[
http://www.stripesframework.org/jira/browse/STS-555?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=11366#action_11366
]
Kai Grabfelder commented on STS-555:
------------------------------------
I just encountered the same issue. Besides encrypting the sourcePage parameter
you could also do the following: use your own subclass of ActionBeanContext
storing a Resolution:
public class MyActionBeanContext extends ActionBeanContext {
private Resolution sourcePageResolution;
@Override
public Resolution getSourcePageResolution() {
if (sourcePageResolution != null) return sourcePageResolution;
return super.getSourcePageResolution();
}
public void setSourcePageResolution(Resolution sourcePageResolution) {
this.sourcePageResolution = sourcePageResolution;
}
}
in your action you could then do:
MyAction implements ActionBean{
MyActionBeanContext context;
final public void setContext(ActionBeanContext context) {
this.context = (MyActionBeanContext) context;
context .setSourcePageResolution("\/bugMaintenance.jsp");
}
}
Besides this workaround: shouldn't we should return the input value if we can't
decrypt it? See the attached patch for a possible solution
> _sourcePage passed request parameter via Javascript is having some exception
> on server side validation during getSourcePage
> ---------------------------------------------------------------------------------------------------------------------------
>
> Key: STS-555
> URL: http://www.stripesframework.org/jira/browse/STS-555
> Project: Stripes
> Issue Type: Improvement
> Components: Validation
> Environment: Tomcat 6.0.16,
> jdk1.6.0_05,
> Stripes 1.5b1.
> Eclipse 3.3.2.
> Windows XP.
> Internet Explorer 6.0
> Reporter: J G
>
> Hi,
> Currently having an error during validation with errors and calling the
> getContext().getSourcePageResolution() in an ActionBean.. The exception
> trace..
> Bad Base64 input character at 0: 47(decimal)
> 15:14:30,117 DEBUG ExecutionContext:150 - Transitioning to lifecycle stage
> RequestComplete
> 15:14:30,117 WARN DefaultExceptionHandler:39 - Unhandled exception caught by
> the Stripes default exception handler.
> java.lang.IllegalArgumentException: Null input buffer
> at javax.crypto.Cipher.doFinal(DashoA13*..)
> at net.sourceforge.stripes.util.CryptoUtil.decrypt(CryptoUtil.java:188)
> at
> net.sourceforge.stripes.action.ActionBeanContext.getSourcePage(ActionBeanContext.java:249)
> at
> net.sourceforge.stripes.action.ActionBeanContext.getSourcePageResolution(ActionBeanContext.java:226)
> ....
> ...
> ...
> This only happens after a first load of my page. I have an href that have an
> image that has an onclick that triggers a javascript. Then in my javascript
> function I have Ajax.Updater method
> var params = 'initVar&id=' + nId
> + '&_sourcePage=\/bugMaintenance.jsp';
> new Ajax.Updater( "",
> "${pageContext.request.contextPath}/ctrlr/BugMaint.action",
> { method: 'post',
> postBody: params,
> onSuccess: successAddFunc,
> onFailure: errorAddFunc
> });
> I know this might is not the clean way, but do you have any ideas what is
> wrong? Or any suggestion how to do this via Ajax to pass the _sourcePage?
> I tried to debug the source code of stripes. The problem is on the
> ActionBeanContext.getSourcePage(). during the call to
> CryptoUtil.decrypt(sourcePage), since I did not encrypt the _sourcePage which
> I just tweaked and passed as request parameter during an Ajax call, the
> processing throws a Null pointer somewhere inside the decrypting of the
> source page.
> Inside the decrypt(String) method of CryptoUtil, the Base64.decode(input,
> BASE64_OPTIONS) returned null.
> Thanks,
> --jg
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://www.stripesframework.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Stripes-development mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/stripes-development
