Hi,
I also think the current behavior is not correct. See my question at
http://markmail.org/message/xmo74m3tbc5v4nwp.
I read the name of the method "enforceMounts" as "do not allow urls to page
which are not explicitly mounted". I believe also this is the reason this
method is in SecuritySettings
Martin,
Checked this issue: https://issues.apache.org/jira/browse/WICKET-5094
Absolutely disagree with discussed behavior. It's meaningless to
prevent accessing /wicket/bookmarkable/ only if there is mount
point for that page.
Please help to find consensus. In mine case it's real security hole.
T
Martin,
Just checked: it doesn't work as expected. It seems that this code
doesn't work as it was assumed:
BookmarkableMapper.java
if (application.getSecuritySettings().getEnforceMounts())
{
// we make an exception if the homepage itself was mounted, see WICKET-1898
if (!pageClass.equals(applicat
Ah, okay, thanks!
On Tue, May 3, 2016 at 2:38 PM, Martin Grigorov
wrote:
> There is a task for Wicket 8 for this.
> On May 4, 2016 12:32 AM, "Lon Varscsak" wrote:
>
> > Shouldn’t DateLabel allow Joda dates to be used in addition to
> > java.util.Date?
> >
> > Thanks,
> >
> > Lon (Wicket Newb :D
There is a task for Wicket 8 for this.
On May 4, 2016 12:32 AM, "Lon Varscsak" wrote:
> Shouldn’t DateLabel allow Joda dates to be used in addition to
> java.util.Date?
>
> Thanks,
>
> Lon (Wicket Newb :D)
>
Shouldn’t DateLabel allow Joda dates to be used in addition to
java.util.Date?
Thanks,
Lon (Wicket Newb :D)
Hi Maxim,
"revert" options can take a function as argument [1]. maybe you can use it
and test for an additional css class?
I did a quick test and it works as expected:
MyDraggable {
@Override
public void onConfigure(JQueryBehavior behavior)
{
super.onConfigure(behavior);
Thank you Andrea & Tobias, glad to read you like the new site! :)
@Tobias, I will test srcset :)
Best regards,
Sebastien.
On Tue, May 3, 2016 at 7:48 AM, Tobias Soloschenko <
tobiassolosche...@googlemail.com> wrote:
> Congratulations also from me! Good to see that project is moving forward!
>
Thank you Martin! I did know that there should be easier way to do
that, but could not be able to find it:)
Regards,
Ilia
2016-05-03 0:06 GMT-07:00 Martin Grigorov :
> Hi,
>
> I always thought
> that org.apache.wicket.settings.SecuritySettings#getEnforceMounts() is for
> this. Also its javadoc s
Guten Tag Thorsten Schöning,
am Dienstag, 3. Mai 2016 um 15:49 schrieben Sie:
> So I would suggest enhancing WebRequest to provide isAjax and some
> kind of isWicketAjax to distinguish both situations from each other.
> getClientUrl could than simply take isWicketAjax into account for its
> specia
Guten Tag Martin Grigorov,
am Dienstag, 3. Mai 2016 um 15:35 schrieben Sie:
> Configuring your own IExceptionMapper[...]
I already use a custom exception mapper extending
DefaultExceptionMapper because I wanted to follow an approach
comparable to the one discussed before:
http://apache-wicket.18
Hi,
I have a legacy web app which uses some pieces of Wicket and plain
jQuery to do some Ajax, but without any Wicket specific JS. The
glue between both is simply using AjaxBehavior to register some
callbacks and that works fine.
The problem I have currently is that Wicket thinks in some places t
Hi Thorsten,
On Tue, May 3, 2016 at 3:19 PM, Thorsten Schöning
wrote:
> Guten Tag Martin Grigorov,
> am Dienstag, 3. Mai 2016 um 14:31 schrieben Sie:
>
> > Because the DefaultExceptionMapper is the final/catch-all place to catch
> > exceptions and it should be generic.
>
> Subclasses can't easil
Guten Tag Martin Grigorov,
am Dienstag, 3. Mai 2016 um 14:31 schrieben Sie:
> Because the DefaultExceptionMapper is the final/catch-all place to catch
> exceptions and it should be generic.
Subclasses can't easily override this specific behavior as well and a
more useful default behavior is gener
There are no less than 7 newer versions of 1.5.x, so perhaps update to
1.5.15 to see if you're having better luck? According to the changelog,
there were several redirect-related bugs fixed in 1.5.11:
https://github.com/apache/wicket/blob/wicket-1.5.x/CHANGELOG-1.5#L41
Sincerely,
Jeroen
2016-05
Hi guys,
currently in the older deployed versions of our system in the cluster
environment, we're experiencing sometimes strange behaviour where one
session loops in the 302 redirect cyclethis is the log from load
balancer:
"GET /wicket/page?420-1. 302 333 (redir=-,
SID=h_pXgpfMGo80oe7JYFor4S
Hi,
On Tue, May 3, 2016 at 2:22 PM, Thorsten Schöning
wrote:
> Hi all,
>
> > private IRequestHandler internalMap(Exception e)
> [...]
> >switch
> (application.getExceptionSettings().getAjaxErrorHandlingStrategy())
> >{
> >case INVOKE_FAILURE_HANDLER :
> >return new Er
Hi all,
> private IRequestHandler internalMap(Exception e)
[...]
>switch (application.getExceptionSettings().getAjaxErrorHandlingStrategy())
>{
>case INVOKE_FAILURE_HANDLER :
>return new ErrorCodeRequestHandler(500);
>}
Is there any reason why the request handler d
Hi,
+1 to what Edmont Urbani said!
You either need to keep your pages stateless or you need to use distributed
page store (see
https://github.com/wicketstuff/core/tree/master/datastores-parent for
several impls).
Martin Grigorov
Wicket Training and Consulting
https://twitter.com/mtgrigorov
On Mo
Hi,
I always thought
that org.apache.wicket.settings.SecuritySettings#getEnforceMounts() is for
this. Also its javadoc seems to say that.
But there were some changes to its behavior after which I am no more sure
what exactly it does :-/
Martin Grigorov
Wicket Training and Consulting
https://twitt
20 matches
Mail list logo