Author: tyrell
Date: Tue Jan 22 06:40:12 2008
New Revision: 12686
Log:
Fixing MASHUP-564. Now the mashup editor uses BASE64 encoding while
transmitting source code, which should prevent such mishaps.
Added:
trunk/mashup/java/modules/www/js/base64.js
Modified:
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupAdminService.java
trunk/mashup/java/modules/www/editor.jsp
trunk/mashup/java/modules/www/js/services.js
Modified:
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupAdminService.java
==============================================================================
---
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupAdminService.java
(original)
+++
trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupAdminService.java
Tue Jan 22 06:40:12 2008
@@ -49,6 +49,10 @@
try {
+ modifiedSource = new String(
+ new sun.misc.BASE64Decoder().decodeBuffer(modifiedSource),
+ "UTF-8");
+
String[] pathContents = path.split("/");
//Extracting the real path from the registry path provided
@@ -95,6 +99,10 @@
try {
+ modifiedSource = new String(
+ new sun.misc.BASE64Decoder().decodeBuffer(modifiedSource),
+ "UTF-8");
+
//Extracting the real path from the registry path provided
String[] pathContents = path.split("/");
path = "";
Modified: trunk/mashup/java/modules/www/editor.jsp
==============================================================================
--- trunk/mashup/java/modules/www/editor.jsp (original)
+++ trunk/mashup/java/modules/www/editor.jsp Tue Jan 22 06:40:12 2008
@@ -119,6 +119,7 @@
<script type="text/javascript" src="../wsasadmin/js/main.js"></script>
<script type="text/javascript" src="js/mashup-main.js"></script>
<script language="javascript" src="js/wso2/WSRequest.js"
type="text/javascript"></script>
+<script language="javascript" src="js/base64.js"
type="text/javascript"></script>
<script language="javascript" src="js/services.js"
type="text/javascript"></script>
<script language="javascript"
type="text/javascript">userLoggedOn =
<%=RegistryUtils.isLoggedIn(registry) %>;</script>
Added: trunk/mashup/java/modules/www/js/base64.js
==============================================================================
--- (empty file)
+++ trunk/mashup/java/modules/www/js/base64.js Tue Jan 22 06:40:12 2008
@@ -0,0 +1,143 @@
+/**
+*
+* Base64 encode / decode
+* http://www.webtoolkit.info/
+*
+**/
+
+var Base64 = {
+
+ // private property
+ _keyStr :
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",
+
+ // public method for encoding
+ encode : function (input) {
+ var output = "";
+ var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
+ var i = 0;
+
+ input = Base64._utf8_encode(input);
+
+ while (i < input.length) {
+
+ chr1 = input.charCodeAt(i++);
+ chr2 = input.charCodeAt(i++);
+ chr3 = input.charCodeAt(i++);
+
+ enc1 = chr1 >> 2;
+ enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
+ enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
+ enc4 = chr3 & 63;
+
+ if (isNaN(chr2)) {
+ enc3 = enc4 = 64;
+ } else if (isNaN(chr3)) {
+ enc4 = 64;
+ }
+
+ output = output +
+ this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
+ this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
+
+ }
+
+ return output;
+ },
+
+ // public method for decoding
+ decode : function (input) {
+ var output = "";
+ var chr1, chr2, chr3;
+ var enc1, enc2, enc3, enc4;
+ var i = 0;
+
+ input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
+
+ while (i < input.length) {
+
+ enc1 = this._keyStr.indexOf(input.charAt(i++));
+ enc2 = this._keyStr.indexOf(input.charAt(i++));
+ enc3 = this._keyStr.indexOf(input.charAt(i++));
+ enc4 = this._keyStr.indexOf(input.charAt(i++));
+
+ chr1 = (enc1 << 2) | (enc2 >> 4);
+ chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
+ chr3 = ((enc3 & 3) << 6) | enc4;
+
+ output = output + String.fromCharCode(chr1);
+
+ if (enc3 != 64) {
+ output = output + String.fromCharCode(chr2);
+ }
+ if (enc4 != 64) {
+ output = output + String.fromCharCode(chr3);
+ }
+
+ }
+
+ output = Base64._utf8_decode(output);
+
+ return output;
+
+ },
+
+ // private method for UTF-8 encoding
+ _utf8_encode : function (string) {
+ string = string.replace(/\r\n/g,"\n");
+ var utftext = "";
+
+ for (var n = 0; n < string.length; n++) {
+
+ var c = string.charCodeAt(n);
+
+ if (c < 128) {
+ utftext += String.fromCharCode(c);
+ }
+ else if((c > 127) && (c < 2048)) {
+ utftext += String.fromCharCode((c >> 6) | 192);
+ utftext += String.fromCharCode((c & 63) | 128);
+ }
+ else {
+ utftext += String.fromCharCode((c >> 12) | 224);
+ utftext += String.fromCharCode(((c >> 6) & 63)
| 128);
+ utftext += String.fromCharCode((c & 63) | 128);
+ }
+
+ }
+
+ return utftext;
+ },
+
+ // private method for UTF-8 decoding
+ _utf8_decode : function (utftext) {
+ var string = "";
+ var i = 0;
+ var c = c1 = c2 = 0;
+
+ while ( i < utftext.length ) {
+
+ c = utftext.charCodeAt(i);
+
+ if (c < 128) {
+ string += String.fromCharCode(c);
+ i++;
+ }
+ else if((c > 191) && (c < 224)) {
+ c2 = utftext.charCodeAt(i+1);
+ string += String.fromCharCode(((c & 31) << 6) |
(c2 & 63));
+ i += 2;
+ }
+ else {
+ c2 = utftext.charCodeAt(i+1);
+ c3 = utftext.charCodeAt(i+2);
+ string += String.fromCharCode(((c & 15) << 12)
| ((c2 & 63) << 6) | (c3 & 63));
+ i += 3;
+ }
+
+ }
+
+ return string;
+ }
+
+}
+
\ No newline at end of file
Modified: trunk/mashup/java/modules/www/js/services.js
==============================================================================
--- trunk/mashup/java/modules/www/js/services.js (original)
+++ trunk/mashup/java/modules/www/js/services.js Tue Jan 22 06:40:12 2008
@@ -335,7 +335,7 @@
var callURL = serverURL + "/" + "MashupAdminService" + "/" ;
- var serviceSource = "<![CDATA[" + modifiedSource + "]]>";
+ var serviceSource = Base64.encode(modifiedSource);
var body_xml = '<req:saveServiceSource
xmlns:req="http://service.admin.mashup.wso2.org/xsd";>\n' +
' <req:path>' + path + '</req:path>\n' +
@@ -355,7 +355,7 @@
wso2.mashup.services.saveUiSource = function (path, modifiedSource, callback,
params) {
var callURL = serverURL + "/" + "MashupAdminService" + "/" ;
- var serviceSource = "<![CDATA[" + modifiedSource + "]]>";
+ var serviceSource = Base64.encode(modifiedSource);
var body_xml = '<req:saveUiSource
xmlns:req="http://service.admin.mashup.wso2.org/xsd";>\n' +
' <req:path>' + path + '</req:path>\n' +
_______________________________________________
Mashup-dev mailing list
[email protected]
http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
