Author: jleroux
Date: Wed Feb 3 21:09:28 2016
New Revision: 1728375
URL: http://svn.apache.org/viewvc?rev=1728375&view=rev
Log:
Removes all sessionsIds put in URLs -
https://issues.apache.org/jira/browse/OFBIZ-6872
We should always use sessionIds in cookies and newer have sessionsIds in URLs.
So I will remove all sessionsIds in URLs. There are 2 cases:
* the part related to spiders in RequestHandler
* HtmlFormRenderer.appendExternalLoginKey() (there is also an
appendExternalLoginKey method in MacroFormRenderer class but it's not used OOTB)
I also removed some old commented out code in RequestHandler class
There are also many cases where we show the sessionId in logs (using
UtilHttp.getSessionId()) I wonder if we should not keep those commented out or
change the debug info level. Also HttpSessionEvent.getSession().getId() is
directly used in some places for the same purpose (log)
Modified:
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/renderer/html/HtmlFormRenderer.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/renderer/macro/MacroFormRenderer.java
Modified:
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java?rev=1728375&r1=1728374&r2=1728375&view=diff
==============================================================================
---
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
(original)
+++
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
Wed Feb 3 21:09:28 2016
@@ -582,10 +582,6 @@ public class RequestHandler {
}
callRedirect(makeLink(request, response, redirectTarget),
response, request, statusCodeString);
-
- // the old/uglier way: doRequest(request, response,
previousRequest, userLogin, delegator);
-
- // this is needed as the request handled will be taking care
of the view, etc
return;
}
}
@@ -1230,42 +1226,10 @@ public class RequestHandler {
String encodedUrl;
if (encode) {
- boolean isSpider = false;
-
- // if the current request comes from a spider, we will not add the
jsessionid to the link
- if (UtilHttp.checkURLforSpiders(request)) {
- isSpider = true;
- }
-
- if (response != null && !isSpider) {
- encodedUrl = response.encodeURL(newURL.toString());
- } else {
- if (!isSpider) {
- String sessionId = ";jsessionid=" +
request.getSession().getId();
- // this should be inserted just after the "?" for the
parameters, if there is one, or at the end of the string
- int questionIndex = newURL.indexOf("?");
- if (questionIndex == -1) {
- newURL.append(sessionId);
- } else {
- newURL.insert(questionIndex, sessionId);
- }
- }
- if (response != null) {
- encodedUrl = response.encodeURL(newURL.toString());
- } else {
- encodedUrl = newURL.toString();
- }
- }
+ encodedUrl = response.encodeURL(newURL.toString());
} else {
encodedUrl = newURL.toString();
}
- //if (encodedUrl.indexOf("null") > 0) {
- //Debug.logError("in makeLink, controlPath:" + controlPath + "
url:" + url, "");
- //throw new RuntimeException("in makeLink, controlPath:" +
controlPath + " url:" + url);
- //}
-
- //Debug.logInfo("Making URL, encode=" + encode + " for URL: " + newURL
+ "\n encodedUrl: " + encodedUrl, module);
-
return encodedUrl;
}
Modified:
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/renderer/html/HtmlFormRenderer.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/renderer/html/HtmlFormRenderer.java?rev=1728375&r1=1728374&r2=1728375&view=diff
==============================================================================
---
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/renderer/html/HtmlFormRenderer.java
(original)
+++
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/renderer/html/HtmlFormRenderer.java
Wed Feb 3 21:09:28 2016
@@ -2121,7 +2121,6 @@ public class HtmlFormRenderer extends Ht
writer.append(modelFormField.getParameterName(context));
writer.append(",'");
}
-
writer.append(appendExternalLoginKey(lookupField.getFormName(context)));
writer.append("'");
List<String> targetParameterList =
lookupField.getTargetParameterList();
for (String targetParameter: targetParameterList) {
@@ -2155,18 +2154,6 @@ public class HtmlFormRenderer extends Ht
//appendWhitespace(writer);
}
- protected String appendExternalLoginKey(String target) {
- String result = target;
- String sessionId = ";jsessionid=" + request.getSession().getId();
- int questionIndex = target.indexOf("?");
- if (questionIndex == -1) {
- result += sessionId;
- } else {
- result = result.replace("?", sessionId + "?");
- }
- return result;
- }
-
private int getActualPageSize(Map<String, Object> context) {
Integer value = (Integer) context.get("actualPageSize");
return value != null ? value.intValue() : (getHighIndex(context) -
getLowIndex(context));
Modified:
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/renderer/macro/MacroFormRenderer.java
URL:
http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/src/org/ofbiz/widget/renderer/macro/MacroFormRenderer.java?rev=1728375&r1=1728374&r2=1728375&view=diff
==============================================================================
---
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/renderer/macro/MacroFormRenderer.java
(original)
+++
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/renderer/macro/MacroFormRenderer.java
Wed Feb 3 21:09:28 2016
@@ -2263,18 +2263,6 @@ public final class MacroFormRenderer imp
this.appendTooltip(writer, context, modelFormField);
}
- protected String appendExternalLoginKey(String target) {
- String result = target;
- String sessionId = ";jsessionid=" + request.getSession().getId();
- int questionIndex = target.indexOf("?");
- if (questionIndex == -1) {
- result += sessionId;
- } else {
- result = result.replace("?", sessionId + "?");
- }
- return result;
- }
-
public void renderNextPrev(Appendable writer, Map<String, Object> context,
ModelForm modelForm) throws IOException {
boolean ajaxEnabled = false;
List<ModelForm.UpdateArea> updateAreas =
modelForm.getOnPaginateUpdateAreas();
