struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Charu Ramchandani (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WW-4774) Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues HTTPS to HTTP
Date Mon, 27 Mar 2017 17:45:41 GMT

    [ https://issues.apache.org/jira/browse/WW-4774?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15943707#comment-15943707
] 

Charu Ramchandani commented on WW-4774:
---------------------------------------

Another point to add here is that we have a custom Interceptor which inherits from MessageStoreInterceptor
class, and wherein we are registering a custom PreResultListener before invoking super.intercept(),
i.e., 
{code:title=MyCustomInterceptor.java|borderStyle=solid}
// Some comments here 
@Override 
public String intercept(ActionInvocation invocation) throws Exception { 
{ 
    invocation.addPreResultListener(new MyCustomPreResultListener()); 
    return super.intercept(); 
} 
{code} 
and here is the listener 
{code:title=MyCustomPreResultListener.java|borderStyle=solid}
// Some comments here 
@Override 
public String intercept(ActionInvocation invocation) throws Exception { 
{ 
    invocation.addPreResultListener(new MyCustomPreResultListener()); 
    return super.intercept(); 
} 
{code}
and
{code:title=MyCustomPreResultListener.java|borderStyle=solid}
@Override
	public void beforeResult(ActionInvocation invocation, String resultCode) {
		// If in a page fragment
		if (!Strings.isNullOrEmpty(resultCode) && invocation instanceof DefaultActionInvocation
&& invocation.getAction() instanceof BaseAction) {
			try {
				final DefaultActionInvocation dai = (DefaultActionInvocation) invocation;
				final MyBaseAction act = (MyBaseAction) invocation.getAction();
				// Instantiate result
				final Result res = dai.createResult();

				if (action.inFragment() && res != null && res instanceof ServletRedirectResult)
{
					final ServletRedirectResult servletRedirectResult = (ServletRedirectResult) res;
					redirectToPage(invocation, servletRedirectResult.getLocation(), getAnchorFromRedirect(servletRedirectResult),
action);
				}
			} catch (Exception e) {
				e.printStackTrace();
			}
		}
	}
getAnchorFromRedirect // uses reflections to read the value of anchor from ServletRedirectResult
object, which is coming as null
public static void redirectToPage(ActionInvocation invocation, String url, String anchor,
MyBaseAction action, ServletRedirectResult res) throws Exception {
		final HttpServletRequest req = ServletActionContext.getRequest();
		res.setStatusCode(204);

		MyParametersUtil.exportParameters(req, action, BaseActionHome.class);
		res.setAnchor(anchor);

		res.setLocation(MyParametersUtil.rewriteUrl(req, url));

		res.execute(invocation);
		invocation.setResultCode(null);
}
{code}

Somehow, if I call redirect on the servletRedirectResult object, then we are able to redirect
to the page, but then action messages don't populate. We get IllegalStateException: Committed.

Can you suggest something here please. We need to close this soon.

> Upgrding Struts 2.3.1 to 2.5.10.1 - Redirect issues  HTTPS to HTTP
> ------------------------------------------------------------------
>
>                 Key: WW-4774
>                 URL: https://issues.apache.org/jira/browse/WW-4774
>             Project: Struts 2
>          Issue Type: Bug
>    Affects Versions: 2.5.10
>            Reporter: upendar
>            Priority: Critical
>             Fix For: 2.5.next
>
>
> We are upgrading Struts2 from 2.3.1 to 2.5.10.1 ; redirect  making https:// to http://
. The following errors in chrome and IE are seen while redirecting  from the popup to main
window
> redirecting  popup (create user) --- main window (viewdashboard)  - the URL shows https://
to http://
> We are blocked completely due to this issue and need support ASAP. We also reviewed the
apache server configurations and looks good. Please share the fix in detail.
> Error Issue in chrome :
> Mixed Content: The page at 'https://XXXXX/XX/XX/viewdashboard?clear&Id=1&uar=44'
was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://XXX/XX/XX/viewdashboard?uar=44&Id=1'.
This request has been blocked; the content must be served over HTTPS.
> Issue in IE
> SEC7127: Redirect was blocked for CORS request.
> File: account
> SCRIPT7002: XMLHttpRequest: Network Error 0x2ef1, Could not complete the operation due
to error 00002ef1.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message