If everyone's in favor I'd say we just go for it and change them all in bulk On 30 Dec 2014 20:31, "Jacopo Cappellato" <[email protected]> wrote:
> I agree with both of you: these strings should be private and should > follow the naming convention of constants (MODULE); Adrian, I also agree it > is a good time to discuss this with the community. > There are currently 29 "module" strings that are private and 676 that are > public. > Should we bulk change them all to private or to public? It will be a > rather easy string replacement. > Bulk converting module to MODULE would be a little bit trickier but still > possible; is it something we should do now or just something to do in small > parts? > > Jacopo > > > On Dec 29, 2014, at 8:17 PM, Scott Gray <[email protected]> > wrote: > > > I'm in favor of making them private, I'm also in favor using MODULE > instead > > of module. > > > > Regards > > Scott > > On 30 Dec 2014 07:36, "Adrian Crum" <[email protected]> > > wrote: > > > >> +public class UtilCodec { > >> + private static final String module = UtilCodec.class.getName(); > >> > >> The last time I made the module field private someone complained that it > >> doesn't follow the de-facto standard of making it public. My personal > >> preference is to make it private, but there needs to be an agreement > within > >> the community. > >> > >> Adrian Crum > >> Sandglass Software > >> www.sandglass-software.com > >> > >> On 12/29/2014 6:24 PM, [email protected] wrote: > >> > >>> Author: jacopoc > >>> Date: Mon Dec 29 18:24:57 2014 > >>> New Revision: 1648403 > >>> > >>> URL: http://svn.apache.org/r1648403 > >>> Log: > >>> Moved code dependent on OWASP ESAPI and utilities for codec tasks from > >>> StringUtil to a new UtilCodec class: now the UtilCodec class is the > only > >>> class dependent on OWASP ESAPI. > >>> The DefaultEncoder from OWASP ESAPI, used internally by UtilCodec is > now > >>> built with the default constructor that also adds the JavascriptCodec > to > >>> the list of codecs used to canonicalize and validate the input. > >>> Renamed the UrlEncoder class to UrlCodec in order to better describe > its > >>> behavior. > >>> Misc minor cleanups. > >>> Added to the list of tests of the base component a series of Junit test > >>> classes that were missing. > >>> > >>> > >>> Added: > >>> ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilCodec.java > >>> (with props) > >>> > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilCodecTests.java > >>> (with props) > >>> > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilHttpTests.java > >>> (with props) > >>> Modified: > >>> ofbiz/trunk/applications/content/src/org/ofbiz/content/ > >>> content/ContentUrlFilter.java > >>> ofbiz/trunk/framework/base/src/org/ofbiz/base/util/StringUtil.java > >>> ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java > >>> ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ > >>> template/FreeMarkerWorker.java > >>> ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/ > >>> StringUtilTests.java > >>> ofbiz/trunk/framework/base/testdef/basetests.xml > >>> ofbiz/trunk/framework/common/src/org/ofbiz/common/ > >>> CommonServices.java > >>> ofbiz/trunk/framework/service/src/org/ofbiz/service/ > >>> ModelService.java > >>> ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ > >>> ControlServlet.java > >>> ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ > >>> RequestHandler.java > >>> ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ > >>> OfbizContentTransform.java > >>> ofbiz/trunk/framework/webtools/src/org/ofbiz/webtools/labelmanager/ > >>> LabelManagerFactory.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/WidgetWorker.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ > >>> MacroFormRenderer.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ > >>> ModelForm.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ > >>> ModelFormField.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/html/ > >>> HtmlFormRenderer.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/html/ > >>> HtmlMenuRenderer.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ > >>> MacroMenuRenderer.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/ > >>> ModelMenuItem.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ > >>> HtmlWidget.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ > >>> MacroScreenViewHandler.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ > >>> ModelScreenWidget.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/ > >>> ScreenFopViewHandler.java > >>> ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/ > >>> ModelTree.java > >>> ofbiz/trunk/specialpurpose/ebay/src/org/ofbiz/ebay/ > >>> ProductsExportToEbay.java > >>> > >>> Modified: ofbiz/trunk/applications/content/src/org/ofbiz/content/ > >>> content/ContentUrlFilter.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/ > >>> content/src/org/ofbiz/content/content/ContentUrlFilter.java? > >>> rev=1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/applications/content/src/org/ofbiz/content/content/ContentUrlFilter.java > >>> (original) > >>> +++ > ofbiz/trunk/applications/content/src/org/ofbiz/content/content/ContentUrlFilter.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -31,7 +31,7 @@ import javax.servlet.http.HttpServletReq > >>> import javax.servlet.http.HttpServletResponse; > >>> > >>> import org.ofbiz.base.util.Debug; > >>> -import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilHttp; > >>> import org.ofbiz.base.util.UtilValidate; > >>> import org.ofbiz.common.UrlServletHelper; > >>> @@ -117,7 +117,7 @@ public class ContentUrlFilter extends Co > >>> .queryFirst(); > >>> if (contentAssocDataResource != null) { > >>> url = contentAssocDataResource. > >>> getString("drObjectInfo"); > >>> - url = StringUtil.getDecoder("url").decode(url); > >>> + url = UtilCodec.getDecoder("url").decode(url); > >>> String mountPoint = request.getContextPath(); > >>> if (!(mountPoint.equals("/")) && > >>> !(mountPoint.equals(""))) { > >>> url = mountPoint + url; > >>> > >>> Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ > >>> StringUtil.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/ > >>> src/org/ofbiz/base/util/StringUtil.java?rev=1648403& > >>> r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/StringUtil.java > >>> (original) > >>> +++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/StringUtil.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -21,7 +21,6 @@ package org.ofbiz.base.util; > >>> import java.io.UnsupportedEncodingException; > >>> import java.net.URLDecoder; > >>> import java.net.URLEncoder; > >>> -import java.util.Arrays; > >>> import java.util.Collection; > >>> import java.util.HashMap; > >>> import java.util.HashSet; > >>> @@ -36,12 +35,6 @@ import java.util.regex.Pattern; > >>> import org.apache.commons.codec.DecoderException; > >>> import org.apache.commons.codec.binary.Hex; > >>> import org.ofbiz.base.lang.Appender; > >>> -import org.owasp.esapi.codecs.Codec; > >>> -import org.owasp.esapi.codecs.HTMLEntityCodec; > >>> -import org.owasp.esapi.codecs.PercentCodec; > >>> -import org.owasp.esapi.errors.EncodingException; > >>> -import org.owasp.esapi.errors.IntrusionException; > >>> -import org.owasp.esapi.reference.DefaultEncoder; > >>> > >>> /** > >>> * Misc String Utility Functions > >>> @@ -54,11 +47,7 @@ public class StringUtil { > >>> // FIXME: Not thread safe > >>> protected static final Map<String, Pattern> > substitutionPatternMap; > >>> > >>> - private static final DefaultEncoder defaultWebEncoder; > >>> static { > >>> - // possible codecs: CSSCodec, HTMLEntityCodec, > JavaScriptCodec, > >>> MySQLCodec, OracleCodec, PercentCodec, UnixCodec, VBScriptCodec, > >>> WindowsCodec > >>> - List<Codec> codecList = Arrays.asList(new HTMLEntityCodec(), > new > >>> PercentCodec()); > >>> - defaultWebEncoder = new DefaultEncoder(codecList); > >>> substitutionPatternMap = new HashMap<String, Pattern>(); > >>> substitutionPatternMap.put("&&", Pattern.compile("@and", > >>> Pattern.LITERAL)); > >>> substitutionPatternMap.put("||", Pattern.compile("@or", > >>> Pattern.LITERAL)); > >>> @@ -68,87 +57,9 @@ public class StringUtil { > >>> substitutionPatternMap.put(">", Pattern.compile("@gt", > >>> Pattern.LITERAL)); > >>> } > >>> > >>> - private static final HtmlEncoder htmlEncoder = new HtmlEncoder(); > >>> - private static final XmlEncoder xmlEncoder = new XmlEncoder(); > >>> - private static final StringEncoder stringEncoder = new > >>> StringEncoder(); > >>> - private static final UrlEncoder urlEncoder = new UrlEncoder(); > >>> - > >>> private StringUtil() { > >>> } > >>> > >>> - public static interface SimpleEncoder { > >>> - public String encode(String original); > >>> - } > >>> - > >>> - public static interface SimpleDecoder { > >>> - public String decode(String original); > >>> - } > >>> - > >>> - public static class HtmlEncoder implements SimpleEncoder { > >>> - public String encode(String original) { > >>> - return > StringUtil.defaultWebEncoder.encodeForHTML(original); > >>> - } > >>> - } > >>> - > >>> - public static class XmlEncoder implements SimpleEncoder { > >>> - public String encode(String original) { > >>> - return > StringUtil.defaultWebEncoder.encodeForXML(original); > >>> - } > >>> - } > >>> - > >>> - public static class UrlEncoder implements SimpleEncoder, > >>> SimpleDecoder { > >>> - public String encode(String original) { > >>> - try { > >>> - return StringUtil.defaultWebEncoder. > >>> encodeForURL(original); > >>> - } catch (EncodingException ee) { > >>> - Debug.logError(ee, module); > >>> - return null; > >>> - } > >>> - } > >>> - > >>> - public String decode(String original) { > >>> - try { > >>> - return StringUtil.defaultWebEncoder. > >>> decodeFromURL(original); > >>> - } catch (EncodingException ee) { > >>> - Debug.logError(ee, module); > >>> - return null; > >>> - } > >>> - } > >>> - } > >>> - > >>> - public static class StringEncoder implements SimpleEncoder { > >>> - public String encode(String original) { > >>> - if (original != null) { > >>> - original = original.replace("\"", "\\\""); > >>> - } > >>> - return original; > >>> - } > >>> - } > >>> - > >>> - // ================== Begin General Functions ================== > >>> - > >>> - public static SimpleEncoder getEncoder(String type) { > >>> - if ("url".equals(type)) { > >>> - return StringUtil.urlEncoder; > >>> - } else if ("xml".equals(type)) { > >>> - return StringUtil.xmlEncoder; > >>> - } else if ("html".equals(type)) { > >>> - return StringUtil.htmlEncoder; > >>> - } else if ("string".equals(type)) { > >>> - return StringUtil.stringEncoder; > >>> - } else { > >>> - return null; > >>> - } > >>> - } > >>> - > >>> - public static SimpleDecoder getDecoder(String type) { > >>> - if ("url".equals(type)) { > >>> - return StringUtil.urlEncoder; > >>> - } else { > >>> - return null; > >>> - } > >>> - } > >>> - > >>> public static String internString(String value) { > >>> return value != null ? value.intern() : null; > >>> } > >>> @@ -623,70 +534,6 @@ public class StringUtil { > >>> return result; > >>> } > >>> > >>> - public static String canonicalize(String value) throws > >>> IntrusionException { > >>> - return defaultWebEncoder.canonicalize(value); > >>> - } > >>> - > >>> - public static String canonicalize(String value, boolean strict) > >>> throws IntrusionException { > >>> - return defaultWebEncoder.canonicalize(value, strict); > >>> - } > >>> - /** > >>> - * Uses a black-list approach for necessary characters for HTML. > >>> - * Does not allow various characters (after canonicalization), > >>> including "<", ">", "&" (if not followed by a space), and "%" (if not > >>> followed by a space). > >>> - * > >>> - * @param value > >>> - * @param errorMessageList > >>> - */ > >>> - public static String checkStringForHtmlStrictNone(String > valueName, > >>> String value, List<String> errorMessageList) { > >>> - if (UtilValidate.isEmpty(value)) return value; > >>> - > >>> - // canonicalize, strict (error on double-encoding) > >>> - try { > >>> - value = canonicalize(value, true); > >>> - } catch (IntrusionException e) { > >>> - // NOTE: using different log and user targeted error > >>> messages to allow the end-user message to be less technical > >>> - Debug.logError("Canonicalization (format consistency, > >>> character escaping that is mixed or double, etc) error for attribute > named > >>> [" + valueName + "], String [" + value + "]: " + e.toString(), module); > >>> - errorMessageList.add("In field [" + valueName + "] found > >>> character escaping (mixed or double) that is not allowed or other > format > >>> consistency error: " + e.toString()); > >>> - } > >>> - > >>> - // check for "<", ">" > >>> - if (value.indexOf("<") >= 0 || value.indexOf(">") >= 0) { > >>> - errorMessageList.add("In field [" + valueName + "] > less-than > >>> (<) and greater-than (>) symbols are not allowed."); > >>> - } > >>> - > >>> - /* NOTE DEJ 20090311: After playing with this more this > doesn't > >>> seem to be necessary; the canonicalize will convert all such characters > >>> into actual text before this check is done, including other illegal > chars > >>> like < which will canonicalize to < and then get caught > >>> - // check for & followed a semicolon within 7 characters, no > >>> spaces in-between (and perhaps other things sometime?) > >>> - int curAmpIndex = value.indexOf("&"); > >>> - while (curAmpIndex > -1) { > >>> - int semicolonIndex = value.indexOf(";", curAmpIndex + 1); > >>> - int spaceIndex = value.indexOf(" ", curAmpIndex + 1); > >>> - if (semicolonIndex > -1 && (semicolonIndex - curAmpIndex > <= > >>> 7) && (spaceIndex < 0 || (spaceIndex > curAmpIndex && spaceIndex < > >>> semicolonIndex))) { > >>> - errorMessageList.add("In field [" + valueName + "] the > >>> ampersand (&) symbol is only allowed if not used as an encoded > character: > >>> no semicolon (;) within 7 spaces or there is a space between."); > >>> - // once we find one like this we have the message so > no > >>> need to check for more > >>> - break; > >>> - } > >>> - curAmpIndex = value.indexOf("&", curAmpIndex + 1); > >>> - } > >>> - */ > >>> - > >>> - /* NOTE DEJ 20090311: After playing with this more this > doesn't > >>> seem to be necessary; the canonicalize will convert all such characters > >>> into actual text before this check is done, including other illegal > chars > >>> like %3C which will canonicalize to < and then get caught > >>> - // check for % followed by 2 hex characters > >>> - int curPercIndex = value.indexOf("%"); > >>> - while (curPercIndex >= 0) { > >>> - if (value.length() > (curPercIndex + 3) && > >>> UtilValidate.isHexDigit(value.charAt(curPercIndex + 1)) && > >>> UtilValidate.isHexDigit(value.charAt(curPercIndex + 2))) { > >>> - errorMessageList.add("In field [" + valueName + "] the > >>> percent (%) symbol is only allowed if followed by a space."); > >>> - // once we find one like this we have the message so > no > >>> need to check for more > >>> - break; > >>> - } > >>> - curPercIndex = value.indexOf("%", curPercIndex + 1); > >>> - } > >>> - */ > >>> - > >>> - // TODO: anything else to check for that can be used to get > HTML > >>> or JavaScript going without these characters? > >>> - > >>> - return value; > >>> - } > >>> - > >>> /** > >>> * Remove/collapse multiple newline characters > >>> * > >>> @@ -807,57 +654,4 @@ public class StringUtil { > >>> return this.theString; > >>> } > >>> } > >>> - > >>> - /** > >>> - * A simple Map wrapper class that will do HTML encoding. To be > used > >>> for passing a Map to something that will expand Strings with it as a > >>> context, etc. > >>> - */ > >>> - public static class HtmlEncodingMapWrapper<K> implements Map<K, > >>> Object> { > >>> - public static <K> HtmlEncodingMapWrapper<K> > >>> getHtmlEncodingMapWrapper(Map<K, Object> mapToWrap, SimpleEncoder > >>> encoder) { > >>> - if (mapToWrap == null) return null; > >>> - > >>> - HtmlEncodingMapWrapper<K> mapWrapper = new > >>> HtmlEncodingMapWrapper<K>(); > >>> - mapWrapper.setup(mapToWrap, encoder); > >>> - return mapWrapper; > >>> - } > >>> - > >>> - protected Map<K, Object> internalMap = null; > >>> - protected SimpleEncoder encoder = null; > >>> - protected HtmlEncodingMapWrapper() { } > >>> - > >>> - public void setup(Map<K, Object> mapToWrap, SimpleEncoder > >>> encoder) { > >>> - this.internalMap = mapToWrap; > >>> - this.encoder = encoder; > >>> - } > >>> - public void reset() { > >>> - this.internalMap = null; > >>> - this.encoder = null; > >>> - } > >>> - > >>> - public int size() { return this.internalMap.size(); } > >>> - public boolean isEmpty() { return this.internalMap.isEmpty(); > } > >>> - public boolean containsKey(Object key) { return > >>> this.internalMap.containsKey(key); } > >>> - public boolean containsValue(Object value) { return > >>> this.internalMap.containsValue(value); } > >>> - public Object get(Object key) { > >>> - Object theObject = this.internalMap.get(key); > >>> - if (theObject instanceof String) { > >>> - if (this.encoder != null) { > >>> - return encoder.encode((String) theObject); > >>> - } else { > >>> - return > StringUtil.defaultWebEncoder.encodeForHTML((String) > >>> theObject); > >>> - } > >>> - } else if (theObject instanceof Map<?, ?>) { > >>> - return > HtmlEncodingMapWrapper.getHtmlEncodingMapWrapper(UtilGenerics.<K, > >>> Object>checkMap(theObject), this.encoder); > >>> - } > >>> - return theObject; > >>> - } > >>> - public Object put(K key, Object value) { return > >>> this.internalMap.put(key, value); } > >>> - public Object remove(Object key) { return > >>> this.internalMap.remove(key); } > >>> - public void putAll(Map<? extends K, ? extends Object> arg0) { > >>> this.internalMap.putAll(arg0); } > >>> - public void clear() { this.internalMap.clear(); } > >>> - public Set<K> keySet() { return this.internalMap.keySet(); } > >>> - public Collection<Object> values() { return > >>> this.internalMap.values(); } > >>> - public Set<Map.Entry<K, Object>> entrySet() { return > >>> this.internalMap.entrySet(); } > >>> - @Override > >>> - public String toString() { return > this.internalMap.toString(); } > >>> - } > >>> } > >>> > >>> Added: > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilCodec.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/ > >>> src/org/ofbiz/base/util/UtilCodec.java?rev=1648403&view=auto > >>> ============================================================ > >>> ================== > >>> --- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilCodec.java > >>> (added) > >>> +++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilCodec.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -0,0 +1,232 @@ > >>> +/********************************************************** > >>> ********************* > >>> + * Licensed to the Apache Software Foundation (ASF) under one > >>> + * or more contributor license agreements. See the NOTICE file > >>> + * distributed with this work for additional information > >>> + * regarding copyright ownership. The ASF licenses this file > >>> + * to you under the Apache License, Version 2.0 (the > >>> + * "License"); you may not use this file except in compliance > >>> + * with the License. You may obtain a copy of the License at > >>> + * > >>> + * http://www.apache.org/licenses/LICENSE-2.0 > >>> + * > >>> + * Unless required by applicable law or agreed to in writing, > >>> + * software distributed under the License is distributed on an > >>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY > >>> + * KIND, either express or implied. See the License for the > >>> + * specific language governing permissions and limitations > >>> + * under the License. > >>> + ************************************************************ > >>> *******************/ > >>> +package org.ofbiz.base.util; > >>> + > >>> +import org.owasp.esapi.errors.IntrusionException; > >>> +import org.owasp.esapi.reference.DefaultEncoder; > >>> + > >>> +import java.io.UnsupportedEncodingException; > >>> +import java.net.URLDecoder; > >>> +import java.net.URLEncoder; > >>> +import java.util.Collection; > >>> +import java.util.List; > >>> +import java.util.Map; > >>> +import java.util.Set; > >>> + > >>> +public class UtilCodec { > >>> + private static final String module = UtilCodec.class.getName(); > >>> + private static final DefaultEncoder defaultWebEncoder = new > >>> DefaultEncoder(); > >>> + private static final HtmlEncoder htmlEncoder = new HtmlEncoder(); > >>> + private static final XmlEncoder xmlEncoder = new XmlEncoder(); > >>> + private static final StringEncoder stringEncoder = new > >>> StringEncoder(); > >>> + private static final UrlCodec urlEncoder = new UrlCodec(); > >>> + > >>> + public static interface SimpleEncoder { > >>> + public String encode(String original); > >>> + } > >>> + > >>> + public static interface SimpleDecoder { > >>> + public String decode(String original); > >>> + } > >>> + > >>> + public static class HtmlEncoder implements SimpleEncoder { > >>> + public String encode(String original) { > >>> + return defaultWebEncoder.encodeForHTML(original); > >>> + } > >>> + } > >>> + > >>> + public static class XmlEncoder implements SimpleEncoder { > >>> + public String encode(String original) { > >>> + return defaultWebEncoder.encodeForXML(original); > >>> + } > >>> + } > >>> + > >>> + public static class UrlCodec implements SimpleEncoder, > SimpleDecoder > >>> { > >>> + public String encode(String original) { > >>> + try { > >>> + return URLEncoder.encode(original, "UTF-8"); > >>> + } catch (UnsupportedEncodingException ee) { > >>> + Debug.logError(ee, module); > >>> + return null; > >>> + } > >>> + } > >>> + > >>> + public String decode(String original) { > >>> + try { > >>> + String canonical = canonicalize(original); > >>> + return URLDecoder.decode(canonical, "UTF-8"); > >>> + } catch (UnsupportedEncodingException ee) { > >>> + Debug.logError(ee, module); > >>> + return null; > >>> + } > >>> + } > >>> + } > >>> + > >>> + public static class StringEncoder implements SimpleEncoder { > >>> + public String encode(String original) { > >>> + if (original != null) { > >>> + original = original.replace("\"", "\\\""); > >>> + } > >>> + return original; > >>> + } > >>> + } > >>> + > >>> + // ================== Begin General Functions ================== > >>> + > >>> + public static SimpleEncoder getEncoder(String type) { > >>> + if ("url".equals(type)) { > >>> + return urlEncoder; > >>> + } else if ("xml".equals(type)) { > >>> + return xmlEncoder; > >>> + } else if ("html".equals(type)) { > >>> + return htmlEncoder; > >>> + } else if ("string".equals(type)) { > >>> + return stringEncoder; > >>> + } else { > >>> + return null; > >>> + } > >>> + } > >>> + > >>> + public static SimpleDecoder getDecoder(String type) { > >>> + if ("url".equals(type)) { > >>> + return urlEncoder; > >>> + } else { > >>> + return null; > >>> + } > >>> + } > >>> + > >>> + public static String canonicalize(String value) throws > >>> IntrusionException { > >>> + return defaultWebEncoder.canonicalize(value); > >>> + } > >>> + > >>> + public static String canonicalize(String value, boolean strict) > >>> throws IntrusionException { > >>> + return defaultWebEncoder.canonicalize(value, strict); > >>> + } > >>> + > >>> + /** > >>> + * Uses a black-list approach for necessary characters for HTML. > >>> + * Does not allow various characters (after canonicalization), > >>> including "<", ">", "&" (if not followed by a space), and "%" (if not > >>> followed by a space). > >>> + * > >>> + * @param value > >>> + * @param errorMessageList > >>> + */ > >>> + public static String checkStringForHtmlStrictNone(String > valueName, > >>> String value, List<String> errorMessageList) { > >>> + if (UtilValidate.isEmpty(value)) return value; > >>> + > >>> + // canonicalize, strict (error on double-encoding) > >>> + try { > >>> + value = canonicalize(value, true); > >>> + } catch (IntrusionException e) { > >>> + // NOTE: using different log and user targeted error > >>> messages to allow the end-user message to be less technical > >>> + Debug.logError("Canonicalization (format consistency, > >>> character escaping that is mixed or double, etc) error for attribute > named > >>> [" + valueName + "], String [" + value + "]: " + e.toString(), module); > >>> + errorMessageList.add("In field [" + valueName + "] found > >>> character escaping (mixed or double) that is not allowed or other > format > >>> consistency error: " + e.toString()); > >>> + } > >>> + > >>> + // check for "<", ">" > >>> + if (value.indexOf("<") >= 0 || value.indexOf(">") >= 0) { > >>> + errorMessageList.add("In field [" + valueName + "] > less-than > >>> (<) and greater-than (>) symbols are not allowed."); > >>> + } > >>> + > >>> + /* NOTE DEJ 20090311: After playing with this more this > doesn't > >>> seem to be necessary; the canonicalize will convert all such characters > >>> into actual text before this check is done, including other illegal > chars > >>> like < which will canonicalize to < and then get caught > >>> + // check for & followed a semicolon within 7 characters, no > >>> spaces in-between (and perhaps other things sometime?) > >>> + int curAmpIndex = value.indexOf("&"); > >>> + while (curAmpIndex > -1) { > >>> + int semicolonIndex = value.indexOf(";", curAmpIndex + 1); > >>> + int spaceIndex = value.indexOf(" ", curAmpIndex + 1); > >>> + if (semicolonIndex > -1 && (semicolonIndex - curAmpIndex > <= > >>> 7) && (spaceIndex < 0 || (spaceIndex > curAmpIndex && spaceIndex < > >>> semicolonIndex))) { > >>> + errorMessageList.add("In field [" + valueName + "] the > >>> ampersand (&) symbol is only allowed if not used as an encoded > character: > >>> no semicolon (;) within 7 spaces or there is a space between."); > >>> + // once we find one like this we have the message so > no > >>> need to check for more > >>> + break; > >>> + } > >>> + curAmpIndex = value.indexOf("&", curAmpIndex + 1); > >>> + } > >>> + */ > >>> + > >>> + /* NOTE DEJ 20090311: After playing with this more this > doesn't > >>> seem to be necessary; the canonicalize will convert all such characters > >>> into actual text before this check is done, including other illegal > chars > >>> like %3C which will canonicalize to < and then get caught > >>> + // check for % followed by 2 hex characters > >>> + int curPercIndex = value.indexOf("%"); > >>> + while (curPercIndex >= 0) { > >>> + if (value.length() > (curPercIndex + 3) && > >>> UtilValidate.isHexDigit(value.charAt(curPercIndex + 1)) && > >>> UtilValidate.isHexDigit(value.charAt(curPercIndex + 2))) { > >>> + errorMessageList.add("In field [" + valueName + "] the > >>> percent (%) symbol is only allowed if followed by a space."); > >>> + // once we find one like this we have the message so > no > >>> need to check for more > >>> + break; > >>> + } > >>> + curPercIndex = value.indexOf("%", curPercIndex + 1); > >>> + } > >>> + */ > >>> + > >>> + // TODO: anything else to check for that can be used to get > HTML > >>> or JavaScript going without these characters? > >>> + > >>> + return value; > >>> + } > >>> + > >>> + /** > >>> + * A simple Map wrapper class that will do HTML encoding. To be > used > >>> for passing a Map to something that will expand Strings with it as a > >>> context, etc. > >>> + */ > >>> + public static class HtmlEncodingMapWrapper<K> implements Map<K, > >>> Object> { > >>> + public static <K> HtmlEncodingMapWrapper<K> > >>> getHtmlEncodingMapWrapper(Map<K, Object> mapToWrap, SimpleEncoder > >>> encoder) { > >>> + if (mapToWrap == null) return null; > >>> + > >>> + HtmlEncodingMapWrapper<K> mapWrapper = new > >>> HtmlEncodingMapWrapper<K>(); > >>> + mapWrapper.setup(mapToWrap, encoder); > >>> + return mapWrapper; > >>> + } > >>> + > >>> + protected Map<K, Object> internalMap = null; > >>> + protected SimpleEncoder encoder = null; > >>> + protected HtmlEncodingMapWrapper() { } > >>> + > >>> + public void setup(Map<K, Object> mapToWrap, SimpleEncoder > >>> encoder) { > >>> + this.internalMap = mapToWrap; > >>> + this.encoder = encoder; > >>> + } > >>> + public void reset() { > >>> + this.internalMap = null; > >>> + this.encoder = null; > >>> + } > >>> + > >>> + public int size() { return this.internalMap.size(); } > >>> + public boolean isEmpty() { return this.internalMap.isEmpty(); > } > >>> + public boolean containsKey(Object key) { return > >>> this.internalMap.containsKey(key); } > >>> + public boolean containsValue(Object value) { return > >>> this.internalMap.containsValue(value); } > >>> + public Object get(Object key) { > >>> + Object theObject = this.internalMap.get(key); > >>> + if (theObject instanceof String) { > >>> + if (this.encoder != null) { > >>> + return encoder.encode((String) theObject); > >>> + } else { > >>> + return defaultWebEncoder.encodeForHTML((String) > >>> theObject); > >>> + } > >>> + } else if (theObject instanceof Map<?, ?>) { > >>> + return > HtmlEncodingMapWrapper.getHtmlEncodingMapWrapper(UtilGenerics.<K, > >>> Object>checkMap(theObject), this.encoder); > >>> + } > >>> + return theObject; > >>> + } > >>> + public Object put(K key, Object value) { return > >>> this.internalMap.put(key, value); } > >>> + public Object remove(Object key) { return > >>> this.internalMap.remove(key); } > >>> + public void putAll(Map<? extends K, ? extends Object> arg0) { > >>> this.internalMap.putAll(arg0); } > >>> + public void clear() { this.internalMap.clear(); } > >>> + public Set<K> keySet() { return this.internalMap.keySet(); } > >>> + public Collection<Object> values() { return > >>> this.internalMap.values(); } > >>> + public Set<Map.Entry<K, Object>> entrySet() { return > >>> this.internalMap.entrySet(); } > >>> + @Override > >>> + public String toString() { return > this.internalMap.toString(); } > >>> + } > >>> + > >>> +} > >>> > >>> Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ > >>> UtilCodec.java > >>> ------------------------------------------------------------ > >>> ------------------ > >>> svn:eol-style = native > >>> > >>> Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ > >>> UtilCodec.java > >>> ------------------------------------------------------------ > >>> ------------------ > >>> svn:keywords = Date Rev Author URL Id > >>> > >>> Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ > >>> UtilCodec.java > >>> ------------------------------------------------------------ > >>> ------------------ > >>> svn:mime-type = text/plain > >>> > >>> Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ > >>> UtilHttp.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/ > >>> src/org/ofbiz/base/util/UtilHttp.java?rev=1648403&r1= > >>> 1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java > >>> (original) > >>> +++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java > Mon > >>> Dec 29 18:24:57 2014 > >>> @@ -250,7 +250,7 @@ public class UtilHttp { > >>> public static String canonicalizeParameter(String paramValue) { > >>> try { > >>> /** calling canonicalize with strict flag set to false so > >>> we only get warnings about double encoding, etc; can be set to true for > >>> exceptions and more security */ > >>> - String cannedStr = StringUtil.canonicalize(paramValue, > >>> false); > >>> + String cannedStr = UtilCodec.canonicalize(paramValue, > >>> false); > >>> if (Debug.verboseOn()) Debug.logVerbose("Canonicalized > >>> parameter with " + (cannedStr.equals(paramValue) ? "no " : "") + > "change: > >>> original [" + paramValue + "] canned [" + cannedStr + "]", module); > >>> return cannedStr; > >>> } catch (Exception e) { > >>> @@ -790,14 +790,14 @@ public class UtilHttp { > >>> buf.append("&"); > >>> } > >>> } > >>> - buf.append(StringUtil. > >>> getEncoder("url").encode(name)); > >>> + buf.append(UtilCodec. > >>> getEncoder("url").encode(name)); > >>> /* the old way: try { > >>> buf.append(URLEncoder.encode(name, > >>> "UTF-8")); > >>> } catch (UnsupportedEncodingException e) { > >>> Debug.logError(e, module); > >>> } */ > >>> buf.append('='); > >>> - > buf.append(StringUtil.getEncoder("url").encode( > >>> valueStr)); > >>> + buf.append(UtilCodec.getEncoder("url").encode( > >>> valueStr)); > >>> /* the old way: try { > >>> buf.append(URLEncoder.encode(valueStr, > >>> "UTF-8")); > >>> } catch (UnsupportedEncodingException e) { > >>> > >>> Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/ > >>> template/FreeMarkerWorker.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/ > >>> src/org/ofbiz/base/util/template/FreeMarkerWorker. > >>> java?rev=1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/template/FreeMarkerWorker.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/template/FreeMarkerWorker.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -47,6 +47,7 @@ import javax.servlet.http.HttpServletReq > >>> import org.ofbiz.base.location.FlexibleLocation; > >>> import org.ofbiz.base.util.Debug; > >>> import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilGenerics; > >>> import org.ofbiz.base.util.UtilMisc; > >>> import org.ofbiz.base.util.UtilProperties; > >>> @@ -687,7 +688,7 @@ public class FreeMarkerWorker { > >>> te.printStackTrace(pw); > >>> String stackTrace = tempWriter.toString(); > >>> > >>> - StringUtil.SimpleEncoder simpleEncoder = FreeMarkerWorker. > >>> getWrappedObject("simpleEncoder", env); > >>> + UtilCodec.SimpleEncoder simpleEncoder = FreeMarkerWorker. > >>> getWrappedObject("simpleEncoder", env); > >>> if (simpleEncoder != null) { > >>> stackTrace = simpleEncoder.encode(stackTrace); > >>> } > >>> > >>> Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/ > >>> StringUtilTests.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/ > >>> src/org/ofbiz/base/util/test/StringUtilTests.java?rev= > >>> 1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/StringUtilTests.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/StringUtilTests.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -18,8 +18,6 @@ > >>> ************************************************************ > >>> *******************/ > >>> package org.ofbiz.base.util.test; > >>> > >>> -import java.util.ArrayList; > >>> -import java.util.Arrays; > >>> import java.util.Collections; > >>> import java.util.HashMap; > >>> import java.util.List; > >>> @@ -53,18 +51,6 @@ public class StringUtilTests extends Gen > >>> assertTrue("correct INSTANCE", StringUtil.INSTANCE instanceof > >>> StringUtil); > >>> } > >>> > >>> - private static void encoderTest(String label, > >>> StringUtil.SimpleEncoder encoder, String wanted, String toEncode) { > >>> - assertNull(label + "(encoder):null", encoder.encode(null)); > >>> - assertEquals(label + "(encoder):encode", wanted, > >>> encoder.encode(toEncode)); > >>> - } > >>> - > >>> - public void testGetEncoder() { > >>> - encoderTest("string", StringUtil.getEncoder("string"), > >>> "abc\\\"def", "abc\"def"); > >>> - encoderTest("xml", StringUtil.getEncoder("xml"), > >>> "<>'"", "<>'\""); > >>> - encoderTest("html", StringUtil.getEncoder("html"), > >>> "<>'"", "<>'\""); > >>> - assertNull("invalid encoder", > StringUtil.getEncoder("foobar")); > >>> - } > >>> - > >>> public void testInternString() { > >>> assertSame("intern-constant", StringUtil.internString("foo"), > >>> StringUtil.internString("foo")); > >>> assertSame("intern-new", StringUtil.internString("foo"), > >>> StringUtil.internString(new String("foo"))); > >>> @@ -283,26 +269,6 @@ public class StringUtilTests extends Gen > >>> assertEquals("all converions", "one && two || three > four >= > >>> five < six <= seven", StringUtil.convertOperatorSubstitutions("one @and > >>> two @or three @gt four @gteq five @lt six @lteq seven")); > >>> } > >>> > >>> - private static void checkStringForHtmlStrictNone_test(String > label, > >>> String fixed, String input, String... wantedMessages) { > >>> - List<String> gottenMessages = new ArrayList<String>(); > >>> - assertEquals(label, fixed, StringUtil. > >>> checkStringForHtmlStrictNone(label, input, gottenMessages)); > >>> - assertEquals(label, Arrays.asList(wantedMessages), > >>> gottenMessages); > >>> - } > >>> - > >>> - public void testCheckStringForHtmlStrictNone() { > >>> - checkStringForHtmlStrictNone_test("null pass-thru", null, > null); > >>> - checkStringForHtmlStrictNone_test("empty pass-thru", "", ""); > >>> - checkStringForHtmlStrictNone_test("o-numeric-encode", "foo", > >>> "foo"); > >>> - checkStringForHtmlStrictNone_test("o-hex-encode", "foo", > >>> "f%6fo"); > >>> - checkStringForHtmlStrictNone_test("o-double-hex-encode", > "foo", > >>> "f%256fo"); > >>> - checkStringForHtmlStrictNone_test("<-not-allowed", "f<oo", > >>> "f<oo", "In field [<-not-allowed] less-than (<) and greater-than (>) > >>> symbols are not allowed."); > >>> - checkStringForHtmlStrictNone_test(">-not-allowed", "f>oo", > >>> "f>oo", "In field [>-not-allowed] less-than (<) and greater-than (>) > >>> symbols are not allowed."); > >>> - checkStringForHtmlStrictNone_test("high-ascii", "fÀ®", > >>> "f%C0%AE"); > >>> - // this looks like a bug, namely the extra trailing ; > >>> - checkStringForHtmlStrictNone_test("double-ampersand", > "f\";oo", > >>> "f%26quot%3boo"); > >>> - checkStringForHtmlStrictNone_test("double-encoding", > >>> "%2%353Cscript", "%2%353Cscript", "In field [double-encoding] found > >>> character escaping (mixed or double) that is not allowed or other > format > >>> consistency error: org.owasp.esapi.errors.IntrusionException: Input > >>> validation failure"); > >>> - } > >>> - > >>> public void testCollapseNewlines() { > >>> } > >>> > >>> > >>> Added: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/ > >>> UtilCodecTests.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/ > >>> src/org/ofbiz/base/util/test/UtilCodecTests.java?rev=1648403&view=auto > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilCodecTests.java > >>> (added) > >>> +++ > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilCodecTests.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -0,0 +1,64 @@ > >>> +/********************************************************** > >>> ********************* > >>> + * Licensed to the Apache Software Foundation (ASF) under one > >>> + * or more contributor license agreements. See the NOTICE file > >>> + * distributed with this work for additional information > >>> + * regarding copyright ownership. The ASF licenses this file > >>> + * to you under the Apache License, Version 2.0 (the > >>> + * "License"); you may not use this file except in compliance > >>> + * with the License. You may obtain a copy of the License at > >>> + * > >>> + * http://www.apache.org/licenses/LICENSE-2.0 > >>> + * > >>> + * Unless required by applicable law or agreed to in writing, > >>> + * software distributed under the License is distributed on an > >>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY > >>> + * KIND, either express or implied. See the License for the > >>> + * specific language governing permissions and limitations > >>> + * under the License. > >>> + ************************************************************ > >>> *******************/ > >>> +package org.ofbiz.base.util.test; > >>> + > >>> +import org.ofbiz.base.test.GenericTestCaseBase; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> + > >>> +import java.util.ArrayList; > >>> +import java.util.Arrays; > >>> +import java.util.List; > >>> + > >>> +public class UtilCodecTests extends GenericTestCaseBase { > >>> + public UtilCodecTests(String name) { > >>> + super(name); > >>> + } > >>> + > >>> + private static void encoderTest(String label, > >>> UtilCodec.SimpleEncoder encoder, String wanted, String toEncode) { > >>> + assertNull(label + "(encoder):null", encoder.encode(null)); > >>> + assertEquals(label + "(encoder):encode", wanted, > >>> encoder.encode(toEncode)); > >>> + } > >>> + > >>> + public void testGetEncoder() { > >>> + encoderTest("string", UtilCodec.getEncoder("string"), > >>> "abc\\\"def", "abc\"def"); > >>> + encoderTest("xml", UtilCodec.getEncoder("xml"), > >>> "<>'"", "<>'\""); > >>> + encoderTest("html", UtilCodec.getEncoder("html"), > >>> "<>'"", "<>'\""); > >>> + assertNull("invalid encoder", UtilCodec.getEncoder("foobar")); > >>> + } > >>> + private static void checkStringForHtmlStrictNone_test(String > label, > >>> String fixed, String input, String... wantedMessages) { > >>> + List<String> gottenMessages = new ArrayList<String>(); > >>> + assertEquals(label, fixed, UtilCodec. > >>> checkStringForHtmlStrictNone(label, input, gottenMessages)); > >>> + assertEquals(label, Arrays.asList(wantedMessages), > >>> gottenMessages); > >>> + } > >>> + > >>> + public void testCheckStringForHtmlStrictNone() { > >>> + checkStringForHtmlStrictNone_test("null pass-thru", null, > null); > >>> + checkStringForHtmlStrictNone_test("empty pass-thru", "", ""); > >>> + checkStringForHtmlStrictNone_test("o-numeric-encode", "foo", > >>> "foo"); > >>> + checkStringForHtmlStrictNone_test("o-hex-encode", "foo", > >>> "f%6fo"); > >>> + checkStringForHtmlStrictNone_test("o-double-hex-encode", > "foo", > >>> "f%256fo"); > >>> + checkStringForHtmlStrictNone_test("<-not-allowed", "f<oo", > >>> "f<oo", "In field [<-not-allowed] less-than (<) and greater-than (>) > >>> symbols are not allowed."); > >>> + checkStringForHtmlStrictNone_test(">-not-allowed", "f>oo", > >>> "f>oo", "In field [>-not-allowed] less-than (<) and greater-than (>) > >>> symbols are not allowed."); > >>> + checkStringForHtmlStrictNone_test("high-ascii", "fÀ®", > >>> "f%C0%AE"); > >>> + // this looks like a bug, namely the extra trailing ; > >>> + checkStringForHtmlStrictNone_test("double-ampersand", > "f\";oo", > >>> "f%26quot%3boo"); > >>> + checkStringForHtmlStrictNone_test("double-encoding", > >>> "%2%353Cscript", "%2%353Cscript", "In field [double-encoding] found > >>> character escaping (mixed or double) that is not allowed or other > format > >>> consistency error: org.owasp.esapi.errors.IntrusionException: Input > >>> validation failure"); > >>> + } > >>> + > >>> +} > >>> > >>> Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/ > >>> UtilCodecTests.java > >>> ------------------------------------------------------------ > >>> ------------------ > >>> svn:eol-style = native > >>> > >>> Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/ > >>> UtilCodecTests.java > >>> ------------------------------------------------------------ > >>> ------------------ > >>> svn:keywords = Date Rev Author URL Id > >>> > >>> Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/ > >>> UtilCodecTests.java > >>> ------------------------------------------------------------ > >>> ------------------ > >>> svn:mime-type = text/plain > >>> > >>> Added: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/ > >>> UtilHttpTests.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/ > >>> src/org/ofbiz/base/util/test/UtilHttpTests.java?rev=1648403&view=auto > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilHttpTests.java > >>> (added) > >>> +++ > ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilHttpTests.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -0,0 +1,30 @@ > >>> +/********************************************************** > >>> ********************* > >>> + * Licensed to the Apache Software Foundation (ASF) under one > >>> + * or more contributor license agreements. See the NOTICE file > >>> + * distributed with this work for additional information > >>> + * regarding copyright ownership. The ASF licenses this file > >>> + * to you under the Apache License, Version 2.0 (the > >>> + * "License"); you may not use this file except in compliance > >>> + * with the License. You may obtain a copy of the License at > >>> + * > >>> + * http://www.apache.org/licenses/LICENSE-2.0 > >>> + * > >>> + * Unless required by applicable law or agreed to in writing, > >>> + * software distributed under the License is distributed on an > >>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY > >>> + * KIND, either express or implied. See the License for the > >>> + * specific language governing permissions and limitations > >>> + * under the License. > >>> + ************************************************************ > >>> *******************/ > >>> +package org.ofbiz.base.util.test; > >>> + > >>> +import org.ofbiz.base.test.GenericTestCaseBase; > >>> + > >>> +public class UtilHttpTests extends GenericTestCaseBase { > >>> + public UtilHttpTests(String name) { > >>> + super(name); > >>> + } > >>> + > >>> + public void testGetParameterMap() throws Exception { > >>> + } > >>> +} > >>> > >>> Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/ > >>> UtilHttpTests.java > >>> ------------------------------------------------------------ > >>> ------------------ > >>> svn:eol-style = native > >>> > >>> Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/ > >>> UtilHttpTests.java > >>> ------------------------------------------------------------ > >>> ------------------ > >>> svn:keywords = Date Rev Author URL Id > >>> > >>> Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/ > >>> UtilHttpTests.java > >>> ------------------------------------------------------------ > >>> ------------------ > >>> svn:mime-type = text/plain > >>> > >>> Modified: ofbiz/trunk/framework/base/testdef/basetests.xml > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/ > >>> testdef/basetests.xml?rev=1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- ofbiz/trunk/framework/base/testdef/basetests.xml (original) > >>> +++ ofbiz/trunk/framework/base/testdef/basetests.xml Mon Dec 29 > 18:24:57 > >>> 2014 > >>> @@ -23,9 +23,14 @@ > >>> xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/ > >>> test-suite.xsd"> > >>> <test-group case-name="basetests"> > >>> <junit-test-suite class-name="org.ofbiz.base.lang.test. > >>> ComparableRangeTests"/> > >>> + <junit-test-suite class-name="org.ofbiz.base. > >>> util.test.AssertTests"/> > >>> <junit-test-suite class-name="org.ofbiz.base.util.test. > >>> IndentingWriterTests"/> > >>> <junit-test-suite class-name="org.ofbiz.base. > >>> util.test.ObjectTypeTests"/> > >>> + <!--junit-test-suite class-name="org.ofbiz.base.util.test. > >>> ReferenceCleanerTests"/--> > >>> <junit-test-suite class-name="org.ofbiz.base. > >>> util.test.UtilObjectTests"/> > >>> + <junit-test-suite class-name="org.ofbiz.base. > >>> util.test.StringUtilTests"/> > >>> + <junit-test-suite class-name="org.ofbiz.base. > >>> util.test.UtilHttpTests"/> > >>> + <junit-test-suite class-name="org.ofbiz.base. > >>> util.test.UtilCodecTests"/> > >>> <junit-test-suite class-name="org.ofbiz.base.util.string.test. > >>> FlexibleStringExpanderTests"/> > >>> <junit-test-suite class-name="org.ofbiz.base. > >>> util.collections.test.FlexibleMapAccessorTests"/> > >>> <junit-test-suite class-name="org.ofbiz.base. > >>> util.test.TimeDurationTests"/> > >>> > >>> Modified: ofbiz/trunk/framework/common/src/org/ofbiz/common/ > >>> CommonServices.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/ > >>> src/org/ofbiz/common/CommonServices.java?rev= > >>> 1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/common/src/org/ofbiz/common/CommonServices.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/common/src/org/ofbiz/common/CommonServices.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -46,7 +46,7 @@ import javax.mail.internet.MimeMessage; > >>> import org.ofbiz.base.metrics.Metrics; > >>> import org.ofbiz.base.metrics.MetricsFactory; > >>> import org.ofbiz.base.util.Debug; > >>> -import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilDateTime; > >>> import org.ofbiz.base.util.UtilMisc; > >>> import org.ofbiz.base.util.UtilProperties; > >>> @@ -539,7 +539,7 @@ public class CommonServices { > >>> > >>> public static Map<String, Object> resetMetric(DispatchContext > dctx, > >>> Map<String, ?> context) { > >>> String originalName = (String) context.get("name"); > >>> - String name = > StringUtil.getDecoder("url").decode(originalName); > >>> + String name = > UtilCodec.getDecoder("url").decode(originalName); > >>> if (name == null) { > >>> return ServiceUtil.returnError("Exception thrown while > >>> decoding metric name \"" + originalName + "\""); > >>> } > >>> > >>> Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/ > >>> ModelService.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/ > >>> src/org/ofbiz/service/ModelService.java?rev=1648403& > >>> r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelService.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelService.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -63,7 +63,7 @@ import org.ofbiz.base.metrics.Metrics; > >>> import org.ofbiz.base.util.Debug; > >>> import org.ofbiz.base.util.GeneralException; > >>> import org.ofbiz.base.util.ObjectType; > >>> -import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilMisc; > >>> import org.ofbiz.base.util.UtilProperties; > >>> import org.ofbiz.base.util.UtilValidate; > >>> @@ -584,7 +584,7 @@ public class ModelService extends Abstra > >>> if (context.get(modelParam.name) != null && > >>> ("String".equals(modelParam.type) || "java.lang.String".equals( > >>> modelParam.type)) > >>> && !"any".equals(modelParam.allowHtml) && > >>> ("INOUT".equals(modelParam.mode) || "IN".equals(modelParam.mode))) { > >>> String value = (String) > >>> context.get(modelParam.name); > >>> - > StringUtil.checkStringForHtmlStrictNone(modelParam.name, > >>> value, errorMessageList); > >>> + > UtilCodec.checkStringForHtmlStrictNone(modelParam.name, > >>> value, errorMessageList); > >>> } > >>> } > >>> if (errorMessageList.size() > 0) { > >>> > >>> Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ > >>> ControlServlet.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/ > >>> src/org/ofbiz/webapp/control/ControlServlet.java?rev= > >>> 1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -32,7 +32,7 @@ import javax.servlet.http.HttpSession; > >>> > >>> import org.apache.bsf.BSFManager; > >>> import org.ofbiz.base.util.Debug; > >>> -import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilGenerics; > >>> import org.ofbiz.base.util.UtilHttp; > >>> import org.ofbiz.base.util.UtilTimer; > >>> @@ -217,8 +217,7 @@ public class ControlServlet extends Http > >>> if (Debug.verboseOn()) Debug.logVerbose(throwable, > >>> module); > >>> } else { > >>> Debug.logError(throwable, "Error in request handler: > ", > >>> module); > >>> - StringUtil.HtmlEncoder encoder = new > >>> StringUtil.HtmlEncoder(); > >>> - request.setAttribute("_ERROR_MESSAGE_", > >>> encoder.encode(throwable.toString())); > >>> + request.setAttribute("_ERROR_MESSAGE_", > >>> UtilCodec.getEncoder("html").encode(throwable.toString())); > >>> errorPage = requestHandler. > >>> getDefaultErrorPage(request); > >>> } > >>> } catch (RequestHandlerExceptionAllowExternalRequests e) { > >>> @@ -226,8 +225,7 @@ public class ControlServlet extends Http > >>> Debug.logInfo("Going to external page: " + > >>> request.getPathInfo(), module); > >>> } catch (Exception e) { > >>> Debug.logError(e, "Error in request handler: ", module); > >>> - StringUtil.HtmlEncoder encoder = new > >>> StringUtil.HtmlEncoder(); > >>> - request.setAttribute("_ERROR_MESSAGE_", > >>> encoder.encode(e.toString())); > >>> + request.setAttribute("_ERROR_MESSAGE_", > >>> UtilCodec.getEncoder("html").encode(e.toString())); > >>> errorPage = requestHandler.getDefaultErrorPage(request); > >>> } > >>> > >>> > >>> Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ > >>> RequestHandler.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/ > >>> src/org/ofbiz/webapp/control/RequestHandler.java?rev= > >>> 1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -40,6 +40,7 @@ import org.ofbiz.base.start.Start; > >>> import org.ofbiz.base.util.Debug; > >>> import org.ofbiz.base.util.SSLUtil; > >>> import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilFormatOut; > >>> import org.ofbiz.base.util.UtilGenerics; > >>> import org.ofbiz.base.util.UtilHttp; > >>> @@ -1115,11 +1116,11 @@ public class RequestHandler { > >>> if (queryString.length() > 1) { > >>> queryString.append("&"); > >>> } > >>> - String encodedName = StringUtil.getEncoder("url"). > >>> encode(name); > >>> + String encodedName = UtilCodec.getEncoder("url"). > >>> encode(name); > >>> if (encodedName != null) { > >>> queryString.append(encodedName); > >>> queryString.append("="); > >>> - > queryString.append(StringUtil.getEncoder("url").encode( > >>> value)); > >>> + queryString.append(UtilCodec.getEncoder("url").encode( > >>> value)); > >>> } > >>> } > >>> } > >>> > >>> Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/ > >>> OfbizContentTransform.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/ > >>> src/org/ofbiz/webapp/ftl/OfbizContentTransform.java? > >>> rev=1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -25,7 +25,7 @@ import java.util.Map; > >>> import javax.servlet.http.HttpServletRequest; > >>> > >>> import org.ofbiz.base.util.Debug; > >>> -import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilValidate; > >>> import org.ofbiz.webapp.taglib.ContentUrlTag; > >>> > >>> @@ -92,7 +92,7 @@ public class OfbizContentTransform imple > >>> return; > >>> } > >>> > >>> - requestUrl = StringUtil.getDecoder("url"). > >>> decode(requestUrl); > >>> + requestUrl = UtilCodec.getDecoder("url"). > >>> decode(requestUrl); > >>> > >>> // make the link > >>> StringBuilder newURL = new StringBuilder(); > >>> > >>> Modified: ofbiz/trunk/framework/webtools/src/org/ofbiz/ > >>> webtools/labelmanager/LabelManagerFactory.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/ > >>> webtools/src/org/ofbiz/webtools/labelmanager/ > >>> LabelManagerFactory.java?rev=1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/webtools/src/org/ofbiz/webtools/labelmanager/LabelManagerFactory.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/webtools/src/org/ofbiz/webtools/labelmanager/LabelManagerFactory.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -37,7 +37,7 @@ import org.ofbiz.base.component.Componen > >>> import org.ofbiz.base.util.Debug; > >>> import org.ofbiz.base.util.FileUtil; > >>> import org.ofbiz.base.util.GeneralException; > >>> -import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilValidate; > >>> import org.ofbiz.base.util.UtilXml; > >>> import org.w3c.dom.Comment; > >>> @@ -123,7 +123,7 @@ public class LabelManagerFactory { > >>> for (Node propertyNode : > UtilXml.childNodeList(resourceElem.getFirstChild())) > >>> { > >>> if (propertyNode instanceof Element) { > >>> Element propertyElem = (Element) propertyNode; > >>> - String labelKey = StringUtil.canonicalize( > >>> propertyElem.getAttribute("key")); > >>> + String labelKey = UtilCodec.canonicalize( > >>> propertyElem.getAttribute("key")); > >>> String labelComment = ""; > >>> for (Node valueNode : > UtilXml.childNodeList(propertyElem.getFirstChild())) > >>> { > >>> if (valueNode instanceof Element) { > >>> @@ -134,7 +134,7 @@ public class LabelManagerFactory { > >>> if( localeName.contains("_")) { > >>> localeName = localeName.replace('_', > >>> '-'); > >>> } > >>> - String labelValue = > StringUtil.canonicalize( > >>> UtilXml.nodeValue(valueElem.getFirstChild())); > >>> + String labelValue = > UtilCodec.canonicalize( > >>> UtilXml.nodeValue(valueElem.getFirstChild())); > >>> LabelInfo label = labels.get(labelKey + > >>> keySeparator + fileInfo.getFileName()); > >>> > >>> if (UtilValidate.isEmpty(label)) { > >>> @@ -148,12 +148,12 @@ public class LabelManagerFactory { > >>> localesFound.add(localeName); > >>> labelComment = ""; > >>> } else if (valueNode instanceof Comment) { > >>> - labelComment = labelComment + > >>> StringUtil.canonicalize(valueNode.getNodeValue()); > >>> + labelComment = labelComment + > >>> UtilCodec.canonicalize(valueNode.getNodeValue()); > >>> } > >>> } > >>> labelKeyComment = ""; > >>> } else if (propertyNode instanceof Comment) { > >>> - labelKeyComment = labelKeyComment + > >>> StringUtil.canonicalize(propertyNode.getNodeValue()); > >>> + labelKeyComment = labelKeyComment + > >>> UtilCodec.canonicalize(propertyNode.getNodeValue()); > >>> } > >>> } > >>> } > >>> > >>> Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/ > >>> WidgetWorker.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/ > >>> src/org/ofbiz/widget/WidgetWorker.java?rev=1648403& > >>> r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/WidgetWorker.java > >>> (original) > >>> +++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/WidgetWorker.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -36,7 +36,7 @@ import javax.servlet.http.HttpServletReq > >>> import javax.servlet.http.HttpServletResponse; > >>> > >>> import org.ofbiz.base.util.Debug; > >>> -import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilDateTime; > >>> import org.ofbiz.base.util.UtilGenerics; > >>> import org.ofbiz.base.util.UtilHttp; > >>> @@ -71,7 +71,7 @@ public class WidgetWorker { > >>> // We may get an encoded request like: > >>> /projectmgr/control/EditTaskContents? > >>> workEffortId=10003 > >>> // Try to reducing a possibly encoded string down to its > >>> simplest form: /projectmgr/control/EditTaskContents?workEffortId=10003 > >>> // This step make sure the following appending > externalLoginKey > >>> operation to work correctly > >>> - localRequestName = StringUtil.canonicalize(localRequestName); > >>> + localRequestName = UtilCodec.canonicalize(localRequestName); > >>> Appendable localWriter = new StringWriter(); > >>> > >>> if ("intra-app".equals(targetType)) { > >>> @@ -143,7 +143,7 @@ public class WidgetWorker { > >>> } > >>> externalWriter.append(parameter.getKey()); > >>> externalWriter.append('='); > >>> - StringUtil.SimpleEncoder simpleEncoder = > >>> (StringUtil.SimpleEncoder) context.get("simpleEncoder"); > >>> + UtilCodec.SimpleEncoder simpleEncoder = > >>> (UtilCodec.SimpleEncoder) context.get("simpleEncoder"); > >>> if (simpleEncoder != null && parameterValue != null) { > >>> externalWriter.append(simpleEncoder.encode( > >>> URLEncoder.encode(parameterValue, Charset.forName("UTF-8"). > >>> displayName()))); > >>> } else { > >>> @@ -300,7 +300,7 @@ public class WidgetWorker { > >>> writer.append("<input name=\""); > >>> writer.append(parameter.getKey()); > >>> writer.append("\" value=\""); > >>> - writer.append(StringUtil.getEncoder("html").encode( > >>> parameter.getValue())); > >>> + writer.append(UtilCodec.getEncoder("html").encode( > >>> parameter.getValue())); > >>> writer.append("\" type=\"hidden\"/>"); > >>> } > >>> } > >>> > >>> Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ > >>> MacroFormRenderer.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/ > >>> src/org/ofbiz/widget/form/MacroFormRenderer.java?rev= > >>> 1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/MacroFormRenderer.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/MacroFormRenderer.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -40,6 +40,7 @@ import javax.servlet.http.HttpServletRes > >>> > >>> import org.ofbiz.base.util.Debug; > >>> import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilFormatOut; > >>> import org.ofbiz.base.util.UtilGenerics; > >>> import org.ofbiz.base.util.UtilHttp; > >>> @@ -75,7 +76,6 @@ import org.ofbiz.widget.form.ModelFormFi > >>> import org.ofbiz.widget.form.ModelFormField.TextField; > >>> import org.ofbiz.widget.form.ModelFormField.TextFindField; > >>> import org.ofbiz.widget.form.ModelFormField.TextareaField; > >>> -import org.ofbiz.widget.form.ModelFormFieldBuilder; > >>> import org.ofbiz.widget.screen.ModelScreenWidget; > >>> > >>> import com.ibm.icu.util.Calendar; > >>> @@ -93,7 +93,7 @@ public final class MacroFormRenderer imp > >>> public static final String module = MacroFormRenderer.class. > >>> getName(); > >>> private final Template macroLibrary; > >>> private final WeakHashMap<Appendable, Environment> environments = > >>> new WeakHashMap<Appendable, Environment>(); > >>> - private final StringUtil.SimpleEncoder internalEncoder; > >>> + private final UtilCodec.SimpleEncoder internalEncoder; > >>> private final RequestHandler rh; > >>> private final HttpServletRequest request; > >>> private final HttpServletResponse response; > >>> @@ -108,7 +108,7 @@ public final class MacroFormRenderer imp > >>> ServletContext ctx = (ServletContext) request.getAttribute(" > >>> servletContext"); > >>> this.rh = (RequestHandler) ctx.getAttribute("_REQUEST_ > >>> HANDLER_"); > >>> this.javaScriptEnabled = > UtilHttp.isJavaScriptEnabled(request); > >>> - internalEncoder = StringUtil.getEncoder("string"); > >>> + internalEncoder = UtilCodec.getEncoder("string"); > >>> } > >>> > >>> @Deprecated > >>> @@ -158,7 +158,7 @@ public final class MacroFormRenderer imp > >>> if (UtilValidate.isEmpty(value)) { > >>> return value; > >>> } > >>> - StringUtil.SimpleEncoder encoder = (StringUtil.SimpleEncoder) > >>> context.get("simpleEncoder"); > >>> + UtilCodec.SimpleEncoder encoder = (UtilCodec.SimpleEncoder) > >>> context.get("simpleEncoder"); > >>> if (modelFormField.getEncodeOutput() && encoder != null) { > >>> value = encoder.encode(value); > >>> } else { > >>> @@ -3088,7 +3088,7 @@ public final class MacroFormRenderer imp > >>> parameters.append(parameter.getName()); > >>> parameters.append("'"); > >>> parameters.append(",'value':'"); > >>> - parameters.append(StringUtil.getEncoder("html").encode( > >>> parameter.getValue(context))); > >>> + parameters.append(UtilCodec.getEncoder("html").encode( > >>> parameter.getValue(context))); > >>> parameters.append("'}"); > >>> } > >>> parameters.append("]"); > >>> > >>> Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ > >>> ModelForm.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/ > >>> src/org/ofbiz/widget/form/ModelForm.java?rev=1648403&r1= > >>> 1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ModelForm.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ModelForm.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -34,6 +34,7 @@ import java.util.concurrent.atomic.Atomi > >>> import org.ofbiz.base.util.BshUtil; > >>> import org.ofbiz.base.util.Debug; > >>> import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilGenerics; > >>> import org.ofbiz.base.util.UtilProperties; > >>> import org.ofbiz.base.util.UtilValidate; > >>> @@ -1515,9 +1516,9 @@ public class ModelForm extends ModelWidg > >>> */ > >>> public String getTarget(Map<String, Object> context, String > >>> targetType) { > >>> Map<String, Object> expanderContext = context; > >>> - StringUtil.SimpleEncoder simpleEncoder = > >>> (StringUtil.SimpleEncoder) context.get("simpleEncoder"); > >>> + UtilCodec.SimpleEncoder simpleEncoder = > >>> (UtilCodec.SimpleEncoder) context.get("simpleEncoder"); > >>> if (simpleEncoder != null) { > >>> - expanderContext = StringUtil.HtmlEncodingMapWrapper. > >>> getHtmlEncodingMapWrapper(context, simpleEncoder); > >>> + expanderContext = UtilCodec.HtmlEncodingMapWrapper. > >>> getHtmlEncodingMapWrapper(context, simpleEncoder); > >>> } > >>> try { > >>> // use the same Interpreter (ie with the same context > >>> setup) for all evals > >>> > >>> Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ > >>> ModelFormField.java > >>> URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/ > >>> src/org/ofbiz/widget/form/ModelFormField.java?rev= > >>> 1648403&r1=1648402&r2=1648403&view=diff > >>> ============================================================ > >>> ================== > >>> --- > ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ModelFormField.java > >>> (original) > >>> +++ > ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ModelFormField.java > >>> Mon Dec 29 18:24:57 2014 > >>> @@ -42,6 +42,7 @@ import org.ofbiz.base.util.Debug; > >>> import org.ofbiz.base.util.GeneralException; > >>> import org.ofbiz.base.util.ObjectType; > >>> import org.ofbiz.base.util.StringUtil; > >>> +import org.ofbiz.base.util.UtilCodec; > >>> import org.ofbiz.base.util.UtilDateTime; > >>> import org.ofbiz.base.util.UtilFormatOut; > >>> import org.ofbiz.base.util.UtilGenerics; > >>> @@ -343,7 +344,7 @@ public class ModelFormField { > >>> } > >>> > >>> if (this.getEncodeOutput() && returnValue != null) { > >>> - StringUtil.SimpleEncoder simpleEncoder = > >>> (StringUtil.SimpleEncoder) context.get("simpleEncoder"); > >>> + UtilCodec.SimpleEncoder simpleEncoder = > >>> (UtilCodec.SimpleEncoder) context.get("simpleEncoder"); > >>> if (simpleEncoder != null) > >>> returnValue = simpleEncoder.encode(returnValue); > >>> } > >>> @@ -602,7 +603,7 @@ public class ModelFormField { > >>> if (UtilValidate.isNotEmpty(tooltip)) > >>> tooltipString = tooltip.expandString(context); > >>> if (this.getEncodeOutput()) { > >>> - StringUtil.SimpleEncoder simpleEncoder = > >>> (StringUtil.SimpleEncoder) context.get("simpleEncoder"); > >>> + UtilCodec.SimpleEncoder simpleEncoder = > >>> (UtilCodec.SimpleEncoder) context.get(" > >> > >> ... > >
