[
https://issues.apache.org/jira/browse/WICKET-7149?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Martin Tzvetanov Grigorov resolved WICKET-7149.
-----------------------------------------------
Fix Version/s: 10.5.0
Assignee: Martin Tzvetanov Grigorov
Resolution: Fixed
> Add Integrity and CrossOrigin values to ResourceReference and related code
> --------------------------------------------------------------------------
>
> Key: WICKET-7149
> URL: https://issues.apache.org/jira/browse/WICKET-7149
> Project: Wicket
> Issue Type: Improvement
> Components: wicket
> Affects Versions: 10.4.0
> Reporter: Martin Tzvetanov Grigorov
> Assignee: Martin Tzvetanov Grigorov
> Priority: Major
> Fix For: 10.5.0
>
>
> From https://github.com/apache/wicket/pull/1102
>
> *Synopsis*
> Added two new variables to the ResourceReference class. Added code to use
> these values in both the JavaScriptReferenceHeaderItem and
> CssReferenceHeaderItem classes. Also fixed a bug with the
> AbstractCssReferenceHeaderItem class where it was directly accessing the
> identity and crossOrigin values directly instead of going through accessor
> methods.
> {*}In-depth Detail{*}:
> It is easy to create the integrity and cross origin values needed when the we
> have the control over the creation of the JavaScriptHeaderItem or
> CssReferenceHeaderItem. It becomes much more difficult when there are
> resources that are created and then stored in wicket framework classes
> (whether resource references are framework or user created), because these
> resources are used later by the framework when it does the actual creation of
> the header items (i.e. like JavaScriptHeaderItem.forReference()).
> Supporting scenario...try setting the integrity hash for the
> "wicket-ajax-jquery.js" file which is referenced from the
> wicket-core-10.1.0.jar. This resource is created initially through the
> WicketAjaxJQueryResourceReference class and used in the
> JavaScriptLibrarySettings class. The call getWicketAjaxReference() inside the
> JavaScriptLibrarySettings is used by the framework in various places, and
> those places create the actual JavaScriptReferenceHeaderItem (see
> OnDomReadyHeaderItem.getDependencies() as an example). While it is possible
> to extend a few framework classes to overwrite the default behavior and
> create the JavaScriptReferenceHeaderItem directly and add the desired hash
> and cross-origin values, that method is not a desirable or maintainable.
> By adding integrity and cross-origin variables to the definition of a
> ResourceReference class, those values can then be used in the rendering of
> the JavaScriptReferenceHeaderItem through overriding the getIntegrity() and
> getCrossOrigin() functions. If the header item's integrity value was not
> defined (i.e. null) then use the value defined from the ResourceReference
> (the same goes for the cross origin value).
> It was also noticed that the AbstractCssReferenceHeaderItem's
> internalRenderCSSReference() function was not correctly referencing the
> integrity and cross origin values by directly accessing the values rather
> than using the accessor methods. Changes were made to this class to correctly
> use the accessor methods.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
