Re: [Wicket-user] Pethate - long urls

Sat, 03 Dec 2005 11:28:13 -0800
Where should I be looking in the new codebase for the clean URL code you were discussing? It's not where I was expecting it. 

Gili

Igor Vaynberg wrote:

this is for ENCRYPTED urls and has nothing to do with what we are 
discussing here.


-Igor



On 12/3/05, *Gili* < [EMAIL PROTECTED] 
<mailto:[EMAIL PROTECTED]>> wrote:



         There you go, this is the CVS diff I was commenting on.
    bookmarkablePage is replaced with "5".



    -------- Original Message --------
    Subject: [Wicket-autocvs] wicket/src/java/wicket/protocol/http
    WebResponseWithCryptedUrl.java,1.7,1.8
    WebRequestWithCryptedUrl.java ,1.10,1.11
    Date: Sun, 20 Nov 2005 14:20:33 +0000
    From: Juergen Donnerstag <[EMAIL PROTECTED]
    <mailto:[EMAIL PROTECTED]>>
    To: [EMAIL PROTECTED]
    <mailto:[EMAIL PROTECTED]>

    Update of /cvsroot/wicket/wicket/src/java/wicket/protocol/http
    In directory
    sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv5227/src/java/wicket/protocol/http

    Modified Files:
         WebResponseWithCryptedUrl.java WebRequestWithCryptedUrl.java
    Log Message:
    fixed [ 1348681 ] Crypted URLs break onSelectionChanged handling

    Index: WebRequestWithCryptedUrl.java
    ===================================================================
    RCS file:
    
/cvsroot/wicket/wicket/src/java/wicket/protocol/http/WebRequestWithCryptedUrl.java,v
    retrieving revision 1.10
    retrieving revision 1.11
    diff -C2 -d -r1.10 -r1.11
    *** WebRequestWithCryptedUrl.java     21 Oct 2005 15:21:59 -0000    1.10
    --- WebRequestWithCryptedUrl.java    20 Nov 2005 14:20:31 -0000    1.11
    ***************
    *** 35,39 ****

       /**
    !  * it extends WebRequest and decodes URLs encoded by
        * WebResponseWithCryptedUrl. One reason for obfuscating the URL's
    query string
        * might be, that you don't want the details to be visible to the
    user to
    --- 35,39 ----

       /**
    !  * It extends WebRequest and decodes URLs encoded by
        * WebResponseWithCryptedUrl. One reason for obfuscating the URL's
    query string
        * might be, that you don't want the details to be visible to the
    user to
    ***************
    *** 46,53 ****
           /** URL querystring decoded */
           private final String queryString;
    !
           /** URL query parameters decoded */
           private final ValueMap parameters;
    !
           /**
            * Constructor.
    --- 46,53 ----
           /** URL querystring decoded */
           private final String queryString;
    !
           /** URL query parameters decoded */
           private final ValueMap parameters;
    !
           /**
            * Constructor.
    ***************
    *** 66,76 ****
                   // Get the crypt implementation from the application
                   ICrypt urlCrypt = Application.get().newCrypt();
                   // Decrypt the query string
                   final String queryString = urlCrypt.decrypt(secureParam);
    !
                   // The querystring might have been shortened (length
    reduced).
                   // In that case, lengthen the query string again.
                   this.queryString = rebuildUrl(queryString);
    !
                   // extract parameter key/value pairs from the query
    string
                   this.parameters = analyzeQueryString(this.queryString);
    --- 66,77 ----
                   // Get the crypt implementation from the application
                   ICrypt urlCrypt = Application.get().newCrypt();
    +
                   // Decrypt the query string
                   final String queryString = urlCrypt.decrypt(secureParam);
    !
                   // The querystring might have been shortened (length
    reduced).
                   // In that case, lengthen the query string again.
                   this.queryString = rebuildUrl(queryString);
    !
                   // extract parameter key/value pairs from the query
    string
                   this.parameters = analyzeQueryString(this.queryString);
    ***************
    *** 85,101 ****
                   this.parameters = new ValueMap();
               }
    !
               // If available, add POST parameters as well. They are not
    encrypted.
               // The parameters from HttpRequest
               final Enumeration paramNames = request.getParameterNames();
               // For all parameters (POST + URL query string)
               while ( paramNames.hasMoreElements())
               {
    !            String paramName = (String)paramNames.nextElement();
    !
                   // Ignore the "x" parameter
                   if (!"x".equalsIgnoreCase(paramName))
                   {
    !                 String[] values =
    request.getParameterValues(paramName);
                       // add key/value to our parameter map
                       this.parameters.put(paramName, values);
    --- 86,103 ----
                   this.parameters = new ValueMap();
               }
    !
               // If available, add POST parameters as well. They are not
    encrypted.
               // The parameters from HttpRequest
               final Enumeration paramNames = request.getParameterNames();
    +
               // For all parameters (POST + URL query string)
               while (paramNames.hasMoreElements())
               {
    !             String paramName = (String)paramNames.nextElement();
    !
                   // Ignore the "x" parameter
                   if (!"x".equalsIgnoreCase(paramName))
                   {
    !                     String[] values =
    request.getParameterValues(paramName);
                       // add key/value to our parameter map
                       this.parameters.put(paramName, values);
    ***************
    *** 118,122 ****
               queryString = Strings.replaceAll(queryString, "3=",
    "interface=");
               queryString = Strings.replaceAll(queryString, "5=",
    "bookmarkablePage=");
    !
               return queryString;
           }
    --- 120,124 ----
               queryString = Strings.replaceAll(queryString, "3=",
    "interface=");
               queryString = Strings.replaceAll(queryString, "5=",
    "bookmarkablePage=");
    !
               return queryString;
           }
    ***************
    *** 134,138 ****
               // Get a list of strings separated by the delimiter
               final StringList pairs = StringList.tokenize(queryString,
    "&");
    !
               // Go through each string in the list
               for (IStringIterator iterator = pairs.iterator();
    iterator.hasNext();)
    --- 136,140 ----
               // Get a list of strings separated by the delimiter
               final StringList pairs = StringList.tokenize
    (queryString, "&");
    !
               // Go through each string in the list
               for (IStringIterator iterator = pairs.iterator();
    iterator.hasNext();)
    ***************
    *** 178,185 ****
                   }
               }
    !
               return params;
           }
    !
           /**
            * Gets the request parameter with the given key.
    --- 180,187 ----
                   }
               }
    !
               return params;
           }
    !
           /**
            * Gets the request parameter with the given key.

    Index: WebResponseWithCryptedUrl.java
    ===================================================================
    RCS file:
    
/cvsroot/wicket/wicket/src/java/wicket/protocol/http/WebResponseWithCryptedUrl.java,v
    retrieving revision 1.7
    retrieving revision 1.8
    diff -C2 -d -r1.7 -r1.8
    *** WebResponseWithCryptedUrl.java     6 Oct 2005 21:17:33 -0000    1.7
    --- WebResponseWithCryptedUrl.java    20 Nov 2005 14:20:31 -0000    1.8
    ***************
    *** 71,78 ****
                       // The url's path
                       String urlPrefix = url.substring(0, pos);
    !
                       // Extract the querystring
                       String queryString = url.substring(pos + 1);
    !
                       // if the querystring starts with a parameter like
                       // "x=", than don#t change the querystring as it
    --- 71,78 ----
                       // The url's path
                       String urlPrefix = url.substring(0, pos);
    !
                       // Extract the querystring
                       String queryString = url.substring(pos + 1);
    !
                       // if the querystring starts with a parameter like
                       // "x=", than don#t change the querystring as it
    ***************
    *** 85,93 ****
                           // information.
                           queryString = shortenUrl(queryString);
    !
                           // encrypt the query string
    -
                           final String encryptedQueryString =
    urlCrypt.encrypt(queryString);
    !
                           // build the new complete url
                           final String encryptedUrl = urlPrefix + "?x=" +
    escapeUrl(encryptedQueryString);
    --- 85,92 ----
                           // information.
                           queryString = shortenUrl(queryString);
    !
                           // encrypt the query string
                           final String encryptedQueryString =
    urlCrypt.encrypt(queryString);
    !
                           // build the new complete url
                           final String encryptedUrl = urlPrefix + "?x=" +
    escapeUrl(encryptedQueryString);
    ***************
    *** 96,104 ****
                   }
               }
    !
               // we didn't change anything
               return url;
           }
    !
           /**
            * Escape invalid URL characters
    --- 95,103 ----
                   }
               }
    !
               // we didn't change anything
               return url;
           }
    !
           /**
            * Escape invalid URL characters
    ***************
    *** 109,125 ****
           private String escapeUrl(String queryString)
           {
    !         queryString = Strings.replaceAll(queryString, " ", "%20");
    !         queryString = Strings.replaceAll(queryString, "\"", "%22");
    !         queryString = Strings.replaceAll(queryString, "%", "%26");
    !         queryString = Strings.replaceAll(queryString, "=", "%3D");
    !         queryString = Strings.replaceAll (queryString, "/", "%2F");
    !         queryString = Strings.replaceAll(queryString, "+", "%2B");
    !         queryString = Strings.replaceAll(queryString, "&", "%26");
    !         queryString = Strings.replaceAll(queryString, "~", "%7E");
    !         queryString = Strings.replaceAll(queryString, "?", "%3F");

    !         return queryString;
           }
    !
           /**
            * Try to shorten the querystring without loosing information
    --- 108,148 ----
           private String escapeUrl(String queryString)
           {
    !         StringBuffer buf = new StringBuffer( queryString.length()
    * 2);
    !         for (int i=0; i < queryString.length(); i++)
    !         {
    !             char ch = queryString.charAt(i);
    !             switch (ch)
    !             {
    !                 case ' ': buf.append("%20"); break;
    !                 case '<': buf.append("%3C"); break;
    !                 case '>': buf.append("%3E"); break;
    !                 case '#': buf.append("%23"); break;
    !                 case '{': buf.append("%7B"); break;
    !                 case '}': buf.append("%7D"); break;
    !                 case '|': buf.append("%7C"); break;
    !                 case '^': buf.append("%5E"); break;
    !                 case '\"': buf.append("%22"); break;
    !                 case '%': buf.append("%26"); break;
    !                 case '=': buf.append("%3D"); break;
    !                 case '/': buf.append("%2F"); break;
    !                 case '+': buf.append("%2B"); break;
    !                 case '&': buf.append("%26"); break;
    !                 case '~': buf.append("%7E"); break;
    !                 case '?': buf.append("%3F"); break;
    !                 case '\\': buf.append("%5C"); break;
    !                 case '[': buf.append("%5B"); break;
    !                 case ']': buf.append("%5D"); break;
    !                 case '`': buf.append("%60"); break;
    !                 case ';': buf.append("%3B"); break;
    !                 case ':': buf.append("%3A"); break;
    !                 case '@': buf.append("%40"); break;
    !                 case '$': buf.append("%24"); break;
    !                 default: buf.append(ch);
    !             }
    !         }

    !         return buf.toString();
           }
    !
           /**
            * Try to shorten the querystring without loosing information
    ***************
    *** 135,139 ****
               queryString = Strings.replaceAll(queryString, "interface=",
    "3=");
               queryString = Strings.replaceAll(queryString,
    "bookmarkablePage=", "5=");
    !
               // For debugging only: determine possibilities to further
    shorten
               // the query string
    --- 158,162 ----
               queryString = Strings.replaceAll(queryString, "interface=",
    "3=");
               queryString = Strings.replaceAll(queryString,
    "bookmarkablePage=", "5=");
    !
               // For debugging only: determine possibilities to further
    shorten
               // the query string
    ***************
    *** 149,153 ****
                   }
               }
    !
               return queryString;
           }
    --- 172,176 ----
                   }
               }
    !
               return queryString;
           }



    -------------------------------------------------------
    This SF.Net email is sponsored by the JBoss Inc.  Get Certified Today
    Register for a JBoss Training Course.  Free Certification Exam
    for All Training Attendees Through End of 2005. For more info visit:
    http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click
    <http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click>
    _______________________________________________
    Wicket-autocvs mailing list
    [EMAIL PROTECTED]
    <mailto:[EMAIL PROTECTED]>
    https://lists.sourceforge.net/lists/listinfo/wicket-autocvs



    Gili wrote:

     >
     >     No problem. I was simply basing this on CVS diffs I saw on the
    mailing list, so I didn't pull this out of the air. I'll check it
    out now.
     >
     > Gili
     >
     > Eelco Hillenius wrote:
     >
     >>>        I haven't taken a look at the latest code yet
     >>
     >>
     >>
     >>
     >> Well, please do that first before commenting :)
     >>
     >> Eelco
     >>
     >>
     >> -------------------------------------------------------
     >> This SF.net email is sponsored by: Splunk Inc. Do you grep through
    log files
     >> for problems?  Stop!  Download the new AJAX search engine that makes
     >> searching your log files as easy as surfing the  web.  DOWNLOAD
    SPLUNK!
     >> http://ads.osdn.com/?ad_idv37&alloc_id865&op=click
    <http://ads.osdn.com/?ad_idv37&alloc_id865&op=click>
     >> _______________________________________________
     >> Wicket-user mailing list
     >> Wicket-user@lists.sourceforge.net
    <mailto:Wicket-user@lists.sourceforge.net>
     >> https://lists.sourceforge.net/lists/listinfo/wicket-user
    <https://lists.sourceforge.net/lists/listinfo/wicket-user>
     >>
     >

    --
    http://www.desktopbeautifier.com/



    -------------------------------------------------------
    This SF.net email is sponsored by: Splunk Inc. Do you grep through
    log files
    for problems?  Stop!  Download the new AJAX search engine that makes
    searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
    http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
    <http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click>
    _______________________________________________
    Wicket-user mailing list
    Wicket-user@lists.sourceforge.net
    <mailto:Wicket-user@lists.sourceforge.net>
    https://lists.sourceforge.net/lists/listinfo/wicket-user




--
http://www.desktopbeautifier.com/


-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems?  Stop!  Download the new AJAX search engine that makes
searching your log files as easy as surfing the  web.  DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
Wicket-user mailing list
Wicket-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/wicket-user






















					Reply via email to