let HttpsRequestCycleProcessor allow https without forcing it
-------------------------------------------------------------
Key: WICKET-2998
URL: https://issues.apache.org/jira/browse/WICKET-2998
Project: Wicket
Issue Type: Improvement
Components: wicket
Affects Versions: 1.4.10
Reporter: Stefan Fussenegger
Priority: Minor
Currently, HttpsRequestCycleProcessor forces HTTP or HTTPS depending on
@RequireHttps. For some resources (Facebook xd_receiver.html in my special
case) it is important to allow both versions. I'd suggest a @AllowHttps
annotation that's used in the exact same way as it's existing counterpart.
Unfortunately, overwriting the current implementation isn't straightforward due
to various visibility issues and final methods. Allthough overwriting
checkSecureIncoming(IRequestTarget) and checkSecureOutgoing(IRequestTarget)
works it isn't pretty as it requires duplication of quite some code in order to
mimic the same behavior for @AllowHttps
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
