Search in sources :

Example 1 with ResponseStateManager

use of jakarta.faces.render.ResponseStateManager in project myfaces by apache.

the class ViewHandlerImpl method writeState.

@Override
public void writeState(FacesContext context) throws IOException {
    Assert.notNull(context, "context");
    if (context.getPartialViewContext().isAjaxRequest()) {
        return;
    }
    ResponseStateManager responseStateManager = context.getRenderKit().getResponseStateManager();
    setWritingState(context, responseStateManager);
    StateManager stateManager = context.getApplication().getStateManager();
    // that so, check if the current one support the trick.
    if (StateCacheUtils.isMyFacesResponseStateManager(responseStateManager)) {
        if (StateCacheUtils.getMyFacesResponseStateManager(responseStateManager).isWriteStateAfterRenderViewRequired(context)) {
            // Only write state marker if javascript view state is disabled
            context.getResponseWriter().write(FORM_STATE_MARKER);
        } else {
            stateManager.writeState(context, new Object[2]);
        }
    } else {
        // Only write state marker if javascript view state is disabled
        context.getResponseWriter().write(FORM_STATE_MARKER);
    }
}
Also used : StateManager(jakarta.faces.application.StateManager) ResponseStateManager(jakarta.faces.render.ResponseStateManager) ResponseStateManager(jakarta.faces.render.ResponseStateManager)

Example 2 with ResponseStateManager

use of jakarta.faces.render.ResponseStateManager in project myfaces by apache.

the class ViewIdSupport method calculateActionURL.

/**
 * Return a string containing a webapp-relative URL that the user can invoke
 * to render the specified view.
 * <p>
 * URLs and ViewIds are not quite the same; for example a url of "/foo.jsf"
 * or "/faces/foo.jsp" may be needed to access the view "/foo.jsp".
 */
public String calculateActionURL(FacesContext context, String viewId) {
    if (viewId == null || !viewId.startsWith("/")) {
        throw new IllegalArgumentException("ViewId must start with a '/': " + viewId);
    }
    FacesServletMapping mapping = FacesServletMappingUtils.getCurrentRequestFacesServletMapping(context);
    ExternalContext externalContext = context.getExternalContext();
    String contextPath = externalContext.getRequestContextPath();
    StringBuilder builder = SharedStringBuilder.get(context, VIEW_HANDLER_SUPPORT_SB);
    // and extra '/' will be set.
    if (contextPath != null && !(contextPath.length() == 1 && contextPath.charAt(0) == '/')) {
        builder.append(contextPath);
    }
    // the viewId is bound or not with a mapping.
    if (mapping != null && mapping.isExactMapping()) {
        String exactMappingViewId = calculateExactMapping(context, viewId);
        if (exactMappingViewId != null && !exactMappingViewId.isEmpty()) {
            // if the current exactMapping already matches the requested viewId -> same view, skip....
            if (!mapping.getExact().equals(exactMappingViewId)) {
                // different viewId -> lets try to lookup a exact mapping
                mapping = FacesServletMappingUtils.getExactMapping(context, exactMappingViewId);
                // we need a to search for a prefix or extension mapping
                if (mapping == null) {
                    mapping = FacesServletMappingUtils.getGenericPrefixOrSuffixMapping(context);
                    if (mapping == null) {
                        throw new IllegalStateException("No generic (either prefix or suffix) servlet-mapping found for FacesServlet." + "This is required serve views, that are not exact mapped.");
                    }
                }
            }
        }
    }
    if (mapping != null) {
        if (mapping.isExactMapping()) {
            builder.append(mapping.getExact());
        } else if (mapping.isExtensionMapping()) {
            // See JSF 2.0 section 7.5.2
            boolean founded = false;
            for (String contextSuffix : config.getViewSuffix()) {
                if (viewId.endsWith(contextSuffix)) {
                    builder.append(viewId.substring(0, viewId.indexOf(contextSuffix)));
                    builder.append(mapping.getExtension());
                    founded = true;
                    break;
                }
            }
            if (!founded) {
                // so use viewIds ending with mapping extensions is not a good practice.
                if (viewId.endsWith(mapping.getExtension())) {
                    builder.append(viewId);
                } else if (viewId.lastIndexOf('.') != -1) {
                    builder.append(viewId.substring(0, viewId.lastIndexOf('.')));
                    builder.append(config.getViewSuffix()[0]);
                } else {
                    builder.append(viewId);
                    builder.append(config.getViewSuffix()[0]);
                }
            }
        } else if (mapping.isPrefixMapping()) {
            builder.append(mapping.getPrefix());
            builder.append(viewId);
        }
    } else {
        builder.append(viewId);
    }
    // JSF 2.2 check view protection.
    if (isViewProtected(context, viewId)) {
        int index = builder.indexOf("?");
        if (index >= 0) {
            builder.append('&');
        } else {
            builder.append('?');
        }
        builder.append(ResponseStateManager.NON_POSTBACK_VIEW_TOKEN_PARAM);
        builder.append('=');
        ResponseStateManager rsm = context.getRenderKit().getResponseStateManager();
        builder.append(rsm.getCryptographicallyStrongTokenFromSession(context));
    }
    String calculatedActionURL = builder.toString();
    if (log.isLoggable(Level.FINEST)) {
        log.finest("Calculated actionURL: '" + calculatedActionURL + "' for viewId: '" + viewId + '\'');
    }
    return calculatedActionURL;
}
Also used : SharedStringBuilder(org.apache.myfaces.core.api.shared.lang.SharedStringBuilder) ExternalContext(jakarta.faces.context.ExternalContext) ResponseStateManager(jakarta.faces.render.ResponseStateManager)

Example 3 with ResponseStateManager

use of jakarta.faces.render.ResponseStateManager in project myfaces by apache.

the class RestoreViewExecutor method checkViewProtection.

private void checkViewProtection(FacesContext facesContext, ViewHandler viewHandler, String viewId, UIViewRoot root) throws ProtectedViewException {
    boolean valid = true;
    if (getViewIdSupport(facesContext).isViewProtected(facesContext, viewId)) {
        // "... Obtain the value of the value of the request parameter whose
        // name is given by the value of ResponseStateManager.NON_POSTBACK_VIEW_TOKEN_PARAM.
        // If there is no value, throw ProtectedViewException ..."
        String token = (String) facesContext.getExternalContext().getRequestParameterMap().get(ResponseStateManager.NON_POSTBACK_VIEW_TOKEN_PARAM);
        if (token != null && token.length() > 0) {
            String renderKitId = null;
            if (root != null) {
                renderKitId = root.getRenderKitId();
            }
            if (renderKitId == null) {
                renderKitId = viewHandler.calculateRenderKitId(facesContext);
            }
            RenderKit renderKit = getRenderKitFactory().getRenderKit(facesContext, renderKitId);
            ResponseStateManager rsm = renderKit.getResponseStateManager();
            String storedToken = rsm.getCryptographicallyStrongTokenFromSession(facesContext);
            if (token.equals(storedToken)) {
                if (!ExternalContextUtils.isPortlet(facesContext.getExternalContext())) {
                    // Any check beyond this point only has sense for servlet requests.
                    String referer = facesContext.getExternalContext().getRequestHeaderMap().get("Referer");
                    if (referer != null) {
                        valid = valid && checkRefererOrOriginHeader(facesContext, viewHandler, referer);
                    }
                    String origin = facesContext.getExternalContext().getRequestHeaderMap().get("Origin");
                    if (valid && origin != null) {
                        valid = valid && checkRefererOrOriginHeader(facesContext, viewHandler, origin);
                    }
                }
            } else {
                valid = false;
            }
        } else {
            valid = false;
        }
    }
    if (!valid) {
        throw new ProtectedViewException();
    }
}
Also used : ResponseStateManager(jakarta.faces.render.ResponseStateManager) RenderKit(jakarta.faces.render.RenderKit) ProtectedViewException(jakarta.faces.application.ProtectedViewException)

Example 4 with ResponseStateManager

use of jakarta.faces.render.ResponseStateManager in project myfaces by apache.

the class RestoreViewSupport method isPostback.

public boolean isPostback(FacesContext facesContext) {
    ViewHandler viewHandler = facesContext.getApplication().getViewHandler();
    String renderkitId = viewHandler.calculateRenderKitId(facesContext);
    ResponseStateManager rsm = renderKitFactory.getRenderKit(facesContext, renderkitId).getResponseStateManager();
    return rsm.isPostback(facesContext);
}
Also used : ViewHandler(jakarta.faces.application.ViewHandler) ResponseStateManager(jakarta.faces.render.ResponseStateManager)

Example 5 with ResponseStateManager

use of jakarta.faces.render.ResponseStateManager in project myfaces by apache.

the class ViewDeclarationLanguageBase method restoreView.

@Override
public UIViewRoot restoreView(FacesContext context, String viewId) {
    Assert.notNull(context, "context");
    Application application = context.getApplication();
    ViewHandler applicationViewHandler = application.getViewHandler();
    String renderKitId = applicationViewHandler.calculateRenderKitId(context);
    if (log.isLoggable(Level.FINEST)) {
        log.finest("Entering restoreView - viewId: " + viewId + " ; renderKitId: " + renderKitId);
    }
    UIViewRoot viewRoot = null;
    StateManagementStrategy sms = getStateManagementStrategy(context, viewId);
    if (sms != null) {
        if (log.isLoggable(Level.FINEST)) {
            log.finest("Redirect to StateManagementStrategy: " + sms.getClass().getName());
        }
        viewRoot = sms.restoreView(context, viewId, renderKitId);
    } else {
        RenderKit renderKit = getRenderKitFactory().getRenderKit(context, renderKitId);
        ResponseStateManager responseStateManager = renderKit.getResponseStateManager();
        Object state = responseStateManager.getState(context, viewId);
        if (state != null) {
            Object[] stateArray = (Object[]) state;
            viewRoot = TreeStructureManager.restoreTreeStructure(((Object[]) stateArray[0])[0]);
            if (viewRoot != null) {
                context.setViewRoot(viewRoot);
                viewRoot.processRestoreState(context, stateArray[1]);
                RequestViewContext.getCurrentInstance(context).refreshRequestViewContext(context, viewRoot);
                // If state is saved fully, there outer f:view tag handler will not be executed,
                // so "contracts" attribute will not be set properly. We need to save it and
                // restore it from here. With PSS, the view will always be built so it is not
                // necessary to save it on the state.
                Object rlc = ((Object[]) stateArray[0])[1];
                if (rlc != null) {
                    context.setResourceLibraryContracts((List<String>) UIComponentBase.restoreAttachedState(context, rlc));
                }
            }
        }
    }
    if (log.isLoggable(Level.FINEST)) {
        log.finest("Exiting restoreView - " + viewId);
    }
    return viewRoot;
}
Also used : StateManagementStrategy(jakarta.faces.view.StateManagementStrategy) ViewHandler(jakarta.faces.application.ViewHandler) ResponseStateManager(jakarta.faces.render.ResponseStateManager) RenderKit(jakarta.faces.render.RenderKit) Application(jakarta.faces.application.Application) UIViewRoot(jakarta.faces.component.UIViewRoot)

Aggregations

ResponseStateManager (jakarta.faces.render.ResponseStateManager)16 UIViewRoot (jakarta.faces.component.UIViewRoot)8 RenderKit (jakarta.faces.render.RenderKit)5 ViewHandler (jakarta.faces.application.ViewHandler)4 HashMap (java.util.HashMap)4 FacesException (jakarta.faces.FacesException)3 ViewDeclarationLanguage (jakarta.faces.view.ViewDeclarationLanguage)3 Map (java.util.Map)3 StateContext (com.sun.faces.context.StateContext)2 Application (jakarta.faces.application.Application)2 ProtectedViewException (jakarta.faces.application.ProtectedViewException)2 ExternalContext (jakarta.faces.context.ExternalContext)2 ViewMetadata (jakarta.faces.view.ViewMetadata)2 ArrayList (java.util.ArrayList)2 RenderKitUtils.getResponseStateManager (com.sun.faces.renderkit.RenderKitUtils.getResponseStateManager)1 MessageUtils.getExceptionMessageString (com.sun.faces.util.MessageUtils.getExceptionMessageString)1 ValueExpression (jakarta.el.ValueExpression)1 StateManager (jakarta.faces.application.StateManager)1 HtmlCommandButton (jakarta.faces.component.html.HtmlCommandButton)1 HtmlForm (jakarta.faces.component.html.HtmlForm)1