I agree with both of you: these strings should be private and should
follow the naming convention of constants (MODULE); Adrian, I also agree it
is a good time to discuss this with the community.
There are currently 29 "module" strings that are private and 676 that are
public.
Should we bulk change them all to private or to public? It will be a
rather easy string replacement.
Bulk converting module to MODULE would be a little bit trickier but still
possible; is it something we should do now or just something to do in small
parts?
Jacopo
On Dec 29, 2014, at 8:17 PM, Scott Gray <[email protected]>
wrote:
I'm in favor of making them private, I'm also in favor using MODULE
instead
of module.
Regards
Scott
On 30 Dec 2014 07:36, "Adrian Crum" <[email protected]>
wrote:
+public class UtilCodec {
+ private static final String module = UtilCodec.class.getName();
The last time I made the module field private someone complained that it
doesn't follow the de-facto standard of making it public. My personal
preference is to make it private, but there needs to be an agreement
within
the community.
Adrian Crum
Sandglass Software
www.sandglass-software.com
On 12/29/2014 6:24 PM, [email protected] wrote:
Author: jacopoc
Date: Mon Dec 29 18:24:57 2014
New Revision: 1648403
URL: http://svn.apache.org/r1648403
Log:
Moved code dependent on OWASP ESAPI and utilities for codec tasks from
StringUtil to a new UtilCodec class: now the UtilCodec class is the
only
class dependent on OWASP ESAPI.
The DefaultEncoder from OWASP ESAPI, used internally by UtilCodec is
now
built with the default constructor that also adds the JavascriptCodec
to
the list of codecs used to canonicalize and validate the input.
Renamed the UrlEncoder class to UrlCodec in order to better describe
its
behavior.
Misc minor cleanups.
Added to the list of tests of the base component a series of Junit test
classes that were missing.
Added:
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilCodec.java
(with props)
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilCodecTests.java
(with props)
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilHttpTests.java
(with props)
Modified:
ofbiz/trunk/applications/content/src/org/ofbiz/content/
content/ContentUrlFilter.java
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/StringUtil.java
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/
template/FreeMarkerWorker.java
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/
StringUtilTests.java
ofbiz/trunk/framework/base/testdef/basetests.xml
ofbiz/trunk/framework/common/src/org/ofbiz/common/
CommonServices.java
ofbiz/trunk/framework/service/src/org/ofbiz/service/
ModelService.java
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/
ControlServlet.java
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/
RequestHandler.java
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/
OfbizContentTransform.java
ofbiz/trunk/framework/webtools/src/org/ofbiz/webtools/labelmanager/
LabelManagerFactory.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/WidgetWorker.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/
MacroFormRenderer.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/
ModelForm.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/
ModelFormField.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/html/
HtmlFormRenderer.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/html/
HtmlMenuRenderer.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/
MacroMenuRenderer.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/menu/
ModelMenuItem.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/
HtmlWidget.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/
MacroScreenViewHandler.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/
ModelScreenWidget.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/screen/
ScreenFopViewHandler.java
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/tree/
ModelTree.java
ofbiz/trunk/specialpurpose/ebay/src/org/ofbiz/ebay/
ProductsExportToEbay.java
Modified: ofbiz/trunk/applications/content/src/org/ofbiz/content/
content/ContentUrlFilter.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/applications/
content/src/org/ofbiz/content/content/ContentUrlFilter.java?
rev=1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/applications/content/src/org/ofbiz/content/content/ContentUrlFilter.java
(original)
+++
ofbiz/trunk/applications/content/src/org/ofbiz/content/content/ContentUrlFilter.java
Mon Dec 29 18:24:57 2014
@@ -31,7 +31,7 @@ import javax.servlet.http.HttpServletReq
import javax.servlet.http.HttpServletResponse;
import org.ofbiz.base.util.Debug;
-import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilHttp;
import org.ofbiz.base.util.UtilValidate;
import org.ofbiz.common.UrlServletHelper;
@@ -117,7 +117,7 @@ public class ContentUrlFilter extends Co
.queryFirst();
if (contentAssocDataResource != null) {
url = contentAssocDataResource.
getString("drObjectInfo");
- url = StringUtil.getDecoder("url").decode(url);
+ url = UtilCodec.getDecoder("url").decode(url);
String mountPoint = request.getContextPath();
if (!(mountPoint.equals("/")) &&
!(mountPoint.equals(""))) {
url = mountPoint + url;
Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/
StringUtil.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/
src/org/ofbiz/base/util/StringUtil.java?rev=1648403&
r1=1648402&r2=1648403&view=diff
============================================================
==================
--- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/StringUtil.java
(original)
+++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/StringUtil.java
Mon Dec 29 18:24:57 2014
@@ -21,7 +21,6 @@ package org.ofbiz.base.util;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
-import java.util.Arrays;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
@@ -36,12 +35,6 @@ import java.util.regex.Pattern;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Hex;
import org.ofbiz.base.lang.Appender;
-import org.owasp.esapi.codecs.Codec;
-import org.owasp.esapi.codecs.HTMLEntityCodec;
-import org.owasp.esapi.codecs.PercentCodec;
-import org.owasp.esapi.errors.EncodingException;
-import org.owasp.esapi.errors.IntrusionException;
-import org.owasp.esapi.reference.DefaultEncoder;
/**
* Misc String Utility Functions
@@ -54,11 +47,7 @@ public class StringUtil {
// FIXME: Not thread safe
protected static final Map<String, Pattern>
substitutionPatternMap;
- private static final DefaultEncoder defaultWebEncoder;
static {
- // possible codecs: CSSCodec, HTMLEntityCodec,
JavaScriptCodec,
MySQLCodec, OracleCodec, PercentCodec, UnixCodec, VBScriptCodec,
WindowsCodec
- List<Codec> codecList = Arrays.asList(new HTMLEntityCodec(),
new
PercentCodec());
- defaultWebEncoder = new DefaultEncoder(codecList);
substitutionPatternMap = new HashMap<String, Pattern>();
substitutionPatternMap.put("&&", Pattern.compile("@and",
Pattern.LITERAL));
substitutionPatternMap.put("||", Pattern.compile("@or",
Pattern.LITERAL));
@@ -68,87 +57,9 @@ public class StringUtil {
substitutionPatternMap.put(">", Pattern.compile("@gt",
Pattern.LITERAL));
}
- private static final HtmlEncoder htmlEncoder = new HtmlEncoder();
- private static final XmlEncoder xmlEncoder = new XmlEncoder();
- private static final StringEncoder stringEncoder = new
StringEncoder();
- private static final UrlEncoder urlEncoder = new UrlEncoder();
-
private StringUtil() {
}
- public static interface SimpleEncoder {
- public String encode(String original);
- }
-
- public static interface SimpleDecoder {
- public String decode(String original);
- }
-
- public static class HtmlEncoder implements SimpleEncoder {
- public String encode(String original) {
- return
StringUtil.defaultWebEncoder.encodeForHTML(original);
- }
- }
-
- public static class XmlEncoder implements SimpleEncoder {
- public String encode(String original) {
- return
StringUtil.defaultWebEncoder.encodeForXML(original);
- }
- }
-
- public static class UrlEncoder implements SimpleEncoder,
SimpleDecoder {
- public String encode(String original) {
- try {
- return StringUtil.defaultWebEncoder.
encodeForURL(original);
- } catch (EncodingException ee) {
- Debug.logError(ee, module);
- return null;
- }
- }
-
- public String decode(String original) {
- try {
- return StringUtil.defaultWebEncoder.
decodeFromURL(original);
- } catch (EncodingException ee) {
- Debug.logError(ee, module);
- return null;
- }
- }
- }
-
- public static class StringEncoder implements SimpleEncoder {
- public String encode(String original) {
- if (original != null) {
- original = original.replace("\"", "\\\"");
- }
- return original;
- }
- }
-
- // ================== Begin General Functions ==================
-
- public static SimpleEncoder getEncoder(String type) {
- if ("url".equals(type)) {
- return StringUtil.urlEncoder;
- } else if ("xml".equals(type)) {
- return StringUtil.xmlEncoder;
- } else if ("html".equals(type)) {
- return StringUtil.htmlEncoder;
- } else if ("string".equals(type)) {
- return StringUtil.stringEncoder;
- } else {
- return null;
- }
- }
-
- public static SimpleDecoder getDecoder(String type) {
- if ("url".equals(type)) {
- return StringUtil.urlEncoder;
- } else {
- return null;
- }
- }
-
public static String internString(String value) {
return value != null ? value.intern() : null;
}
@@ -623,70 +534,6 @@ public class StringUtil {
return result;
}
- public static String canonicalize(String value) throws
IntrusionException {
- return defaultWebEncoder.canonicalize(value);
- }
-
- public static String canonicalize(String value, boolean strict)
throws IntrusionException {
- return defaultWebEncoder.canonicalize(value, strict);
- }
- /**
- * Uses a black-list approach for necessary characters for HTML.
- * Does not allow various characters (after canonicalization),
including "<", ">", "&" (if not followed by a space), and "%" (if not
followed by a space).
- *
- * @param value
- * @param errorMessageList
- */
- public static String checkStringForHtmlStrictNone(String
valueName,
String value, List<String> errorMessageList) {
- if (UtilValidate.isEmpty(value)) return value;
-
- // canonicalize, strict (error on double-encoding)
- try {
- value = canonicalize(value, true);
- } catch (IntrusionException e) {
- // NOTE: using different log and user targeted error
messages to allow the end-user message to be less technical
- Debug.logError("Canonicalization (format consistency,
character escaping that is mixed or double, etc) error for attribute
named
[" + valueName + "], String [" + value + "]: " + e.toString(), module);
- errorMessageList.add("In field [" + valueName + "] found
character escaping (mixed or double) that is not allowed or other
format
consistency error: " + e.toString());
- }
-
- // check for "<", ">"
- if (value.indexOf("<") >= 0 || value.indexOf(">") >= 0) {
- errorMessageList.add("In field [" + valueName + "]
less-than
(<) and greater-than (>) symbols are not allowed.");
- }
-
- /* NOTE DEJ 20090311: After playing with this more this
doesn't
seem to be necessary; the canonicalize will convert all such characters
into actual text before this check is done, including other illegal
chars
like < which will canonicalize to < and then get caught
- // check for & followed a semicolon within 7 characters, no
spaces in-between (and perhaps other things sometime?)
- int curAmpIndex = value.indexOf("&");
- while (curAmpIndex > -1) {
- int semicolonIndex = value.indexOf(";", curAmpIndex + 1);
- int spaceIndex = value.indexOf(" ", curAmpIndex + 1);
- if (semicolonIndex > -1 && (semicolonIndex - curAmpIndex
<=
7) && (spaceIndex < 0 || (spaceIndex > curAmpIndex && spaceIndex <
semicolonIndex))) {
- errorMessageList.add("In field [" + valueName + "] the
ampersand (&) symbol is only allowed if not used as an encoded
character:
no semicolon (;) within 7 spaces or there is a space between.");
- // once we find one like this we have the message so
no
need to check for more
- break;
- }
- curAmpIndex = value.indexOf("&", curAmpIndex + 1);
- }
- */
-
- /* NOTE DEJ 20090311: After playing with this more this
doesn't
seem to be necessary; the canonicalize will convert all such characters
into actual text before this check is done, including other illegal
chars
like %3C which will canonicalize to < and then get caught
- // check for % followed by 2 hex characters
- int curPercIndex = value.indexOf("%");
- while (curPercIndex >= 0) {
- if (value.length() > (curPercIndex + 3) &&
UtilValidate.isHexDigit(value.charAt(curPercIndex + 1)) &&
UtilValidate.isHexDigit(value.charAt(curPercIndex + 2))) {
- errorMessageList.add("In field [" + valueName + "] the
percent (%) symbol is only allowed if followed by a space.");
- // once we find one like this we have the message so
no
need to check for more
- break;
- }
- curPercIndex = value.indexOf("%", curPercIndex + 1);
- }
- */
-
- // TODO: anything else to check for that can be used to get
HTML
or JavaScript going without these characters?
-
- return value;
- }
-
/**
* Remove/collapse multiple newline characters
*
@@ -807,57 +654,4 @@ public class StringUtil {
return this.theString;
}
}
-
- /**
- * A simple Map wrapper class that will do HTML encoding. To be
used
for passing a Map to something that will expand Strings with it as a
context, etc.
- */
- public static class HtmlEncodingMapWrapper<K> implements Map<K,
Object> {
- public static <K> HtmlEncodingMapWrapper<K>
getHtmlEncodingMapWrapper(Map<K, Object> mapToWrap, SimpleEncoder
encoder) {
- if (mapToWrap == null) return null;
-
- HtmlEncodingMapWrapper<K> mapWrapper = new
HtmlEncodingMapWrapper<K>();
- mapWrapper.setup(mapToWrap, encoder);
- return mapWrapper;
- }
-
- protected Map<K, Object> internalMap = null;
- protected SimpleEncoder encoder = null;
- protected HtmlEncodingMapWrapper() { }
-
- public void setup(Map<K, Object> mapToWrap, SimpleEncoder
encoder) {
- this.internalMap = mapToWrap;
- this.encoder = encoder;
- }
- public void reset() {
- this.internalMap = null;
- this.encoder = null;
- }
-
- public int size() { return this.internalMap.size(); }
- public boolean isEmpty() { return this.internalMap.isEmpty();
}
- public boolean containsKey(Object key) { return
this.internalMap.containsKey(key); }
- public boolean containsValue(Object value) { return
this.internalMap.containsValue(value); }
- public Object get(Object key) {
- Object theObject = this.internalMap.get(key);
- if (theObject instanceof String) {
- if (this.encoder != null) {
- return encoder.encode((String) theObject);
- } else {
- return
StringUtil.defaultWebEncoder.encodeForHTML((String)
theObject);
- }
- } else if (theObject instanceof Map<?, ?>) {
- return
HtmlEncodingMapWrapper.getHtmlEncodingMapWrapper(UtilGenerics.<K,
Object>checkMap(theObject), this.encoder);
- }
- return theObject;
- }
- public Object put(K key, Object value) { return
this.internalMap.put(key, value); }
- public Object remove(Object key) { return
this.internalMap.remove(key); }
- public void putAll(Map<? extends K, ? extends Object> arg0) {
this.internalMap.putAll(arg0); }
- public void clear() { this.internalMap.clear(); }
- public Set<K> keySet() { return this.internalMap.keySet(); }
- public Collection<Object> values() { return
this.internalMap.values(); }
- public Set<Map.Entry<K, Object>> entrySet() { return
this.internalMap.entrySet(); }
- @Override
- public String toString() { return
this.internalMap.toString(); }
- }
}
Added:
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilCodec.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/
src/org/ofbiz/base/util/UtilCodec.java?rev=1648403&view=auto
============================================================
==================
--- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilCodec.java
(added)
+++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilCodec.java
Mon Dec 29 18:24:57 2014
@@ -0,0 +1,232 @@
+/**********************************************************
*********************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ ************************************************************
*******************/
+package org.ofbiz.base.util;
+
+import org.owasp.esapi.errors.IntrusionException;
+import org.owasp.esapi.reference.DefaultEncoder;
+
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.net.URLEncoder;
+import java.util.Collection;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+public class UtilCodec {
+ private static final String module = UtilCodec.class.getName();
+ private static final DefaultEncoder defaultWebEncoder = new
DefaultEncoder();
+ private static final HtmlEncoder htmlEncoder = new HtmlEncoder();
+ private static final XmlEncoder xmlEncoder = new XmlEncoder();
+ private static final StringEncoder stringEncoder = new
StringEncoder();
+ private static final UrlCodec urlEncoder = new UrlCodec();
+
+ public static interface SimpleEncoder {
+ public String encode(String original);
+ }
+
+ public static interface SimpleDecoder {
+ public String decode(String original);
+ }
+
+ public static class HtmlEncoder implements SimpleEncoder {
+ public String encode(String original) {
+ return defaultWebEncoder.encodeForHTML(original);
+ }
+ }
+
+ public static class XmlEncoder implements SimpleEncoder {
+ public String encode(String original) {
+ return defaultWebEncoder.encodeForXML(original);
+ }
+ }
+
+ public static class UrlCodec implements SimpleEncoder,
SimpleDecoder
{
+ public String encode(String original) {
+ try {
+ return URLEncoder.encode(original, "UTF-8");
+ } catch (UnsupportedEncodingException ee) {
+ Debug.logError(ee, module);
+ return null;
+ }
+ }
+
+ public String decode(String original) {
+ try {
+ String canonical = canonicalize(original);
+ return URLDecoder.decode(canonical, "UTF-8");
+ } catch (UnsupportedEncodingException ee) {
+ Debug.logError(ee, module);
+ return null;
+ }
+ }
+ }
+
+ public static class StringEncoder implements SimpleEncoder {
+ public String encode(String original) {
+ if (original != null) {
+ original = original.replace("\"", "\\\"");
+ }
+ return original;
+ }
+ }
+
+ // ================== Begin General Functions ==================
+
+ public static SimpleEncoder getEncoder(String type) {
+ if ("url".equals(type)) {
+ return urlEncoder;
+ } else if ("xml".equals(type)) {
+ return xmlEncoder;
+ } else if ("html".equals(type)) {
+ return htmlEncoder;
+ } else if ("string".equals(type)) {
+ return stringEncoder;
+ } else {
+ return null;
+ }
+ }
+
+ public static SimpleDecoder getDecoder(String type) {
+ if ("url".equals(type)) {
+ return urlEncoder;
+ } else {
+ return null;
+ }
+ }
+
+ public static String canonicalize(String value) throws
IntrusionException {
+ return defaultWebEncoder.canonicalize(value);
+ }
+
+ public static String canonicalize(String value, boolean strict)
throws IntrusionException {
+ return defaultWebEncoder.canonicalize(value, strict);
+ }
+
+ /**
+ * Uses a black-list approach for necessary characters for HTML.
+ * Does not allow various characters (after canonicalization),
including "<", ">", "&" (if not followed by a space), and "%" (if not
followed by a space).
+ *
+ * @param value
+ * @param errorMessageList
+ */
+ public static String checkStringForHtmlStrictNone(String
valueName,
String value, List<String> errorMessageList) {
+ if (UtilValidate.isEmpty(value)) return value;
+
+ // canonicalize, strict (error on double-encoding)
+ try {
+ value = canonicalize(value, true);
+ } catch (IntrusionException e) {
+ // NOTE: using different log and user targeted error
messages to allow the end-user message to be less technical
+ Debug.logError("Canonicalization (format consistency,
character escaping that is mixed or double, etc) error for attribute
named
[" + valueName + "], String [" + value + "]: " + e.toString(), module);
+ errorMessageList.add("In field [" + valueName + "] found
character escaping (mixed or double) that is not allowed or other
format
consistency error: " + e.toString());
+ }
+
+ // check for "<", ">"
+ if (value.indexOf("<") >= 0 || value.indexOf(">") >= 0) {
+ errorMessageList.add("In field [" + valueName + "]
less-than
(<) and greater-than (>) symbols are not allowed.");
+ }
+
+ /* NOTE DEJ 20090311: After playing with this more this
doesn't
seem to be necessary; the canonicalize will convert all such characters
into actual text before this check is done, including other illegal
chars
like < which will canonicalize to < and then get caught
+ // check for & followed a semicolon within 7 characters, no
spaces in-between (and perhaps other things sometime?)
+ int curAmpIndex = value.indexOf("&");
+ while (curAmpIndex > -1) {
+ int semicolonIndex = value.indexOf(";", curAmpIndex + 1);
+ int spaceIndex = value.indexOf(" ", curAmpIndex + 1);
+ if (semicolonIndex > -1 && (semicolonIndex - curAmpIndex
<=
7) && (spaceIndex < 0 || (spaceIndex > curAmpIndex && spaceIndex <
semicolonIndex))) {
+ errorMessageList.add("In field [" + valueName + "] the
ampersand (&) symbol is only allowed if not used as an encoded
character:
no semicolon (;) within 7 spaces or there is a space between.");
+ // once we find one like this we have the message so
no
need to check for more
+ break;
+ }
+ curAmpIndex = value.indexOf("&", curAmpIndex + 1);
+ }
+ */
+
+ /* NOTE DEJ 20090311: After playing with this more this
doesn't
seem to be necessary; the canonicalize will convert all such characters
into actual text before this check is done, including other illegal
chars
like %3C which will canonicalize to < and then get caught
+ // check for % followed by 2 hex characters
+ int curPercIndex = value.indexOf("%");
+ while (curPercIndex >= 0) {
+ if (value.length() > (curPercIndex + 3) &&
UtilValidate.isHexDigit(value.charAt(curPercIndex + 1)) &&
UtilValidate.isHexDigit(value.charAt(curPercIndex + 2))) {
+ errorMessageList.add("In field [" + valueName + "] the
percent (%) symbol is only allowed if followed by a space.");
+ // once we find one like this we have the message so
no
need to check for more
+ break;
+ }
+ curPercIndex = value.indexOf("%", curPercIndex + 1);
+ }
+ */
+
+ // TODO: anything else to check for that can be used to get
HTML
or JavaScript going without these characters?
+
+ return value;
+ }
+
+ /**
+ * A simple Map wrapper class that will do HTML encoding. To be
used
for passing a Map to something that will expand Strings with it as a
context, etc.
+ */
+ public static class HtmlEncodingMapWrapper<K> implements Map<K,
Object> {
+ public static <K> HtmlEncodingMapWrapper<K>
getHtmlEncodingMapWrapper(Map<K, Object> mapToWrap, SimpleEncoder
encoder) {
+ if (mapToWrap == null) return null;
+
+ HtmlEncodingMapWrapper<K> mapWrapper = new
HtmlEncodingMapWrapper<K>();
+ mapWrapper.setup(mapToWrap, encoder);
+ return mapWrapper;
+ }
+
+ protected Map<K, Object> internalMap = null;
+ protected SimpleEncoder encoder = null;
+ protected HtmlEncodingMapWrapper() { }
+
+ public void setup(Map<K, Object> mapToWrap, SimpleEncoder
encoder) {
+ this.internalMap = mapToWrap;
+ this.encoder = encoder;
+ }
+ public void reset() {
+ this.internalMap = null;
+ this.encoder = null;
+ }
+
+ public int size() { return this.internalMap.size(); }
+ public boolean isEmpty() { return this.internalMap.isEmpty();
}
+ public boolean containsKey(Object key) { return
this.internalMap.containsKey(key); }
+ public boolean containsValue(Object value) { return
this.internalMap.containsValue(value); }
+ public Object get(Object key) {
+ Object theObject = this.internalMap.get(key);
+ if (theObject instanceof String) {
+ if (this.encoder != null) {
+ return encoder.encode((String) theObject);
+ } else {
+ return defaultWebEncoder.encodeForHTML((String)
theObject);
+ }
+ } else if (theObject instanceof Map<?, ?>) {
+ return
HtmlEncodingMapWrapper.getHtmlEncodingMapWrapper(UtilGenerics.<K,
Object>checkMap(theObject), this.encoder);
+ }
+ return theObject;
+ }
+ public Object put(K key, Object value) { return
this.internalMap.put(key, value); }
+ public Object remove(Object key) { return
this.internalMap.remove(key); }
+ public void putAll(Map<? extends K, ? extends Object> arg0) {
this.internalMap.putAll(arg0); }
+ public void clear() { this.internalMap.clear(); }
+ public Set<K> keySet() { return this.internalMap.keySet(); }
+ public Collection<Object> values() { return
this.internalMap.values(); }
+ public Set<Map.Entry<K, Object>> entrySet() { return
this.internalMap.entrySet(); }
+ @Override
+ public String toString() { return
this.internalMap.toString(); }
+ }
+
+}
Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/
UtilCodec.java
------------------------------------------------------------
------------------
svn:eol-style = native
Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/
UtilCodec.java
------------------------------------------------------------
------------------
svn:keywords = Date Rev Author URL Id
Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/
UtilCodec.java
------------------------------------------------------------
------------------
svn:mime-type = text/plain
Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/
UtilHttp.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/
src/org/ofbiz/base/util/UtilHttp.java?rev=1648403&r1=
1648402&r2=1648403&view=diff
============================================================
==================
--- ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java
(original)
+++ ofbiz/trunk/framework/base/src/org/ofbiz/base/util/UtilHttp.java
Mon
Dec 29 18:24:57 2014
@@ -250,7 +250,7 @@ public class UtilHttp {
public static String canonicalizeParameter(String paramValue) {
try {
/** calling canonicalize with strict flag set to false so
we only get warnings about double encoding, etc; can be set to true for
exceptions and more security */
- String cannedStr = StringUtil.canonicalize(paramValue,
false);
+ String cannedStr = UtilCodec.canonicalize(paramValue,
false);
if (Debug.verboseOn()) Debug.logVerbose("Canonicalized
parameter with " + (cannedStr.equals(paramValue) ? "no " : "") +
"change:
original [" + paramValue + "] canned [" + cannedStr + "]", module);
return cannedStr;
} catch (Exception e) {
@@ -790,14 +790,14 @@ public class UtilHttp {
buf.append("&");
}
}
- buf.append(StringUtil.
getEncoder("url").encode(name));
+ buf.append(UtilCodec.
getEncoder("url").encode(name));
/* the old way: try {
buf.append(URLEncoder.encode(name,
"UTF-8"));
} catch (UnsupportedEncodingException e) {
Debug.logError(e, module);
} */
buf.append('=');
-
buf.append(StringUtil.getEncoder("url").encode(
valueStr));
+ buf.append(UtilCodec.getEncoder("url").encode(
valueStr));
/* the old way: try {
buf.append(URLEncoder.encode(valueStr,
"UTF-8"));
} catch (UnsupportedEncodingException e) {
Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/
template/FreeMarkerWorker.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/
src/org/ofbiz/base/util/template/FreeMarkerWorker.
java?rev=1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/template/FreeMarkerWorker.java
(original)
+++
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/template/FreeMarkerWorker.java
Mon Dec 29 18:24:57 2014
@@ -47,6 +47,7 @@ import javax.servlet.http.HttpServletReq
import org.ofbiz.base.location.FlexibleLocation;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilGenerics;
import org.ofbiz.base.util.UtilMisc;
import org.ofbiz.base.util.UtilProperties;
@@ -687,7 +688,7 @@ public class FreeMarkerWorker {
te.printStackTrace(pw);
String stackTrace = tempWriter.toString();
- StringUtil.SimpleEncoder simpleEncoder = FreeMarkerWorker.
getWrappedObject("simpleEncoder", env);
+ UtilCodec.SimpleEncoder simpleEncoder = FreeMarkerWorker.
getWrappedObject("simpleEncoder", env);
if (simpleEncoder != null) {
stackTrace = simpleEncoder.encode(stackTrace);
}
Modified: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/
StringUtilTests.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/
src/org/ofbiz/base/util/test/StringUtilTests.java?rev=
1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/StringUtilTests.java
(original)
+++
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/StringUtilTests.java
Mon Dec 29 18:24:57 2014
@@ -18,8 +18,6 @@
************************************************************
*******************/
package org.ofbiz.base.util.test;
-import java.util.ArrayList;
-import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
@@ -53,18 +51,6 @@ public class StringUtilTests extends Gen
assertTrue("correct INSTANCE", StringUtil.INSTANCE instanceof
StringUtil);
}
- private static void encoderTest(String label,
StringUtil.SimpleEncoder encoder, String wanted, String toEncode) {
- assertNull(label + "(encoder):null", encoder.encode(null));
- assertEquals(label + "(encoder):encode", wanted,
encoder.encode(toEncode));
- }
-
- public void testGetEncoder() {
- encoderTest("string", StringUtil.getEncoder("string"),
"abc\\\"def", "abc\"def");
- encoderTest("xml", StringUtil.getEncoder("xml"),
"<>'"", "<>'\"");
- encoderTest("html", StringUtil.getEncoder("html"),
"<>'"", "<>'\"");
- assertNull("invalid encoder",
StringUtil.getEncoder("foobar"));
- }
-
public void testInternString() {
assertSame("intern-constant", StringUtil.internString("foo"),
StringUtil.internString("foo"));
assertSame("intern-new", StringUtil.internString("foo"),
StringUtil.internString(new String("foo")));
@@ -283,26 +269,6 @@ public class StringUtilTests extends Gen
assertEquals("all converions", "one && two || three > four >=
five < six <= seven", StringUtil.convertOperatorSubstitutions("one @and
two @or three @gt four @gteq five @lt six @lteq seven"));
}
- private static void checkStringForHtmlStrictNone_test(String
label,
String fixed, String input, String... wantedMessages) {
- List<String> gottenMessages = new ArrayList<String>();
- assertEquals(label, fixed, StringUtil.
checkStringForHtmlStrictNone(label, input, gottenMessages));
- assertEquals(label, Arrays.asList(wantedMessages),
gottenMessages);
- }
-
- public void testCheckStringForHtmlStrictNone() {
- checkStringForHtmlStrictNone_test("null pass-thru", null,
null);
- checkStringForHtmlStrictNone_test("empty pass-thru", "", "");
- checkStringForHtmlStrictNone_test("o-numeric-encode", "foo",
"foo");
- checkStringForHtmlStrictNone_test("o-hex-encode", "foo",
"f%6fo");
- checkStringForHtmlStrictNone_test("o-double-hex-encode",
"foo",
"f%256fo");
- checkStringForHtmlStrictNone_test("<-not-allowed", "f<oo",
"f<oo", "In field [<-not-allowed] less-than (<) and greater-than (>)
symbols are not allowed.");
- checkStringForHtmlStrictNone_test(">-not-allowed", "f>oo",
"f>oo", "In field [>-not-allowed] less-than (<) and greater-than (>)
symbols are not allowed.");
- checkStringForHtmlStrictNone_test("high-ascii", "fÀ®",
"f%C0%AE");
- // this looks like a bug, namely the extra trailing ;
- checkStringForHtmlStrictNone_test("double-ampersand",
"f\";oo",
"f%26quot%3boo");
- checkStringForHtmlStrictNone_test("double-encoding",
"%2%353Cscript", "%2%353Cscript", "In field [double-encoding] found
character escaping (mixed or double) that is not allowed or other
format
consistency error: org.owasp.esapi.errors.IntrusionException: Input
validation failure");
- }
-
public void testCollapseNewlines() {
}
Added: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/
UtilCodecTests.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/
src/org/ofbiz/base/util/test/UtilCodecTests.java?rev=1648403&view=auto
============================================================
==================
---
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilCodecTests.java
(added)
+++
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilCodecTests.java
Mon Dec 29 18:24:57 2014
@@ -0,0 +1,64 @@
+/**********************************************************
*********************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ ************************************************************
*******************/
+package org.ofbiz.base.util.test;
+
+import org.ofbiz.base.test.GenericTestCaseBase;
+import org.ofbiz.base.util.UtilCodec;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.List;
+
+public class UtilCodecTests extends GenericTestCaseBase {
+ public UtilCodecTests(String name) {
+ super(name);
+ }
+
+ private static void encoderTest(String label,
UtilCodec.SimpleEncoder encoder, String wanted, String toEncode) {
+ assertNull(label + "(encoder):null", encoder.encode(null));
+ assertEquals(label + "(encoder):encode", wanted,
encoder.encode(toEncode));
+ }
+
+ public void testGetEncoder() {
+ encoderTest("string", UtilCodec.getEncoder("string"),
"abc\\\"def", "abc\"def");
+ encoderTest("xml", UtilCodec.getEncoder("xml"),
"<>'"", "<>'\"");
+ encoderTest("html", UtilCodec.getEncoder("html"),
"<>'"", "<>'\"");
+ assertNull("invalid encoder", UtilCodec.getEncoder("foobar"));
+ }
+ private static void checkStringForHtmlStrictNone_test(String
label,
String fixed, String input, String... wantedMessages) {
+ List<String> gottenMessages = new ArrayList<String>();
+ assertEquals(label, fixed, UtilCodec.
checkStringForHtmlStrictNone(label, input, gottenMessages));
+ assertEquals(label, Arrays.asList(wantedMessages),
gottenMessages);
+ }
+
+ public void testCheckStringForHtmlStrictNone() {
+ checkStringForHtmlStrictNone_test("null pass-thru", null,
null);
+ checkStringForHtmlStrictNone_test("empty pass-thru", "", "");
+ checkStringForHtmlStrictNone_test("o-numeric-encode", "foo",
"foo");
+ checkStringForHtmlStrictNone_test("o-hex-encode", "foo",
"f%6fo");
+ checkStringForHtmlStrictNone_test("o-double-hex-encode",
"foo",
"f%256fo");
+ checkStringForHtmlStrictNone_test("<-not-allowed", "f<oo",
"f<oo", "In field [<-not-allowed] less-than (<) and greater-than (>)
symbols are not allowed.");
+ checkStringForHtmlStrictNone_test(">-not-allowed", "f>oo",
"f>oo", "In field [>-not-allowed] less-than (<) and greater-than (>)
symbols are not allowed.");
+ checkStringForHtmlStrictNone_test("high-ascii", "fÀ®",
"f%C0%AE");
+ // this looks like a bug, namely the extra trailing ;
+ checkStringForHtmlStrictNone_test("double-ampersand",
"f\";oo",
"f%26quot%3boo");
+ checkStringForHtmlStrictNone_test("double-encoding",
"%2%353Cscript", "%2%353Cscript", "In field [double-encoding] found
character escaping (mixed or double) that is not allowed or other
format
consistency error: org.owasp.esapi.errors.IntrusionException: Input
validation failure");
+ }
+
+}
Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/
UtilCodecTests.java
------------------------------------------------------------
------------------
svn:eol-style = native
Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/
UtilCodecTests.java
------------------------------------------------------------
------------------
svn:keywords = Date Rev Author URL Id
Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/
UtilCodecTests.java
------------------------------------------------------------
------------------
svn:mime-type = text/plain
Added: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/
UtilHttpTests.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/
src/org/ofbiz/base/util/test/UtilHttpTests.java?rev=1648403&view=auto
============================================================
==================
---
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilHttpTests.java
(added)
+++
ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/UtilHttpTests.java
Mon Dec 29 18:24:57 2014
@@ -0,0 +1,30 @@
+/**********************************************************
*********************
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ ************************************************************
*******************/
+package org.ofbiz.base.util.test;
+
+import org.ofbiz.base.test.GenericTestCaseBase;
+
+public class UtilHttpTests extends GenericTestCaseBase {
+ public UtilHttpTests(String name) {
+ super(name);
+ }
+
+ public void testGetParameterMap() throws Exception {
+ }
+}
Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/
UtilHttpTests.java
------------------------------------------------------------
------------------
svn:eol-style = native
Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/
UtilHttpTests.java
------------------------------------------------------------
------------------
svn:keywords = Date Rev Author URL Id
Propchange: ofbiz/trunk/framework/base/src/org/ofbiz/base/util/test/
UtilHttpTests.java
------------------------------------------------------------
------------------
svn:mime-type = text/plain
Modified: ofbiz/trunk/framework/base/testdef/basetests.xml
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/base/
testdef/basetests.xml?rev=1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
--- ofbiz/trunk/framework/base/testdef/basetests.xml (original)
+++ ofbiz/trunk/framework/base/testdef/basetests.xml Mon Dec 29
18:24:57
2014
@@ -23,9 +23,14 @@
xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/
test-suite.xsd">
<test-group case-name="basetests">
<junit-test-suite class-name="org.ofbiz.base.lang.test.
ComparableRangeTests"/>
+ <junit-test-suite class-name="org.ofbiz.base.
util.test.AssertTests"/>
<junit-test-suite class-name="org.ofbiz.base.util.test.
IndentingWriterTests"/>
<junit-test-suite class-name="org.ofbiz.base.
util.test.ObjectTypeTests"/>
+ <!--junit-test-suite class-name="org.ofbiz.base.util.test.
ReferenceCleanerTests"/-->
<junit-test-suite class-name="org.ofbiz.base.
util.test.UtilObjectTests"/>
+ <junit-test-suite class-name="org.ofbiz.base.
util.test.StringUtilTests"/>
+ <junit-test-suite class-name="org.ofbiz.base.
util.test.UtilHttpTests"/>
+ <junit-test-suite class-name="org.ofbiz.base.
util.test.UtilCodecTests"/>
<junit-test-suite class-name="org.ofbiz.base.util.string.test.
FlexibleStringExpanderTests"/>
<junit-test-suite class-name="org.ofbiz.base.
util.collections.test.FlexibleMapAccessorTests"/>
<junit-test-suite class-name="org.ofbiz.base.
util.test.TimeDurationTests"/>
Modified: ofbiz/trunk/framework/common/src/org/ofbiz/common/
CommonServices.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/common/
src/org/ofbiz/common/CommonServices.java?rev=
1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/common/src/org/ofbiz/common/CommonServices.java
(original)
+++
ofbiz/trunk/framework/common/src/org/ofbiz/common/CommonServices.java
Mon Dec 29 18:24:57 2014
@@ -46,7 +46,7 @@ import javax.mail.internet.MimeMessage;
import org.ofbiz.base.metrics.Metrics;
import org.ofbiz.base.metrics.MetricsFactory;
import org.ofbiz.base.util.Debug;
-import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilDateTime;
import org.ofbiz.base.util.UtilMisc;
import org.ofbiz.base.util.UtilProperties;
@@ -539,7 +539,7 @@ public class CommonServices {
public static Map<String, Object> resetMetric(DispatchContext
dctx,
Map<String, ?> context) {
String originalName = (String) context.get("name");
- String name =
StringUtil.getDecoder("url").decode(originalName);
+ String name =
UtilCodec.getDecoder("url").decode(originalName);
if (name == null) {
return ServiceUtil.returnError("Exception thrown while
decoding metric name \"" + originalName + "\"");
}
Modified: ofbiz/trunk/framework/service/src/org/ofbiz/service/
ModelService.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/service/
src/org/ofbiz/service/ModelService.java?rev=1648403&
r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelService.java
(original)
+++
ofbiz/trunk/framework/service/src/org/ofbiz/service/ModelService.java
Mon Dec 29 18:24:57 2014
@@ -63,7 +63,7 @@ import org.ofbiz.base.metrics.Metrics;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.GeneralException;
import org.ofbiz.base.util.ObjectType;
-import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilMisc;
import org.ofbiz.base.util.UtilProperties;
import org.ofbiz.base.util.UtilValidate;
@@ -584,7 +584,7 @@ public class ModelService extends Abstra
if (context.get(modelParam.name) != null &&
("String".equals(modelParam.type) || "java.lang.String".equals(
modelParam.type))
&& !"any".equals(modelParam.allowHtml) &&
("INOUT".equals(modelParam.mode) || "IN".equals(modelParam.mode))) {
String value = (String)
context.get(modelParam.name);
-
StringUtil.checkStringForHtmlStrictNone(modelParam.name,
value, errorMessageList);
+
UtilCodec.checkStringForHtmlStrictNone(modelParam.name,
value, errorMessageList);
}
}
if (errorMessageList.size() > 0) {
Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/
ControlServlet.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/
src/org/ofbiz/webapp/control/ControlServlet.java?rev=
1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java
(original)
+++
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/ControlServlet.java
Mon Dec 29 18:24:57 2014
@@ -32,7 +32,7 @@ import javax.servlet.http.HttpSession;
import org.apache.bsf.BSFManager;
import org.ofbiz.base.util.Debug;
-import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilGenerics;
import org.ofbiz.base.util.UtilHttp;
import org.ofbiz.base.util.UtilTimer;
@@ -217,8 +217,7 @@ public class ControlServlet extends Http
if (Debug.verboseOn()) Debug.logVerbose(throwable,
module);
} else {
Debug.logError(throwable, "Error in request handler:
",
module);
- StringUtil.HtmlEncoder encoder = new
StringUtil.HtmlEncoder();
- request.setAttribute("_ERROR_MESSAGE_",
encoder.encode(throwable.toString()));
+ request.setAttribute("_ERROR_MESSAGE_",
UtilCodec.getEncoder("html").encode(throwable.toString()));
errorPage = requestHandler.
getDefaultErrorPage(request);
}
} catch (RequestHandlerExceptionAllowExternalRequests e) {
@@ -226,8 +225,7 @@ public class ControlServlet extends Http
Debug.logInfo("Going to external page: " +
request.getPathInfo(), module);
} catch (Exception e) {
Debug.logError(e, "Error in request handler: ", module);
- StringUtil.HtmlEncoder encoder = new
StringUtil.HtmlEncoder();
- request.setAttribute("_ERROR_MESSAGE_",
encoder.encode(e.toString()));
+ request.setAttribute("_ERROR_MESSAGE_",
UtilCodec.getEncoder("html").encode(e.toString()));
errorPage = requestHandler.getDefaultErrorPage(request);
}
Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/
RequestHandler.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/
src/org/ofbiz/webapp/control/RequestHandler.java?rev=
1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
(original)
+++
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/control/RequestHandler.java
Mon Dec 29 18:24:57 2014
@@ -40,6 +40,7 @@ import org.ofbiz.base.start.Start;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.SSLUtil;
import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilFormatOut;
import org.ofbiz.base.util.UtilGenerics;
import org.ofbiz.base.util.UtilHttp;
@@ -1115,11 +1116,11 @@ public class RequestHandler {
if (queryString.length() > 1) {
queryString.append("&");
}
- String encodedName = StringUtil.getEncoder("url").
encode(name);
+ String encodedName = UtilCodec.getEncoder("url").
encode(name);
if (encodedName != null) {
queryString.append(encodedName);
queryString.append("=");
-
queryString.append(StringUtil.getEncoder("url").encode(
value));
+ queryString.append(UtilCodec.getEncoder("url").encode(
value));
}
}
}
Modified: ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/
OfbizContentTransform.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/webapp/
src/org/ofbiz/webapp/ftl/OfbizContentTransform.java?
rev=1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java
(original)
+++
ofbiz/trunk/framework/webapp/src/org/ofbiz/webapp/ftl/OfbizContentTransform.java
Mon Dec 29 18:24:57 2014
@@ -25,7 +25,7 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import org.ofbiz.base.util.Debug;
-import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilValidate;
import org.ofbiz.webapp.taglib.ContentUrlTag;
@@ -92,7 +92,7 @@ public class OfbizContentTransform imple
return;
}
- requestUrl = StringUtil.getDecoder("url").
decode(requestUrl);
+ requestUrl = UtilCodec.getDecoder("url").
decode(requestUrl);
// make the link
StringBuilder newURL = new StringBuilder();
Modified: ofbiz/trunk/framework/webtools/src/org/ofbiz/
webtools/labelmanager/LabelManagerFactory.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/
webtools/src/org/ofbiz/webtools/labelmanager/
LabelManagerFactory.java?rev=1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/webtools/src/org/ofbiz/webtools/labelmanager/LabelManagerFactory.java
(original)
+++
ofbiz/trunk/framework/webtools/src/org/ofbiz/webtools/labelmanager/LabelManagerFactory.java
Mon Dec 29 18:24:57 2014
@@ -37,7 +37,7 @@ import org.ofbiz.base.component.Componen
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.FileUtil;
import org.ofbiz.base.util.GeneralException;
-import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilValidate;
import org.ofbiz.base.util.UtilXml;
import org.w3c.dom.Comment;
@@ -123,7 +123,7 @@ public class LabelManagerFactory {
for (Node propertyNode :
UtilXml.childNodeList(resourceElem.getFirstChild()))
{
if (propertyNode instanceof Element) {
Element propertyElem = (Element) propertyNode;
- String labelKey = StringUtil.canonicalize(
propertyElem.getAttribute("key"));
+ String labelKey = UtilCodec.canonicalize(
propertyElem.getAttribute("key"));
String labelComment = "";
for (Node valueNode :
UtilXml.childNodeList(propertyElem.getFirstChild()))
{
if (valueNode instanceof Element) {
@@ -134,7 +134,7 @@ public class LabelManagerFactory {
if( localeName.contains("_")) {
localeName = localeName.replace('_',
'-');
}
- String labelValue =
StringUtil.canonicalize(
UtilXml.nodeValue(valueElem.getFirstChild()));
+ String labelValue =
UtilCodec.canonicalize(
UtilXml.nodeValue(valueElem.getFirstChild()));
LabelInfo label = labels.get(labelKey +
keySeparator + fileInfo.getFileName());
if (UtilValidate.isEmpty(label)) {
@@ -148,12 +148,12 @@ public class LabelManagerFactory {
localesFound.add(localeName);
labelComment = "";
} else if (valueNode instanceof Comment) {
- labelComment = labelComment +
StringUtil.canonicalize(valueNode.getNodeValue());
+ labelComment = labelComment +
UtilCodec.canonicalize(valueNode.getNodeValue());
}
}
labelKeyComment = "";
} else if (propertyNode instanceof Comment) {
- labelKeyComment = labelKeyComment +
StringUtil.canonicalize(propertyNode.getNodeValue());
+ labelKeyComment = labelKeyComment +
UtilCodec.canonicalize(propertyNode.getNodeValue());
}
}
}
Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/
WidgetWorker.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/
src/org/ofbiz/widget/WidgetWorker.java?rev=1648403&
r1=1648402&r2=1648403&view=diff
============================================================
==================
--- ofbiz/trunk/framework/widget/src/org/ofbiz/widget/WidgetWorker.java
(original)
+++ ofbiz/trunk/framework/widget/src/org/ofbiz/widget/WidgetWorker.java
Mon Dec 29 18:24:57 2014
@@ -36,7 +36,7 @@ import javax.servlet.http.HttpServletReq
import javax.servlet.http.HttpServletResponse;
import org.ofbiz.base.util.Debug;
-import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilDateTime;
import org.ofbiz.base.util.UtilGenerics;
import org.ofbiz.base.util.UtilHttp;
@@ -71,7 +71,7 @@ public class WidgetWorker {
// We may get an encoded request like:
/projectmgr/control/EditTaskContents?
workEffortId=10003
// Try to reducing a possibly encoded string down to its
simplest form: /projectmgr/control/EditTaskContents?workEffortId=10003
// This step make sure the following appending
externalLoginKey
operation to work correctly
- localRequestName = StringUtil.canonicalize(localRequestName);
+ localRequestName = UtilCodec.canonicalize(localRequestName);
Appendable localWriter = new StringWriter();
if ("intra-app".equals(targetType)) {
@@ -143,7 +143,7 @@ public class WidgetWorker {
}
externalWriter.append(parameter.getKey());
externalWriter.append('=');
- StringUtil.SimpleEncoder simpleEncoder =
(StringUtil.SimpleEncoder) context.get("simpleEncoder");
+ UtilCodec.SimpleEncoder simpleEncoder =
(UtilCodec.SimpleEncoder) context.get("simpleEncoder");
if (simpleEncoder != null && parameterValue != null) {
externalWriter.append(simpleEncoder.encode(
URLEncoder.encode(parameterValue, Charset.forName("UTF-8").
displayName())));
} else {
@@ -300,7 +300,7 @@ public class WidgetWorker {
writer.append("<input name=\"");
writer.append(parameter.getKey());
writer.append("\" value=\"");
- writer.append(StringUtil.getEncoder("html").encode(
parameter.getValue()));
+ writer.append(UtilCodec.getEncoder("html").encode(
parameter.getValue()));
writer.append("\" type=\"hidden\"/>");
}
}
Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/
MacroFormRenderer.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/
src/org/ofbiz/widget/form/MacroFormRenderer.java?rev=
1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/MacroFormRenderer.java
(original)
+++
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/MacroFormRenderer.java
Mon Dec 29 18:24:57 2014
@@ -40,6 +40,7 @@ import javax.servlet.http.HttpServletRes
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilFormatOut;
import org.ofbiz.base.util.UtilGenerics;
import org.ofbiz.base.util.UtilHttp;
@@ -75,7 +76,6 @@ import org.ofbiz.widget.form.ModelFormFi
import org.ofbiz.widget.form.ModelFormField.TextField;
import org.ofbiz.widget.form.ModelFormField.TextFindField;
import org.ofbiz.widget.form.ModelFormField.TextareaField;
-import org.ofbiz.widget.form.ModelFormFieldBuilder;
import org.ofbiz.widget.screen.ModelScreenWidget;
import com.ibm.icu.util.Calendar;
@@ -93,7 +93,7 @@ public final class MacroFormRenderer imp
public static final String module = MacroFormRenderer.class.
getName();
private final Template macroLibrary;
private final WeakHashMap<Appendable, Environment> environments =
new WeakHashMap<Appendable, Environment>();
- private final StringUtil.SimpleEncoder internalEncoder;
+ private final UtilCodec.SimpleEncoder internalEncoder;
private final RequestHandler rh;
private final HttpServletRequest request;
private final HttpServletResponse response;
@@ -108,7 +108,7 @@ public final class MacroFormRenderer imp
ServletContext ctx = (ServletContext) request.getAttribute("
servletContext");
this.rh = (RequestHandler) ctx.getAttribute("_REQUEST_
HANDLER_");
this.javaScriptEnabled =
UtilHttp.isJavaScriptEnabled(request);
- internalEncoder = StringUtil.getEncoder("string");
+ internalEncoder = UtilCodec.getEncoder("string");
}
@Deprecated
@@ -158,7 +158,7 @@ public final class MacroFormRenderer imp
if (UtilValidate.isEmpty(value)) {
return value;
}
- StringUtil.SimpleEncoder encoder = (StringUtil.SimpleEncoder)
context.get("simpleEncoder");
+ UtilCodec.SimpleEncoder encoder = (UtilCodec.SimpleEncoder)
context.get("simpleEncoder");
if (modelFormField.getEncodeOutput() && encoder != null) {
value = encoder.encode(value);
} else {
@@ -3088,7 +3088,7 @@ public final class MacroFormRenderer imp
parameters.append(parameter.getName());
parameters.append("'");
parameters.append(",'value':'");
- parameters.append(StringUtil.getEncoder("html").encode(
parameter.getValue(context)));
+ parameters.append(UtilCodec.getEncoder("html").encode(
parameter.getValue(context)));
parameters.append("'}");
}
parameters.append("]");
Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/
ModelForm.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/
src/org/ofbiz/widget/form/ModelForm.java?rev=1648403&r1=
1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ModelForm.java
(original)
+++
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ModelForm.java
Mon Dec 29 18:24:57 2014
@@ -34,6 +34,7 @@ import java.util.concurrent.atomic.Atomi
import org.ofbiz.base.util.BshUtil;
import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilGenerics;
import org.ofbiz.base.util.UtilProperties;
import org.ofbiz.base.util.UtilValidate;
@@ -1515,9 +1516,9 @@ public class ModelForm extends ModelWidg
*/
public String getTarget(Map<String, Object> context, String
targetType) {
Map<String, Object> expanderContext = context;
- StringUtil.SimpleEncoder simpleEncoder =
(StringUtil.SimpleEncoder) context.get("simpleEncoder");
+ UtilCodec.SimpleEncoder simpleEncoder =
(UtilCodec.SimpleEncoder) context.get("simpleEncoder");
if (simpleEncoder != null) {
- expanderContext = StringUtil.HtmlEncodingMapWrapper.
getHtmlEncodingMapWrapper(context, simpleEncoder);
+ expanderContext = UtilCodec.HtmlEncodingMapWrapper.
getHtmlEncodingMapWrapper(context, simpleEncoder);
}
try {
// use the same Interpreter (ie with the same context
setup) for all evals
Modified: ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/
ModelFormField.java
URL: http://svn.apache.org/viewvc/ofbiz/trunk/framework/widget/
src/org/ofbiz/widget/form/ModelFormField.java?rev=
1648403&r1=1648402&r2=1648403&view=diff
============================================================
==================
---
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ModelFormField.java
(original)
+++
ofbiz/trunk/framework/widget/src/org/ofbiz/widget/form/ModelFormField.java
Mon Dec 29 18:24:57 2014
@@ -42,6 +42,7 @@ import org.ofbiz.base.util.Debug;
import org.ofbiz.base.util.GeneralException;
import org.ofbiz.base.util.ObjectType;
import org.ofbiz.base.util.StringUtil;
+import org.ofbiz.base.util.UtilCodec;
import org.ofbiz.base.util.UtilDateTime;
import org.ofbiz.base.util.UtilFormatOut;
import org.ofbiz.base.util.UtilGenerics;
@@ -343,7 +344,7 @@ public class ModelFormField {
}
if (this.getEncodeOutput() && returnValue != null) {
- StringUtil.SimpleEncoder simpleEncoder =
(StringUtil.SimpleEncoder) context.get("simpleEncoder");
+ UtilCodec.SimpleEncoder simpleEncoder =
(UtilCodec.SimpleEncoder) context.get("simpleEncoder");
if (simpleEncoder != null)
returnValue = simpleEncoder.encode(returnValue);
}
@@ -602,7 +603,7 @@ public class ModelFormField {
if (UtilValidate.isNotEmpty(tooltip))
tooltipString = tooltip.expandString(context);
if (this.getEncodeOutput()) {
- StringUtil.SimpleEncoder simpleEncoder =
(StringUtil.SimpleEncoder) context.get("simpleEncoder");
+ UtilCodec.SimpleEncoder simpleEncoder =
(UtilCodec.SimpleEncoder) context.get("
...
