[
https://issues.apache.org/jira/browse/WICKET-1728?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Peter Ertl updated WICKET-1728:
-------------------------------
Description:
LocalizedImageResource contains an unnecessary check that is not needed anymore:
When you try this:
JAVA
add(new Image("icon"));
HTML
<img wicket:id="icon" src="../../images/icon.gif"/>
You will fail with
WicketRuntimeException: "The 'src' attribute must not contain any of the
following strings: '..', './', '/.': ........
After some investigation I found that
org.apache.wicket.markup.html.image.resource.LocalizedImageResource
contains the following check:
private void loadStaticImage(final String path)
{
if ((path.indexOf("..") != -1) || (path.indexOf("./") != -1) ||
(path.indexOf("/.") != -1))
{
throw new WicketRuntimeException(
"The 'src' attribute must not contain any of
the following strings: '..', './', '/.': path=" +
path);
}
// SNIP
final Class scope = parent.getClass();
resourceReference = new ResourceReference(scope, path)
{
// SNIP
};
// SNIP
}
As some wicket devs will probably remember wicket couldn't handle
parent-relative (..) links in the past. However, since WICKET-1428 was applied
successfully this now works in 1.3 and 1.4. I removed the check and could
successfully test the above example.
The image link will looks like this:
resources/testapp.pages.TestPage/$up$/$up$/images/icon.gif
See https://issues.apache.org/jira/browse/WICKET-1428 for details.
So please remove that obsolete check (patches are included).
was:
When you try this:
JAVA
add(new Image("icon"));
HTML
<img wicket:id="icon" src="../../images/icon.gif"/>
You will fail with
WicketRuntimeException: "The 'src' attribute must not contain any of the
following strings: '..', './', '/.': ........
After some investigation I found that
org.apache.wicket.markup.html.image.resource.LocalizedImageResource
contains the following check:
private void loadStaticImage(final String path)
{
if ((path.indexOf("..") != -1) || (path.indexOf("./") != -1) ||
(path.indexOf("/.") != -1))
{
throw new WicketRuntimeException(
"The 'src' attribute must not contain any of
the following strings: '..', './', '/.': path=" +
path);
}
// SNIP
final Class scope = parent.getClass();
resourceReference = new ResourceReference(scope, path)
{
// SNIP
};
// SNIP
}
As some wicket devs will probably remember wicket couldn't handle
parent-relative (..) links in the past. However, since WICKET-1428 was applied
successfully this now works in 1.3 and 1.4. I removed the check and could
successfully test the above example.
The image link will looks like this:
resources/testapp.pages.TestPage/$up$/$up$/images/icon.gif
See https://issues.apache.org/jira/browse/WICKET-1428 for details.
So please remove that obsolete check (patches are included).
> remove obsolete check from LocalizedImageResource
> -------------------------------------------------
>
> Key: WICKET-1728
> URL: https://issues.apache.org/jira/browse/WICKET-1728
> Project: Wicket
> Issue Type: Bug
> Components: wicket
> Reporter: Peter Ertl
> Attachments: wicket-1.3.x.patch, wicket-1.4.x.patch
>
>
> LocalizedImageResource contains an unnecessary check that is not needed
> anymore:
> When you try this:
> JAVA
> add(new Image("icon"));
> HTML
> <img wicket:id="icon" src="../../images/icon.gif"/>
> You will fail with
> WicketRuntimeException: "The 'src' attribute must not contain any of the
> following strings: '..', './', '/.': ........
> After some investigation I found that
> org.apache.wicket.markup.html.image.resource.LocalizedImageResource
> contains the following check:
> private void loadStaticImage(final String path)
> {
> if ((path.indexOf("..") != -1) || (path.indexOf("./") != -1) ||
> (path.indexOf("/.") != -1))
> {
> throw new WicketRuntimeException(
> "The 'src' attribute must not contain any of
> the following strings: '..', './', '/.': path=" +
> path);
> }
> // SNIP
> final Class scope = parent.getClass();
> resourceReference = new ResourceReference(scope, path)
> {
> // SNIP
> };
> // SNIP
> }
> As some wicket devs will probably remember wicket couldn't handle
> parent-relative (..) links in the past. However, since WICKET-1428 was
> applied successfully this now works in 1.3 and 1.4. I removed the check and
> could successfully test the above example.
> The image link will looks like this:
> resources/testapp.pages.TestPage/$up$/$up$/images/icon.gif
> See https://issues.apache.org/jira/browse/WICKET-1428 for details.
> So please remove that obsolete check (patches are included).
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
