myfaces-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jak...@apache.org
Subject svn commit: r1136978 - in /myfaces/shared/trunk/core/src: main/java/org/apache/myfaces/shared/context/flash/FlashImpl.java test/java/org/apache/myfaces/shared/context/flash/FlashImplTest.java
Date Fri, 17 Jun 2011 18:55:09 GMT
Author: jakobk
Date: Fri Jun 17 18:55:09 2011
New Revision: 1136978

URL: http://svn.apache.org/viewvc?rev=1136978&view=rev
Log:
MYFACES-3177 Add secure flag for cookies if the page is accessed over a secure protocol (implement
for 2.1.x)

Modified:
    myfaces/shared/trunk/core/src/main/java/org/apache/myfaces/shared/context/flash/FlashImpl.java
    myfaces/shared/trunk/core/src/test/java/org/apache/myfaces/shared/context/flash/FlashImplTest.java

Modified: myfaces/shared/trunk/core/src/main/java/org/apache/myfaces/shared/context/flash/FlashImpl.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk/core/src/main/java/org/apache/myfaces/shared/context/flash/FlashImpl.java?rev=1136978&r1=1136977&r2=1136978&view=diff
==============================================================================
--- myfaces/shared/trunk/core/src/main/java/org/apache/myfaces/shared/context/flash/FlashImpl.java
(original)
+++ myfaces/shared/trunk/core/src/main/java/org/apache/myfaces/shared/context/flash/FlashImpl.java
Fri Jun 17 18:55:09 2011
@@ -39,7 +39,6 @@ import java.util.List;
 import java.util.Map;
 import java.util.Set;
 import java.util.concurrent.atomic.AtomicLong;
-import java.util.logging.Level;
 import java.util.logging.Logger;
 
 /**
@@ -588,9 +587,7 @@ public class FlashImpl extends Flash
                 .getHttpServletResponse(externalContext);
         if (httpResponse != null)
         {
-            Cookie cookie = new Cookie(FLASH_REDIRECT, "true");
-            cookie.setMaxAge(-1);
-            cookie.setPath(_getCookiePath(externalContext));
+            Cookie cookie = _createFlashCookie(FLASH_REDIRECT, "true", externalContext);
             httpResponse.addCookie(cookie);
         }
         else
@@ -598,7 +595,7 @@ public class FlashImpl extends Flash
             externalContext.getSessionMap().put(FLASH_REDIRECT, true);
         }
     }
-    
+
     /**
      * Restores the redirect value of the previous request and saves
      * it in the RequestMap under the key FLASH_PREVIOUS_REQUEST_REDIRECT.
@@ -734,9 +731,7 @@ public class FlashImpl extends Flash
         HttpServletResponse httpResponse = ExternalContextUtils.getHttpServletResponse(externalContext);
         if (httpResponse != null)
         {
-            Cookie cookie = new Cookie(FLASH_RENDER_MAP_TOKEN, tokenValue);
-            cookie.setMaxAge(-1);
-            cookie.setPath(_getCookiePath(externalContext));
+            Cookie cookie = _createFlashCookie(FLASH_RENDER_MAP_TOKEN, tokenValue, externalContext);
             httpResponse.addCookie(cookie);
         }
         else
@@ -1004,6 +999,26 @@ public class FlashImpl extends Flash
     }
 
     /**
+     * Creates a Cookie with the given name and value.
+     * In addition, it will be configured with maxAge=-1, the current request path and secure
value.
+     *
+     * @param name
+     * @param value
+     * @param externalContext
+     * @return
+     */
+    private Cookie _createFlashCookie(String name, String value, ExternalContext externalContext)
+    {
+        Cookie cookie = new Cookie(name, value);
+
+        cookie.setMaxAge(-1);
+        cookie.setPath(_getCookiePath(externalContext));
+        cookie.setSecure(externalContext.isSecure());
+
+        return cookie;
+    }
+
+    /**
      * Returns the path for the Flash-Cookies.
      * @param externalContext
      * @return

Modified: myfaces/shared/trunk/core/src/test/java/org/apache/myfaces/shared/context/flash/FlashImplTest.java
URL: http://svn.apache.org/viewvc/myfaces/shared/trunk/core/src/test/java/org/apache/myfaces/shared/context/flash/FlashImplTest.java?rev=1136978&r1=1136977&r2=1136978&view=diff
==============================================================================
--- myfaces/shared/trunk/core/src/test/java/org/apache/myfaces/shared/context/flash/FlashImplTest.java
(original)
+++ myfaces/shared/trunk/core/src/test/java/org/apache/myfaces/shared/context/flash/FlashImplTest.java
Fri Jun 17 18:55:09 2011
@@ -26,9 +26,13 @@ import java.util.Map;
 
 import javax.faces.application.FacesMessage;
 import javax.faces.event.PhaseId;
+import javax.servlet.ServletContext;
 import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import org.apache.myfaces.test.base.AbstractViewControllerTestCase;
+import org.apache.myfaces.test.mock.MockExternalContext20;
 import org.apache.myfaces.test.mock.MockFacesContext20;
 import org.apache.myfaces.test.mock.MockHttpServletRequest;
 import org.apache.myfaces.test.mock.MockHttpServletResponse;
@@ -49,6 +53,16 @@ public class FlashImplTest extends Abstr
     }
 
     @Override
+    protected void setUpFacesContext() throws Exception
+    {
+        super.setUpFacesContext();
+
+        // Unfortunately, setUpExternalContext() does not work, b/c MockFacesContext20 overwrites
it!
+        externalContext = new MockExternalContext21(servletContext, request, response);
+        facesContext.setExternalContext(externalContext);
+    }
+
+    @Override
     protected void setUp() throws Exception
     {
         super.setUp();
@@ -1049,4 +1063,31 @@ public class FlashImplTest extends Abstr
         }
     }
 
+    /**
+     * Adds isSecure() implementation to MockExternalContext20.
+     *
+     * TODO remove this one as soon as MyFaces-Test provides MockExternalContext21.
+     */
+    private static class MockExternalContext21 extends MockExternalContext20
+    {
+
+        private boolean secure = false;
+
+        private MockExternalContext21(ServletContext context, HttpServletRequest request,
HttpServletResponse response)
+        {
+            super(context, request, response);
+        }
+
+        @Override
+        public boolean isSecure()
+        {
+            return secure;
+        }
+
+        public void setSecure(boolean secure)
+        {
+            this.secure = secure;
+        }
+    }
+
 }



Mime
View raw message