Author: jcompagner Date: Fri Nov 2 18:05:08 2007 New Revision: 591528 URL: http://svn.apache.org/viewvc?rev=591528&view=rev Log: better handling of redirect urls (which are relative with ../)
Modified: wicket/trunk/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/MockHttpServletResponse.java wicket/trunk/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/RequestUtils.java Modified: wicket/trunk/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/MockHttpServletResponse.java URL: http://svn.apache.org/viewvc/wicket/trunk/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/MockHttpServletResponse.java?rev=591528&r1=591527&r2=591528&view=diff ============================================================================== --- wicket/trunk/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/MockHttpServletResponse.java (original) +++ wicket/trunk/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/MockHttpServletResponse.java Fri Nov 2 18:05:08 2007 @@ -35,6 +35,7 @@ import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletResponse; +import org.apache.wicket.RequestCycle; import org.apache.wicket.util.value.ValueMap; @@ -526,6 +527,24 @@ */ public void sendRedirect(String location) throws IOException { + // If the location starts with ../ + if (location.startsWith("../")) + { + // Test if the current url has a / in it. (a mount) + String url = RequestCycle.get().getRequest().getURL(); + int index = url.lastIndexOf("/"); + if (index != -1) + { + // Then we have to recalculate what the real redirect is for the next request + // which is just getContext() + getServletPath() + "/" + location; + url = url.substring(0, index + 1) + location; + url = RequestUtils.removeDoubleDots(url); + + // stril the servlet path again from it. + index = url.indexOf("/"); + location = url.substring(index + 1); + } + } redirectLocation = location; } Modified: wicket/trunk/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/RequestUtils.java URL: http://svn.apache.org/viewvc/wicket/trunk/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/RequestUtils.java?rev=591528&r1=591527&r2=591528&view=diff ============================================================================== --- wicket/trunk/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/RequestUtils.java (original) +++ wicket/trunk/jdk-1.4/wicket/src/main/java/org/apache/wicket/protocol/http/RequestUtils.java Fri Nov 2 18:05:08 2007 @@ -52,7 +52,7 @@ if (bits.length == 2) { params.add(URLDecoder.decode(bits[0], "UTF-8"), URLDecoder.decode(bits[1], - "UTF-8")); + "UTF-8")); } else { @@ -74,20 +74,21 @@ */ static String removeDoubleDots(String path) { - String[] components = path.split("/"); - List newcomponents = new ArrayList(Arrays.asList(components)); + List newcomponents = new ArrayList(Arrays.asList(path.split("/"))); - for (int i = 0; i < components.length; i++) + for (int i = 0; i < newcomponents.size(); i++) { - if (i < components.length - 1) + if (i < newcomponents.size() - 1) { // Verify for a ".." component at next iteration - if (components[i].length() > 0 && components[i + 1].equals("..")) + if (((String)newcomponents.get(i)).length() > 0 && + newcomponents.get(i + 1).equals("..")) { newcomponents.remove(i); newcomponents.remove(i); - // Skip the ".." component - i++; + i = i - 2; + if (i < -1) + i = -1; } } }