struts git commit: WW-4526 Checks if passed in scheme param is valid

Mon, 19 Oct 2015 23:17:21 -0700 

Repository: struts
Updated Branches:
  refs/heads/support-2-3 d15424ee5 -> 3e2d5da12


WW-4526 Checks if passed in scheme param is valid


Project: http://git-wip-us.apache.org/repos/asf/struts/repo
Commit: http://git-wip-us.apache.org/repos/asf/struts/commit/3e2d5da1
Tree: http://git-wip-us.apache.org/repos/asf/struts/tree/3e2d5da1
Diff: http://git-wip-us.apache.org/repos/asf/struts/diff/3e2d5da1

Branch: refs/heads/support-2-3
Commit: 3e2d5da12c3bc426df346554d9d53cf9b6f09c1a
Parents: d15424e
Author: Lukasz Lenart <lukasz.len...@gmail.com>
Authored: Tue Oct 20 08:16:41 2015 +0200
Committer: Lukasz Lenart <lukasz.len...@gmail.com>
Committed: Tue Oct 20 08:16:41 2015 +0200

----------------------------------------------------------------------
 .../org/apache/struts2/views/util/DefaultUrlHelper.java  | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/struts/blob/3e2d5da1/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
----------------------------------------------------------------------
diff --git 
a/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java 
b/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
index 460c138..4d20ee2 100644
--- a/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
+++ b/core/src/main/java/org/apache/struts2/views/util/DefaultUrlHelper.java
@@ -85,12 +85,17 @@ public class DefaultUrlHelper implements UrlHelper {
        return buildUrl(action, request, response, params, scheme, 
includeContext, encodeResult, forceAddSchemeHostAndPort, true);
     }
 
-    public String buildUrl(String action, HttpServletRequest request, 
HttpServletResponse response, Map<String, Object> params, String scheme,
+    public String buildUrl(String action, HttpServletRequest request, 
HttpServletResponse response, Map<String, Object> params, String urlScheme,
                            boolean includeContext, boolean encodeResult, 
boolean forceAddSchemeHostAndPort, boolean escapeAmp) {
 
         StringBuilder link = new StringBuilder();
         boolean changedScheme = false;
 
+        String scheme = null;
+        if (isValidScheme(urlScheme)) {
+            scheme = urlScheme;
+        }
+
         // only append scheme if it is different to the current scheme *OR*
         // if we explicity want it to be appended by having 
forceAddSchemeHostAndPort = true
         if (forceAddSchemeHostAndPort) {
@@ -241,6 +246,10 @@ public class DefaultUrlHelper implements UrlHelper {
         }
     }
 
+    protected boolean isValidScheme(String scheme) {
+        return HTTP_PROTOCOL.equals(scheme) || HTTPS_PROTOCOL.equals(scheme);
+    }
+
     private String buildParameterSubstring(String name, String value) {
         StringBuilder builder = new StringBuilder();
         builder.append(encode(name));

Reply via email to