"synchronous: " + configuration.getAttribute("synchronousUpdate", "false") + "," +

"redirectURI: " + configuration.getAttribute("connectionLostRedirectURI", "null") + "," +
+ "redirectURI: " + connectionLostRedirectURI + "," +
"connection: {" +
"context: '" + context.getApplication().getViewHandler().getResourceURL(context, "/") + "'," +
"timeout: " + configuration.getAttributeAsLong("connectionTimeout", 30000) + "," +

Index: C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/webapp/http/common/Configuration.java
===================================================================
— C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/webapp/http/common/Configuration.java (revision 14269)
+++ C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/webapp/http/common/Configuration.java (working copy)
@@ -1,5 +1,10 @@
package com.icesoft.faces.webapp.http.common;

+import java.util.regex.Pattern;
+
+import javax.faces.context.FacesContext;
+
+
public abstract class Configuration

{ public abstract String getName(); @@ -147,4 +152,43 @@ return defaultValue; }

}
+
+ public String getAttributeAsSingleQuotedRelativeURL(String name, String defaultValue){
+ String result = defaultValue;
+ try{
+ result = getAttributeAsRelativeURL(name,defaultValue);
+ if( result != null && !result.equals(defaultValue))

{ + + //modify url to ensure it starts with '/ and ends with ' + if( result.startsWith("'")) + result = result.substring(1); + if( result.startsWith("/")) + result = result.substring(1); + result = "'/" + result; + if( !result.endsWith("'")) + result += "'"; + }

+ }
+ catch( ConfigurationException e)

{ + result = null; + }

+
+ return result;
+ }
+
+ public String getAttributeAsRelativeURL(String name, String defaultValue)
+ throws ConfigurationException{
+ String result = getAttribute(name);
+ if( result != null ){
+ result = result.trim();
+ if( ! Pattern.matches("^/\\S./+$", result) )

{ + throw new ConfigurationException( result + " is not a valid URL for " + name); + }

+
+ return result;
+ }
+ return defaultValue;
+ }
+
+
}

Show

Philip Breau added a comment - 29/Jun/07 8:11 PM suggested fix: Index: C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/context/DOMResponseWriter.java =================================================================== — C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/context/DOMResponseWriter.java (revision 14269) +++ C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/context/DOMResponseWriter.java (working copy) @@ -354,10 +354,15 @@ ElementController.from(session).addInto(body); String sessionIDScript = "window.session='" + context.getIceFacesId() + "'; "; + String connectionLostRedirectURI = configuration.getAttributeAsSingleQuotedRelativeURL("connectionLostRedirectURI", "null"); + if( connectionLostRedirectURI == null ) { + log.warn( configuration.getAttribute("connectionLostRedirectURI","") + " is not a valid URL for 'connectionLostRedirectURI'"); + connectionLostRedirectURI = "null"; + } String configurationScript = "window.configuration = {" + "synchronous: " + configuration.getAttribute("synchronousUpdate", "false") + "," + "redirectURI: " + configuration.getAttribute("connectionLostRedirectURI", "null") + "," + + "redirectURI: " + connectionLostRedirectURI + "," + "connection: {" + "context: '" + context.getApplication().getViewHandler().getResourceURL(context, "/") + "'," + "timeout: " + configuration.getAttributeAsLong("connectionTimeout", 30000) + "," + Index: C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/webapp/http/common/Configuration.java =================================================================== — C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/webapp/http/common/Configuration.java (revision 14269) +++ C:/Users/Philip/workspace/ICEfaces Head/icefaces/core/src/com/icesoft/faces/webapp/http/common/Configuration.java (working copy) @@ -1,5 +1,10 @@ package com.icesoft.faces.webapp.http.common; +import java.util.regex.Pattern; + +import javax.faces.context.FacesContext; + + public abstract class Configuration { public abstract String getName(); @@ -147,4 +152,43 @@ return defaultValue; } } + + public String getAttributeAsSingleQuotedRelativeURL(String name, String defaultValue){ + String result = defaultValue; + try{ + result = getAttributeAsRelativeURL(name,defaultValue); + if( result != null && !result.equals(defaultValue)) { + + //modify url to ensure it starts with '/ and ends with ' + if( result.startsWith("'")) + result = result.substring(1); + if( result.startsWith("/")) + result = result.substring(1); + result = "'/" + result; + if( !result.endsWith("'")) + result += "'"; + } + } + catch( ConfigurationException e) { + result = null; + } + + return result; + } + + public String getAttributeAsRelativeURL(String name, String defaultValue) + throws ConfigurationException{ + String result = getAttribute(name); + if( result != null ){ + result = result.trim(); + if( ! Pattern.matches("^/ \\S./ +$", result) ) { + throw new ConfigurationException( result + " is not a valid URL for " + name); + } + + return result; + } + return defaultValue; + } + + }

Hide

Permalink

Mircea Toma added a comment - 14/May/08 4:58 PM

Add single quotes. Remove single quotes set by user.

Show

Mircea Toma added a comment - 14/May/08 4:58 PM Add single quotes. Remove single quotes set by user.

Auto-add single quotes to the connectionLostRedirectURI to avoid js errors

Details

Description

Activity

People

Dates