[jira] Commented: (JSPWIKI-351) Incorrect bundles specified in JSPs

[Janne Jalkanen (JIRA)]

    [ 
https://issues.apache.org/jira/browse/JSPWIKI-351?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12624258#action_12624258
 ] 

Janne Jalkanen commented on JSPWIKI-351:
----------------------------------------

Once we agree on the problem, the solution tends to become obvious :-).

Your solution sounds good, except that why can't we use @Validate with 
CoreResources?  Because Stripes assumes that *all* of the keys from the 
templates too are from a single resource file?

If I read the Stripes documentation right, template authors can still specify 
with <fmt:setBundle> which bundle their strings are coming from? I.e. Stripes 
does not override whatever the user wants, it just *defaults* in the absence in 
any other information.  If this is true with Stripes, then we actually have no 
issue, since we can contain the keys internally without having them to leak 
out. But this needs to be tested.

> Incorrect bundles specified in JSPs
> -----------------------------------
>
>                 Key: JSPWIKI-351
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-351
>             Project: JSPWiki
>          Issue Type: Bug
>          Components: Default template
>    Affects Versions: 2.8
>         Environment: All
>            Reporter: Andrew Jaquith
>             Fix For: 2.8
>
>   Original Estimate: 2h
>  Remaining Estimate: 2h
>
> i18n strings are improperly stored in CoreResources_*.properties, when they 
> should have been specified in templates/default_*.properties. The comments at 
> the top of CoreResources specifies that messages are for "JSPWiki internal 
> code, the so-called core code." But these JSPs all look up and use message 
> strings from CoreResources:
> * Comment.jsp
> * Install.jsp
> * LostPassword.jsp
> * NewGroup.jsp
> * Rename.jsp
> Example: 
>         // Weepy tears and hankies all 'round.
>         if( wikiSession.isAuthenticated() )
>         {
>             response.sendError( HttpServletResponse.SC_FORBIDDEN, 
> rb.getString("login.error.noaccess") );
>             return;
>         }
> This is clearly a template/JSP-level error message, NOT an internal error. 
> And similar kinds of code are sprinked all over the other JSPs.
> I recommend we consolidate default.properties and CoreResources.properties. 
> The easiest way would simply be to concatenate the files. Then, in 
> WikiContext.getBundle(), any requests for "CoreResources" could be simply 
> diverted to default.properties.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.