Hello Edmond,

It seems you accidentally re-format license header ...

On Fri, 13 Mar 2020 at 15:44, <papega...@apache.org> wrote:
>
> This is an automated email from the ASF dual-hosted git repository.
>
> papegaaij pushed a commit to branch master
> in repository https://gitbox.apache.org/repos/asf/wicket.git
>
>
> The following commit(s) were added to refs/heads/master by this push:
>      new 1619809  WICKET-6727: only render CSP on RenderPageRequestHandler
> 1619809 is described below
>
> commit 16198099d8a965f17c85d2de7a6dce36b000ec26
> Author: Emond Papegaaij <emond.papega...@topicus.nl>
> AuthorDate: Fri Mar 13 09:44:36 2020 +0100
>
>     WICKET-6727: only render CSP on RenderPageRequestHandler
> ---
>  .../apache/wicket/csp/CSPRequestCycleListener.java |  8 +--
>  .../apache/wicket/examples/csp/NonceDemoPage.html  |  1 +
>  .../apache/wicket/examples/csp/NonceDemoPage.java  | 71 
> ++++++++++++----------
>  3 files changed, 45 insertions(+), 35 deletions(-)
>
> diff --git 
> a/wicket-core/src/main/java/org/apache/wicket/csp/CSPRequestCycleListener.java
>  
> b/wicket-core/src/main/java/org/apache/wicket/csp/CSPRequestCycleListener.java
> index f0acc52..3250174 100644
> --- 
> a/wicket-core/src/main/java/org/apache/wicket/csp/CSPRequestCycleListener.java
> +++ 
> b/wicket-core/src/main/java/org/apache/wicket/csp/CSPRequestCycleListener.java
> @@ -16,8 +16,8 @@
>   */
>  package org.apache.wicket.csp;
>
> -import org.apache.wicket.core.request.handler.BufferedResponseRequestHandler;
>  import org.apache.wicket.core.request.handler.IPageClassRequestHandler;
> +import org.apache.wicket.core.request.handler.RenderPageRequestHandler;
>  import org.apache.wicket.request.IRequestHandler;
>  import org.apache.wicket.request.IRequestHandlerDelegate;
>  import org.apache.wicket.request.cycle.IRequestCycleListener;
> @@ -81,11 +81,11 @@ public class CSPRequestCycleListener implements 
> IRequestCycleListener
>                 {
>                         return 
> mustProtect(((IRequestHandlerDelegate)handler).getDelegateHandler());
>                 }
> -               if (handler instanceof IPageClassRequestHandler)
> +               if (handler instanceof RenderPageRequestHandler)
>                 {
> -                       return 
> settings.mustProtectPageRequest((IPageClassRequestHandler)handler);
> +                       return 
> settings.mustProtectPageRequest((RenderPageRequestHandler)handler);
>                 }
> -               return !(handler instanceof BufferedResponseRequestHandler);
> +               return false;
>         }
>
>  }
> diff --git 
> a/wicket-examples/src/main/java/org/apache/wicket/examples/csp/NonceDemoPage.html
>  
> b/wicket-examples/src/main/java/org/apache/wicket/examples/csp/NonceDemoPage.html
> index 32549a7..d22b416 100644
> --- 
> a/wicket-examples/src/main/java/org/apache/wicket/examples/csp/NonceDemoPage.html
> +++ 
> b/wicket-examples/src/main/java/org/apache/wicket/examples/csp/NonceDemoPage.html
> @@ -13,6 +13,7 @@
>      <p></p>
>      <button wicket:id="clickMe"><wicket:message key="clickMe" /></button>
>      <div class="click-me-text">Click a button above to replace this 
> text</div>
> +    <div wicket:id="blacktext">This text will stay black even though 
> color:red is added by the button above</div>
>      <div><wicket:message key="clickMeCount" /> <span 
> wicket:id="clickMeCount"></span></div>
>      <p></p>
>      <div wicket:id="delayedVisible" class="delayed-visible">This delayed 
> shown text should be green and bold</div>
> diff --git 
> a/wicket-examples/src/main/java/org/apache/wicket/examples/csp/NonceDemoPage.java
>  
> b/wicket-examples/src/main/java/org/apache/wicket/examples/csp/NonceDemoPage.java
> index dce8079..4fe81b0 100644
> --- 
> a/wicket-examples/src/main/java/org/apache/wicket/examples/csp/NonceDemoPage.java
> +++ 
> b/wicket-examples/src/main/java/org/apache/wicket/examples/csp/NonceDemoPage.java
> @@ -1,21 +1,16 @@
>  /*
> - * Licensed to the Apache Software Foundation (ASF) under one or more
> - * contributor license agreements.  See the NOTICE file distributed with
> - * this work for additional information regarding copyright ownership.
> - * The ASF licenses this file to You under the Apache License, Version 2.0
> - * (the "License"); you may not use this file except in compliance with
> - * the License.  You may obtain a copy of the License at
> - *
> - *      http://www.apache.org/licenses/LICENSE-2.0
> - *
> - * Unless required by applicable law or agreed to in writing, software
> - * distributed under the License is distributed on an "AS IS" BASIS,
> - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
> - * See the License for the specific language governing permissions and
> - * limitations under the License.
> + * Licensed to the Apache Software Foundation (ASF) under one or more 
> contributor license
> + * agreements. See the NOTICE file distributed with this work for additional 
> information regarding
> + * copyright ownership. The ASF licenses this file to You under the Apache 
> License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance with the 
> License. You may obtain a
> + * copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless 
> required by applicable
> + * law or agreed to in writing, software distributed under the License is 
> distributed on an "AS IS"
> + * BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 
> implied. See the License
> + * for the specific language governing permissions and limitations under the 
> License.
>   */
>  package org.apache.wicket.examples.csp;
>
> +import org.apache.wicket.AttributeModifier;
>  import org.apache.wicket.ajax.AjaxRequestTarget;
>  import org.apache.wicket.ajax.markup.html.AjaxLink;
>  import org.apache.wicket.examples.WicketExamplePage;
> @@ -35,10 +30,13 @@ import 
> org.apache.wicket.request.resource.ResourceReference;
>   */
>  public class NonceDemoPage extends WicketExamplePage
>  {
> -
> -       private static final ResourceReference JS_DELAYED = new 
> JavaScriptResourceReference(NonceDemoPage.class, "delayedVisible.js");
> -       private static final ResourceReference CSS_DELAYED = new 
> CssResourceReference(NonceDemoPage.class, "delayedVisible.css");
> -
> +
> +       private static final ResourceReference JS_DELAYED =
> +               new JavaScriptResourceReference(NonceDemoPage.class, 
> "delayedVisible.js");
> +
> +       private static final ResourceReference CSS_DELAYED =
> +               new CssResourceReference(NonceDemoPage.class, 
> "delayedVisible.css");
> +
>         private final IModel<Integer> clickMeCountModel = Model.of(0);
>
>         public NonceDemoPage()
> @@ -50,13 +48,16 @@ public class NonceDemoPage extends WicketExamplePage
>                 final Label clickMeCount = new Label("clickMeCount", 
> clickMeCountModel);
>                 clickMeCount.setOutputMarkupId(true);
>                 add(clickMeCount);
> -
> -               final WebMarkupContainer delayedVisible = new 
> WebMarkupContainer("delayedVisible") {
> +
> +               final WebMarkupContainer delayedVisible = new 
> WebMarkupContainer("delayedVisible")
> +               {
> +                       private static final long serialVersionUID = 1L;
> +
>                         @Override
>                         public void renderHead(IHeaderResponse response)
>                         {
>                                 super.renderHead(response);
> -
> +
>                                 
> response.render(JavaScriptHeaderItem.forReference(JS_DELAYED));
>                                 
> response.render(CssHeaderItem.forReference(CSS_DELAYED));
>                         }
> @@ -65,8 +66,14 @@ public class NonceDemoPage extends WicketExamplePage
>                 delayedVisible.setVisible(false);
>                 add(delayedVisible);
>
> +               WebMarkupContainer blacktext = new 
> WebMarkupContainer("blacktext");
> +               blacktext.setOutputMarkupId(true);
> +               add(blacktext);
> +
>                 add(new AjaxLink<String>("clickMe")
>                 {
> +                       private static final long serialVersionUID = 1L;
> +
>                         @Override
>                         public void onClick(AjaxRequestTarget target)
>                         {
> @@ -75,11 +82,15 @@ public class NonceDemoPage extends WicketExamplePage
>                                 // target.add (works even without unsafe-eval)
>                                 target.add(clickMeCount);
>
> -                               // append javascript (won't work without 
> unsafe-eval)
> -                               
> target.appendJavaScript("document.querySelector(\".click-me-text\").innerHTML 
> = \"replaced\";");
> -
> +                               // append javascript (works even without 
> unsafe-eval)
> +                               target.appendJavaScript(
> +                                       
> "document.querySelector(\".click-me-text\").innerHTML = \"replaced\";");
> +
>                                 delayedVisible.setVisible(true);
>                                 target.add(delayedVisible);
> +
> +                               
> blacktext.add(AttributeModifier.replace("style", "color: red"));
> +                               target.add(blacktext);
>                         }
>                 }.setOutputMarkupId(true));
>         }
> @@ -90,14 +101,12 @@ public class NonceDemoPage extends WicketExamplePage
>                 super.renderHead(response);
>                 // Add inline script with nonce
>                 response.render(JavaScriptHeaderItem.forScript(
> -                               
> "$(function(){$(\".test-nonce-script\").html(\"Text injected by script with 
> nonce: success\");});",
> -                               "test-nonce-script"
> -               ));
> +                       "$(function(){$(\".test-nonce-script\").html(\"Text 
> injected by script with nonce: success\");});",
> +                       "test-nonce-script"));
>                 // Add inline css with nonce
> -               response.render(CssHeaderItem.forCSS(
> -                               ".injected-style--with-nonce{color: green; 
> font-weight: bold;}",
> -                               "injected-style-with-nonce")
> -               );
> +               response.render(
> +                       
> CssHeaderItem.forCSS(".injected-style--with-nonce{color: green; font-weight: 
> bold;}",
> +                               "injected-style-with-nonce"));
>         }
>
>         @Override
>


-- 
WBR
Maxim aka solomax

Reply via email to