use of jakarta.faces.render.ResponseStateManager in project myfaces by apache.
the class ViewHandlerImpl method writeState.
@Override
public void writeState(FacesContext context) throws IOException {
Assert.notNull(context, "context");
if (context.getPartialViewContext().isAjaxRequest()) {
return;
}
ResponseStateManager responseStateManager = context.getRenderKit().getResponseStateManager();
setWritingState(context, responseStateManager);
StateManager stateManager = context.getApplication().getStateManager();
// that so, check if the current one support the trick.
if (StateCacheUtils.isMyFacesResponseStateManager(responseStateManager)) {
if (StateCacheUtils.getMyFacesResponseStateManager(responseStateManager).isWriteStateAfterRenderViewRequired(context)) {
// Only write state marker if javascript view state is disabled
context.getResponseWriter().write(FORM_STATE_MARKER);
} else {
stateManager.writeState(context, new Object[2]);
}
} else {
// Only write state marker if javascript view state is disabled
context.getResponseWriter().write(FORM_STATE_MARKER);
}
}
use of jakarta.faces.render.ResponseStateManager in project myfaces by apache.
the class ViewIdSupport method calculateActionURL.
/**
* Return a string containing a webapp-relative URL that the user can invoke
* to render the specified view.
* <p>
* URLs and ViewIds are not quite the same; for example a url of "/foo.jsf"
* or "/faces/foo.jsp" may be needed to access the view "/foo.jsp".
*/
public String calculateActionURL(FacesContext context, String viewId) {
if (viewId == null || !viewId.startsWith("/")) {
throw new IllegalArgumentException("ViewId must start with a '/': " + viewId);
}
FacesServletMapping mapping = FacesServletMappingUtils.getCurrentRequestFacesServletMapping(context);
ExternalContext externalContext = context.getExternalContext();
String contextPath = externalContext.getRequestContextPath();
StringBuilder builder = SharedStringBuilder.get(context, VIEW_HANDLER_SUPPORT_SB);
// and extra '/' will be set.
if (contextPath != null && !(contextPath.length() == 1 && contextPath.charAt(0) == '/')) {
builder.append(contextPath);
}
// the viewId is bound or not with a mapping.
if (mapping != null && mapping.isExactMapping()) {
String exactMappingViewId = calculateExactMapping(context, viewId);
if (exactMappingViewId != null && !exactMappingViewId.isEmpty()) {
// if the current exactMapping already matches the requested viewId -> same view, skip....
if (!mapping.getExact().equals(exactMappingViewId)) {
// different viewId -> lets try to lookup a exact mapping
mapping = FacesServletMappingUtils.getExactMapping(context, exactMappingViewId);
// we need a to search for a prefix or extension mapping
if (mapping == null) {
mapping = FacesServletMappingUtils.getGenericPrefixOrSuffixMapping(context);
if (mapping == null) {
throw new IllegalStateException("No generic (either prefix or suffix) servlet-mapping found for FacesServlet." + "This is required serve views, that are not exact mapped.");
}
}
}
}
}
if (mapping != null) {
if (mapping.isExactMapping()) {
builder.append(mapping.getExact());
} else if (mapping.isExtensionMapping()) {
// See JSF 2.0 section 7.5.2
boolean founded = false;
for (String contextSuffix : config.getViewSuffix()) {
if (viewId.endsWith(contextSuffix)) {
builder.append(viewId.substring(0, viewId.indexOf(contextSuffix)));
builder.append(mapping.getExtension());
founded = true;
break;
}
}
if (!founded) {
// so use viewIds ending with mapping extensions is not a good practice.
if (viewId.endsWith(mapping.getExtension())) {
builder.append(viewId);
} else if (viewId.lastIndexOf('.') != -1) {
builder.append(viewId.substring(0, viewId.lastIndexOf('.')));
builder.append(config.getViewSuffix()[0]);
} else {
builder.append(viewId);
builder.append(config.getViewSuffix()[0]);
}
}
} else if (mapping.isPrefixMapping()) {
builder.append(mapping.getPrefix());
builder.append(viewId);
}
} else {
builder.append(viewId);
}
// JSF 2.2 check view protection.
if (isViewProtected(context, viewId)) {
int index = builder.indexOf("?");
if (index >= 0) {
builder.append('&');
} else {
builder.append('?');
}
builder.append(ResponseStateManager.NON_POSTBACK_VIEW_TOKEN_PARAM);
builder.append('=');
ResponseStateManager rsm = context.getRenderKit().getResponseStateManager();
builder.append(rsm.getCryptographicallyStrongTokenFromSession(context));
}
String calculatedActionURL = builder.toString();
if (log.isLoggable(Level.FINEST)) {
log.finest("Calculated actionURL: '" + calculatedActionURL + "' for viewId: '" + viewId + '\'');
}
return calculatedActionURL;
}
use of jakarta.faces.render.ResponseStateManager in project myfaces by apache.
the class RestoreViewExecutor method checkViewProtection.
private void checkViewProtection(FacesContext facesContext, ViewHandler viewHandler, String viewId, UIViewRoot root) throws ProtectedViewException {
boolean valid = true;
if (getViewIdSupport(facesContext).isViewProtected(facesContext, viewId)) {
// "... Obtain the value of the value of the request parameter whose
// name is given by the value of ResponseStateManager.NON_POSTBACK_VIEW_TOKEN_PARAM.
// If there is no value, throw ProtectedViewException ..."
String token = (String) facesContext.getExternalContext().getRequestParameterMap().get(ResponseStateManager.NON_POSTBACK_VIEW_TOKEN_PARAM);
if (token != null && token.length() > 0) {
String renderKitId = null;
if (root != null) {
renderKitId = root.getRenderKitId();
}
if (renderKitId == null) {
renderKitId = viewHandler.calculateRenderKitId(facesContext);
}
RenderKit renderKit = getRenderKitFactory().getRenderKit(facesContext, renderKitId);
ResponseStateManager rsm = renderKit.getResponseStateManager();
String storedToken = rsm.getCryptographicallyStrongTokenFromSession(facesContext);
if (token.equals(storedToken)) {
if (!ExternalContextUtils.isPortlet(facesContext.getExternalContext())) {
// Any check beyond this point only has sense for servlet requests.
String referer = facesContext.getExternalContext().getRequestHeaderMap().get("Referer");
if (referer != null) {
valid = valid && checkRefererOrOriginHeader(facesContext, viewHandler, referer);
}
String origin = facesContext.getExternalContext().getRequestHeaderMap().get("Origin");
if (valid && origin != null) {
valid = valid && checkRefererOrOriginHeader(facesContext, viewHandler, origin);
}
}
} else {
valid = false;
}
} else {
valid = false;
}
}
if (!valid) {
throw new ProtectedViewException();
}
}
use of jakarta.faces.render.ResponseStateManager in project myfaces by apache.
the class RestoreViewSupport method isPostback.
public boolean isPostback(FacesContext facesContext) {
ViewHandler viewHandler = facesContext.getApplication().getViewHandler();
String renderkitId = viewHandler.calculateRenderKitId(facesContext);
ResponseStateManager rsm = renderKitFactory.getRenderKit(facesContext, renderkitId).getResponseStateManager();
return rsm.isPostback(facesContext);
}
use of jakarta.faces.render.ResponseStateManager in project myfaces by apache.
the class ViewDeclarationLanguageBase method restoreView.
@Override
public UIViewRoot restoreView(FacesContext context, String viewId) {
Assert.notNull(context, "context");
Application application = context.getApplication();
ViewHandler applicationViewHandler = application.getViewHandler();
String renderKitId = applicationViewHandler.calculateRenderKitId(context);
if (log.isLoggable(Level.FINEST)) {
log.finest("Entering restoreView - viewId: " + viewId + " ; renderKitId: " + renderKitId);
}
UIViewRoot viewRoot = null;
StateManagementStrategy sms = getStateManagementStrategy(context, viewId);
if (sms != null) {
if (log.isLoggable(Level.FINEST)) {
log.finest("Redirect to StateManagementStrategy: " + sms.getClass().getName());
}
viewRoot = sms.restoreView(context, viewId, renderKitId);
} else {
RenderKit renderKit = getRenderKitFactory().getRenderKit(context, renderKitId);
ResponseStateManager responseStateManager = renderKit.getResponseStateManager();
Object state = responseStateManager.getState(context, viewId);
if (state != null) {
Object[] stateArray = (Object[]) state;
viewRoot = TreeStructureManager.restoreTreeStructure(((Object[]) stateArray[0])[0]);
if (viewRoot != null) {
context.setViewRoot(viewRoot);
viewRoot.processRestoreState(context, stateArray[1]);
RequestViewContext.getCurrentInstance(context).refreshRequestViewContext(context, viewRoot);
// If state is saved fully, there outer f:view tag handler will not be executed,
// so "contracts" attribute will not be set properly. We need to save it and
// restore it from here. With PSS, the view will always be built so it is not
// necessary to save it on the state.
Object rlc = ((Object[]) stateArray[0])[1];
if (rlc != null) {
context.setResourceLibraryContracts((List<String>) UIComponentBase.restoreAttachedState(context, rlc));
}
}
}
}
if (log.isLoggable(Level.FINEST)) {
log.finest("Exiting restoreView - " + viewId);
}
return viewRoot;
}
Aggregations