[
https://issues.apache.org/jira/browse/OFBIZ-13143?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17886587#comment-17886587
]
Jacques Le Roux commented on OFBIZ-13143:
-----------------------------------------
Hi Nicolas,
I have reviewed and tested with trunk HEAD on both demo and locally, it's OK
with me.
There is just a weird unrelated thing.
Before applying your patch, I locally get the same than you, ie this message on
screen: "The entityName was not specified, but is required " and in log:
2024-10-03 08:41:21,513 |jsse-nio-8443-exec-2 |GenericDelegator |E| Error
getting entity definition from model
org.apache.ofbiz.entity.GenericModelException: Could not find definition for
entity name
Party?lastUpdatedStamp_fld1_op=opLessThan&createdByUserLogin_op=contains&createdDate_fld1_op=opLessThan&statusId_ic=Y&statusId_op=co
ntains&preferredCurrencyUomId_op=contains&partyTypeId_ic=Y&createdTxStamp_fld0_op=greaterThan&description_ic=Y&dataSourceId_ic=Y&sortField=partyId&lastModifiedDate_fld0_op=greaterThan&createdStamp_fld0_op=
greaterThan&lastUpdatedTxStamp_fld0_op=greaterThan&searchOptions_collapsed=true&lastUpdatedStamp_fld0_op=greaterThan&createdDate_fld0_op=greaterThan&noConditionFind=Y&partyId_op=like&preferredCurrencyUomId_ic=
Y&partyId_ic=Y&dataSourceId_op=contains&description_op=contains&partyTypeId_op=contains&lastUpdatedTxStamp_fld1_op=opLessThan&externalId_ic=Y&_method=GET&createdTxStamp_fld1_op=opLessThan&lastModifiedB
yUserLogin_op=contains&createdStamp_fld1_op=opLessThan&externalId_op=contains&createdByUserLogin_ic=Y&lastModifiedDate_fld1_op=opLessThan&lastModifiedByUserLogin_ic=Y
at
org.apache.ofbiz.entity.model.ModelReader.getModelEntity(ModelReader.java:518)
~[main/:?]
While on current trunk demo I get this:
HTTP Status 500 – Internal Server Error
Type Exception Report
Message For security reason this URL is not accepted
Description The server encountered an unexpected condition that prevented it
from fulfilling the request.
Exception
java.lang.RuntimeException: For security reason this URL is not accepted
org.apache.ofbiz.webapp.control.ControlFilter.doFilter(ControlFilter.java:172)
javax.servlet.http.HttpFilter.doFilter(HttpFilter.java:53)
org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
Note The full stack trace of the root cause is available in the server logs.
Apache Tomcat/9.0.91
And in log :
2024-10-03 06:39:34,432 |-0.0.0.0-8009-exec-5 |ControlFilter |E| For security
reason this URL is not accepted
I have no explanation for that. Anyway I believe we can neglect since your fix
should clean that.
> Webtools FindGeneric, sort field is break on list
> -------------------------------------------------
>
> Key: OFBIZ-13143
> URL: https://issues.apache.org/jira/browse/OFBIZ-13143
> Project: OFBiz
> Issue Type: Bug
> Components: webtools
> Reporter: Nicolas Malin
> Assignee: Nicolas Malin
> Priority: Minor
> Labels: list, sort, url, url-encoding, webtools
> Attachments: OFBIZ-13143.patch, image-2024-09-27-15-32-36-309.png
>
>
> On webtools the FindGeneric screen (/webtools/entity/find/{entityName}) have
> an issue with the sort order.
> After a search if you clic to sort the list, you lost the entityName and your
> search. The analyse look that come from the url encode
> (MacroFormRenderer.java:2141), who result a bad interpretation during ftl
> rendering.
> {code:java}
> linkUrl = rh.makeLink(this.request, this.response,
> urlPath.concat(URLEncoder.encode(newQueryString, "UTF-8")));
> {code}
> This has been introduce with jira OFBIZ-8302 for security reason.
> !image-2024-09-27-15-32-36-309.png!
> To solve this, we implement a new function on UtilCodec.java to ask it if we
> need to encode the url or not with the presence of the variable
> escapeUrlEncode.
> Like is test on root context, we need to set this variable on our code where
> we want to escape the encoding, just before call the MacroRenderer. This it
> not accessible from the request so no risk for the security origin fix.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
