use of org.apache.wicket.request.Url in project wicket by apache.
the class CryptoMapper method decryptEntireUrl.
/**
* Decrypts an entire URL, which was previously encrypted by {@link #encryptEntireUrl(org.apache.wicket.request.Url)}.
* This method should return {@code null} if the URL is not decryptable.
*
* @param request
* The request that was made.
* @param encryptedUrl
* The encrypted URL.
*
* @return A decrypted form of the URL, or {@code null} if the URL is not decryptable.
*/
protected Url decryptEntireUrl(final Request request, final Url encryptedUrl) {
Url url = new Url(request.getCharset());
List<String> encryptedSegments = encryptedUrl.getSegments();
if (encryptedSegments.isEmpty()) {
return null;
}
/*
* The first encrypted segment contains an encrypted version of the entire plain text url.
*/
String encryptedUrlString = encryptedSegments.get(0);
if (Strings.isEmpty(encryptedUrlString)) {
return null;
}
if (getMarkEncryptedUrls()) {
if (encryptedUrlString.startsWith(ENCRYPTED_URL_MARKER_PREFIX)) {
encryptedUrlString = encryptedUrlString.substring(ENCRYPTED_URL_MARKER_PREFIX.length());
} else {
return null;
}
}
String decryptedUrl;
try {
decryptedUrl = getCrypt().decryptUrlSafe(encryptedUrlString);
} catch (Exception e) {
log.error("Error decrypting URL", e);
return null;
}
if (decryptedUrl == null) {
if (getMarkEncryptedUrls()) {
throw new PageExpiredException("Encrypted URL is no longer decryptable");
} else {
return null;
}
}
Url originalUrl = Url.parse(decryptedUrl, request.getCharset());
int originalNumberOfSegments = originalUrl.getSegments().size();
int encryptedNumberOfSegments = encryptedUrl.getSegments().size();
if (originalNumberOfSegments > 0) {
/*
* This should always be true. Home page URLs are the only ones without
* segments, and we don't encrypt those with this method.
*
* We always add the first segment of the URL, because we encrypt a URL like:
* /path/to/something
* to:
* /encrypted_full/hash/hash
*
* Notice the consistent number of segments. If we applied the following relative URL:
* ../../something
* then the resultant URL would be:
* /something
*
* Hence, the mere existence of the first, encrypted version of complete URL, segment
* tells us that the first segment of the original URL is still to be used.
*/
url.getSegments().add(originalUrl.getSegments().get(0));
}
HashedSegmentGenerator generator = new HashedSegmentGenerator(encryptedUrlString);
int segNo = 1;
for (; segNo < encryptedNumberOfSegments; segNo++) {
if (segNo >= originalNumberOfSegments) {
break;
}
String next = generator.next();
String encryptedSegment = encryptedSegments.get(segNo);
if (!next.equals(encryptedSegment)) {
/*
* This segment received from the browser is not the same as the expected segment generated
* by the HashSegmentGenerator. Hence it, and all subsequent segments are considered plain
* text siblings of the original encrypted url.
*/
break;
}
/*
* This segments matches the expected checksum, so we add the corresponding segment from the
* original URL.
*/
url.getSegments().add(originalUrl.getSegments().get(segNo));
}
/*
* Add all remaining segments from the encrypted url as plain text segments.
*/
for (; segNo < encryptedNumberOfSegments; segNo++) {
// modified or additional segment
url.getSegments().add(encryptedUrl.getSegments().get(segNo));
}
url.getQueryParameters().addAll(originalUrl.getQueryParameters());
// WICKET-4923 additional parameters
url.getQueryParameters().addAll(encryptedUrl.getQueryParameters());
return url;
}
use of org.apache.wicket.request.Url in project wicket by apache.
the class CryptoMapper method getCompatibilityScore.
/**
* {@inheritDoc}
* <p>
* This implementation decrypts the URL and passes the decrypted URL to the wrapped mapper.
* </p>
* @param request
* The request for which to get a compatibility score.
*
* @return The compatibility score.
*/
@Override
public int getCompatibilityScore(final Request request) {
Url decryptedUrl = decryptUrl(request, request.getUrl());
if (decryptedUrl == null) {
return 0;
}
Request decryptedRequest = request.cloneWithUrl(decryptedUrl);
return wrappedMapper.getCompatibilityScore(decryptedRequest);
}
use of org.apache.wicket.request.Url in project wicket by apache.
the class ResourceMapper method getCompatibilityScore.
@Override
public int getCompatibilityScore(Request request) {
Url originalUrl = new Url(request.getUrl());
PageParameters parameters = extractPageParameters(request, mountSegments.length, parametersEncoder);
if (parameters != null) {
parameters.setLocale(resolveLocale());
}
removeCachingDecoration(originalUrl, parameters);
Request requestWithoutDecoration = request.cloneWithUrl(originalUrl);
int score = super.getCompatibilityScore(requestWithoutDecoration);
if (score > 0) {
// pages always have priority over resources
score--;
} else {
score = -1;
}
return score;
}
use of org.apache.wicket.request.Url in project wicket by apache.
the class ResourceMapper method mapRequest.
@Override
public IRequestHandler mapRequest(final Request request) {
final Url url = new Url(request.getUrl());
// now extract the page parameters from the request url
PageParameters parameters = extractPageParameters(request, mountSegments.length, parametersEncoder);
if (parameters != null) {
parameters.setLocale(resolveLocale());
}
// remove caching information from current request
removeCachingDecoration(url, parameters);
// check if url matches mount path
if (urlStartsWith(url, mountSegments) == false) {
return null;
}
// check if there are placeholders in mount segments
for (int index = 0; index < mountSegments.length; ++index) {
String placeholder = getPlaceholder(mountSegments[index]);
if (placeholder != null) {
// extract the parameter from URL
if (parameters == null) {
parameters = newPageParameters();
}
parameters.add(placeholder, url.getSegments().get(index), INamedParameters.Type.PATH);
}
}
return new ResourceReferenceRequestHandler(resourceReference, parameters);
}
use of org.apache.wicket.request.Url in project wicket by apache.
the class BaseWicketTester method submitForm.
/**
* Submits the {@link Form} in the last rendered {@link Page}.
* <p>
* <strong>Note</strong>: Form request parameters have to be set explicitely.
*
* @param path
* path to component
*/
public void submitForm(String path) {
Form<?> form = (Form<?>) getComponentFromLastRenderedPage(path);
Url url = Url.parse(form.getRootForm().urlForListener(new PageParameters()).toString(), Charset.forName(request.getCharacterEncoding()));
// make url absolute
transform(url);
request.setUrl(url);
processRequest();
}
Aggregations