Hi Sven,
> IMHO filtering/decorating of header resources is an advanced topic, so I
> doubt many people are affect by these changes.
> I'll take a look at migration guide.
>
I agree.
After fixing the issue, all my CI tests pass and I did some exploratory
testing in my main application.
So if we can "document this issue away", +1 for releasing.
Thomas
On Fri, Oct 9, 2020 at 3:38 PM Sven Meier <s...@meiers.net> wrote:
> Thanks!
>
> We could argue whether your tests were valid then anyways :P
>
> IMHO filtering/decorating of header resources is an advanced topic, so I
> doubt many people are affect by these changes.
> I'll take a look at migration guide.
>
> Have fun
> Sven
>
>
> On 09.10.20 15:18, Thomas Heigl wrote:
> > Hi Sven,
> >
> > My unit test application was still applying a custom response decorator
> > like this:
> >
> > @Override
> >> protected void init() {
> > ....
> >
> > setHeaderResponseDecorator(new
> >> JavaScriptFilteredIntoFooterResponseDecorator());
> > }
> >
> >
> > setHeaderResponseDecorator now disables resource aggregation and
> > initialization of the application fails if CSP is enabled.
> >
> > Thomas
> >
> > On Fri, Oct 9, 2020 at 3:04 PM Andrea Del Bene <an.delb...@gmail.com>
> wrote:
> >
> >> Hi Thomas
> >>
> >> On Fri, Oct 9, 2020 at 2:30 PM Thomas Heigl <tho...@umschalt.com>
> wrote:
> >>
> >>> All my unit tests failed with the new release:
> >>>
> >>> java.lang.IllegalStateException: no resource aggregation
> >>>> at
> >>>>
> >>
> org.apache.wicket.markup.html.HeaderResponseDecoratorCollection.addPreResourceAggregationDecorator(HeaderResponseDecoratorCollection.java:84)
> >>>> at
> >>>>
> >>
> org.apache.wicket.csp.ContentSecurityPolicySettings.enforce(ContentSecurityPolicySettings.java:209)
> >>>> at
> >>>>
> >>
> org.apache.wicket.protocol.http.WebApplication.validateInit(WebApplication.java:784)
> >>>> at org.apache.wicket.Application.initApplication(Application.java:765)
> >>>> at
> >>>>
> >>
> org.apache.wicket.util.tester.BaseWicketTester.<init>(BaseWicketTester.java:326)
> >>>> at
> >>>>
> >>
> org.apache.wicket.util.tester.BaseWicketTester.<init>(BaseWicketTester.java:255)
> >>>> at
> >>>>
> >>
> org.apache.wicket.util.tester.BaseWicketTester.<init>(BaseWicketTester.java:228)
> >>>> at
> >>>
> org.apache.wicket.util.tester.WicketTester.<init>(WicketTester.java:199)
> >>>
> >>>
> >>> My unit test application was still using the deprecated
> >>> `Application.setHeaderResponseDecorator()`. I replaced it with
> >>> `Application.getHeaderResponseDecorators().add()` and it now works as
> >>> expected.
> >>>
> >>> I'm not sure how we should address this issue. Should the deprecated
> >> method
> >>> simply delegate to `getHeaderResponseDecorators().add()` instead of
> >>> replacing all decorators?
> >>>
> >>>
> >> This possible migration issue is part in the migration guide, although
> it
> >> has been added after the release of Wicket 9.0.0 when
> >> a user on StackOverflow reported a problem related to this API change
> (*).
> >> I agree with you when you say we should do something to avoid possible
> >> migration pitfalls, but instead of changing the current API behavior I'd
> >> prefer
> >> to simply add a warning message to setHeaderResponseDecorator in order
> to
> >> make users aware of this change.
> >>
> >> (*)
> >>
> >>
> https://stackoverflow.com/questions/63158243/wicket-9-usage-of-javascriptfilteredintofooterheaderresponse-seems-to-cause-tro/63161063
> >>
> >>
> >>> Thomas
> >>>
> >>> On Fri, Oct 9, 2020 at 10:59 AM Andrea Del Bene <an.delb...@gmail.com>
> >>> wrote:
> >>>
> >>>> +1 to release. Tested my main app
> >>>>
> >>>> On Thu, Oct 8, 2020 at 10:59 AM Maxim Solodovnik <
> solomax...@gmail.com
> >>>> wrote:
> >>>>
> >>>>> +1
> >>>>>
> >>>>> all my tests are passed :)
> >>>>>
> >>>>> On Thu, 8 Oct 2020 at 00:46, Andrea Del Bene <an.delb...@gmail.com>
> >>>> wrote:
> >>>>>> This is a vote to release Apache Wicket 9.1.0
> >>>>>>
> >>>>>> Please download the source distributions found in our staging area
> >>>>>> linked below.
> >>>>>>
> >>>>>> I have included the signatures for both the source archives. This
> >>> vote
> >>>>>> lasts for 72 hours minimum.
> >>>>>>
> >>>>>> [ ] Yes, release Apache Wicket 9.1.0
> >>>>>> [ ] No, don't release Apache Wicket 9.1.0, because ...
> >>>>>>
> >>>>>> Distributions, changelog, keys and signatures can be found at:
> >>>>>>
> >>>>>> https://dist.apache.org/repos/dist/dev/wicket/9.1.0
> >>>>>>
> >>>>>> Staging repository:
> >>>>>>
> >>>>>>
> >>
> https://repository.apache.org/content/repositories/orgapachewicket-1155/
> >>>>>> The binaries are available in the above link, as are a staging
> >>>>>> repository for Maven. Typically the vote is on the source, but
> >> should
> >>>>>> you find a problem with one of the binaries, please let me know, I
> >>> can
> >>>>>> re-roll them some way or the other.
> >>>>>>
> >>>>>> Staging git repository data:
> >>>>>>
> >>>>>> Repository: g...@github.com:bitstorm/wicket.git
> >>>>>> Branch: build/wicket-9.1.0
> >>>>>> Release tag: rel/wicket-9.1.0
> >>>>>>
> >>>>>>
> >>>>>>
> >> ========================================================================
> >>>>>> The signatures for the source release artefacts:
> >>>>>>
> >>>>>>
> >>>>>> Signature for apache-wicket-9.1.0.zip:
> >>>>>>
> >>>>>> -----BEGIN PGP SIGNATURE-----
> >>>>>>
> >>>>>> iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl99/FsACgkQh48B+qjT
> >>>>>> VuE0kQ//TmQc53B9FrAgSWV8BKFAtxzjAhQiFilWp1/5vLyLZFUYAraQ6DMoH2GR
> >>>>>> s2JMcbZJGmjplwG2Yy6LGXEksFV9wBTnEA4RGREV06K6ihx7Qm2zjgunZZSswZIr
> >>>>>> MuLQYMnrXmAM2Qs071b17a5k2Gkw1+CST51KwOUD7u5l7UZOvUcXRL1xTBemOZ9s
> >>>>>> RMbcbnjesxct3W2ASkGvULE7oHpBXrrDRHbv4mRFjWsSOjoasXJNtKJoUcoVtBnz
> >>>>>> xwMlN/dZTEJLlj7uG2jW5mqFj+vfWP01UE+XR2HlJmW54puErcGE4+/haAJdvlwe
> >>>>>> +rP2XNwAAD5rp3jIcpHerBOt7pruWEDhOwaydm0jJvsPh82SibKCmhnlJlxpdJE3
> >>>>>> udvMKvU/zcASLHOHZ33wF/JSvO9kCI4LHCEJfYICcNpTktpzNUrhMQkXOVTj3pGS
> >>>>>> vcFB6/rFWWHxaxtUZKJTCb2tcCN5LMIr1Thcyb5BUCC2ZN8PqNSjI9L6EtzG7Jyd
> >>>>>> PnkJiJayn6VUVr6WTP+UEVlqPvDTqg/yuhquQmYjz1uYPQS8lL5WpHUvQnmtiJ2S
> >>>>>> yAeHNJm+pJRxDgs9CIAhAToTM38y09Y/aM2T5R+iOI6u/tLovFWBS8YxUYkUdPHP
> >>>>>> /9YOBXan7Q1XqBz8W6nfsvrvtbZYhYfU0FOsxcgHK9pGbkxPWnA=
> >>>>>> =0JCC
> >>>>>> -----END PGP SIGNATURE-----
> >>>>>>
> >>>>>> Signature for apache-wicket-9.1.0.tar.gz:
> >>>>>>
> >>>>>> -----BEGIN PGP SIGNATURE-----
> >>>>>>
> >>>>>> iQIzBAABCgAdFiEE0a6YZHC1pJw+aieyh48B+qjTVuEFAl99/FsACgkQh48B+qjT
> >>>>>> VuE4vQ//ZAhCOuedc/LCKKTQU/uE/nF+i9PcCS/SsFVJbvoCzyVSoSQwQCYbM+E4
> >>>>>> kd8YYr8CG1PNpKMyxsNuBEG9ttR8ZCDfEKIVD727y2vLk9L5SefY6/dRanLO/cc0
> >>>>>> 1rGYwtMfJby//P/pXdjeG6Qta3FHb2AcZtIyzPTFFciIuebccUsM48UDU6HT3weN
> >>>>>> aKwgr5uUQVInVRV7pEGC0ziRMRkyYRStBLZNioR2BjCV7IxnWdeWTjapD9kAiY5H
> >>>>>> 2d1J0ItW/4mtohKWiem4JPX1HTf+U2d02qTq2i5ykDKfytoMUvFlIuP0kl7J5K/t
> >>>>>> NdfOzgcmMgZa+wjy0z46TEEdq63JdRu3Cpy3wkkTy9GF2+6UJdXQ1z9dbGbmNkTy
> >>>>>> 0WZWGf85s8rekJVwt66TUih6Mlcl1Fb57zOYndrkb/AHB1ehF90JIf/DqLdplfbS
> >>>>>> fFinL9Q7myeM2GM3uivmR6TF2ZvtCbGfiWQ4DKLTIXJYDsqxTDSDrroxk3j/P64h
> >>>>>> 1havxw/X45FZsMaoMX7xdVO5drK65LSLpea0OpkHPWr9x0OetI4iQssxpUcoAXj0
> >>>>>> OPPZ66Luci/Au9rodmP7bW5X5ttlXxSjkvLRgk2GibD3NpcJHrHLF1UWeDwH5XIJ
> >>>>>> Bsuw7X2vIgtzu2GCLHoudgGp9yQYXuxI5adnrC9Lyg+BeEQhc+U=
> >>>>>> =rzeT
> >>>>>> -----END PGP SIGNATURE-----
> >>>>>>
> >>>>>>
> >> ========================================================================
> >>>>>> CHANGELOG for 9.1.0:
> >>>>>>
> >>>>>> ** Bug
> >>>>>>
> >>>>>> * [WICKET-6702] - AsynchronousPageStore with
> >>>>>> NotDetachedModelChecker - "Not detached model found" exception on
> >>>>>> several fast sequential Ajax calls
> >>>>>> * [WICKET-6802] - FilePageStore writing to
> >>>>>> UserDefinedFileAttributeView might be null
> >>>>>> * [WICKET-6803] - wicket-objectsizeof-agent has no valid
> >>>> automatic
> >>>>>> module name
> >>>>>> * [WICKET-6806] - CSP header response decorator breaks
> >>>>>> JavaScriptFilteredIntoFooterHeaderResponse
> >>>>>> * [WICKET-6808] - Cannot add page to AjaxRequestTarget
> >>>>>> * [WICKET-6810] - Asynchronous+encrypted pagestore leads to
> >>>>>> WicketRuntimeException
> >>>>>> * [WICKET-6813] - Setting child-src does not update frame-src
> >>>> after
> >>>>>> initial assignment
> >>>>>> * [WICKET-6818] - NPE in WicketEndpoint onClose
> >>>>>> * [WICKET-6822] - AsynchronousPageStore Potential Memory Leak
> >>>>>> * [WICKET-6825] - wicket-ioc 9.0.0 throws IAE with JDK14,
> >> still
> >>>>>> includes outdated ASM 7.1.0 in cglib-nodep
> >>>>>> * [WICKET-6837] - Jupiter engine transitively included in war
> >>> file
> >>>>>> ** New Feature
> >>>>>>
> >>>>>> * [WICKET-6805] - Add Cross-Origin Opener Policy and
> >>> Cross-Origin
> >>>>>> Embedder Policy support
> >>>>>>
> >>>>>> ** Improvement
> >>>>>>
> >>>>>> * [WICKET-6786] - CsrfPreventionRequestCycleListener should
> >>>> support
> >>>>>> Fetch Metadata Request Headers
> >>>>>> * [WICKET-6807] - Fake Submitting Button
> >>>>>> * [WICKET-6821] - Completely disable CSP support
> >>>>>> * [WICKET-6824] - Use concatenation instead of String.format
> >> for
> >>>>>> frequently called methods
> >>>>>> * [WICKET-6826] - Improve performance and reduce allocations
> >> for
> >>>>>> Behaviors
> >>>>>> * [WICKET-6827] - Improve performance of Strings.join and
> >>>>>> Strings.replaceAll
> >>>>>> * [WICKET-6828] - Wrong tree branch icon with hidden children
> >>>>>> * [WICKET-6829] - Use String.isEmpty() instead of
> >> "".equals(...)
> >>>>>> * [WICKET-6830] - Convert Behaviors into a static utility
> >> class
> >>> to
> >>>>>> reduce allocations
> >>>>>> * [WICKET-6831] - Try to flush the response before detach
> >>>>>> * [WICKET-6833] - Reduce allocations when merging page
> >>> parameters
> >>>>>> * [WICKET-6835] - Improve performance of
> >>>>> AbstractMapper.getPlaceholder
> >>>>>> * [WICKET-6838] - Improve performance of Strings.split
> >>>>>>
> >>>>>>
> >>>>> --
> >>>>> Best regards,
> >>>>> Maxim
> >>>>>
> >>>>
> >>>> --
> >>>> Andrea Del Bene.
> >>>> Apache Wicket committer.
> >>>>
> >>
> >> --
> >> Andrea Del Bene.
> >> Apache Wicket committer.
> >>
>
