[Yanel-commits] rev 45049 -
public/yanel/trunk/src/contributions/resources/policymanager/src/java/org/wyona/yanel/impl/resources/policymanager
michi at wyona.com
michi at wyona.com
Thu Oct 15 14:58:18 CEST 2009
Author: michi
Date: 2009-10-15 14:58:18 +0200 (Thu, 15 Oct 2009)
New Revision: 45049
Modified:
public/yanel/trunk/src/contributions/resources/policymanager/src/java/org/wyona/yanel/impl/resources/policymanager/PolicyManagerResource.java
Log:
use the referer as cancel redirect
Modified: public/yanel/trunk/src/contributions/resources/policymanager/src/java/org/wyona/yanel/impl/resources/policymanager/PolicyManagerResource.java
===================================================================
--- public/yanel/trunk/src/contributions/resources/policymanager/src/java/org/wyona/yanel/impl/resources/policymanager/PolicyManagerResource.java 2009-10-15 12:28:08 UTC (rev 45048)
+++ public/yanel/trunk/src/contributions/resources/policymanager/src/java/org/wyona/yanel/impl/resources/policymanager/PolicyManagerResource.java 2009-10-15 12:58:18 UTC (rev 45049)
@@ -125,8 +125,8 @@
String policyURL = backToRealm + getPath().substring(1) + "?yanel.policy=update&get=policy";
String saveURL = backToRealm + getPath().substring(1) + "?yanel.policy=update&post=policy"; // This doesn't seem to work with all browsers!
- // TODO: Either make this configurable (for example via query string) or use the javascript back of the browser!
- String cancelURL = backToRealm + getPath().substring(1);
+ String cancelURL = getReferer(backToRealm);
+ log.warn("DEBUG: Cancel URL: " + cancelURL);
sb.append("<?xml version=\"1.0\"?>");
sb.append("<html xmlns=\"http://www.w3.org/1999/xhtml\">");
@@ -136,7 +136,8 @@
sb.append("<link rel=\"stylesheet\" href=\"" + PathUtil.getResourcesHtdocsPath(this) + "js/accesspolicyeditor/style.css\" type=\"text/css\"/>");
- sb.append("<script language=\"javascript\">var getURLs = {\"identities-url\": \"" + identitiesURL + "\", \"policy-url\": \"" + policyURL + "\", \"cancel-url\": \"" + cancelURL + "\", \"save-url\": \"" + saveURL + "\"};</script><script language=\"javascript\" src=\"" + PathUtil.getResourcesHtdocsPath(this) + "js/accesspolicyeditor/org.wyona.security.gwt.accesspolicyeditor.AccessPolicyEditor.nocache.js\"></script>");
+ // IMPORTANT: Please make sure that the value of 'cancel-url-base-equals-host-page-url' corresponds with getReferer()
+ sb.append("<script language=\"javascript\">var getURLs = {\"identities-url\": \"" + identitiesURL + "\", \"policy-url\": \"" + policyURL + "\", \"cancel-url\": \"" + cancelURL + "\", \"cancel-url-base-equals-host-page-url\": \"false\", \"save-url\": \"" + saveURL + "\"};</script><script language=\"javascript\" src=\"" + PathUtil.getResourcesHtdocsPath(this) + "js/accesspolicyeditor/org.wyona.security.gwt.accesspolicyeditor.AccessPolicyEditor.nocache.js\"></script>");
sb.append("</head>");
sb.append("<body><h1>Edit Access Policy</h1><p><div id=\"access-policy-editor-hook\"></div></p></body></html>");
@@ -337,4 +338,38 @@
Policy policy = new org.wyona.security.util.PolicyParser().parseXML(policyAsInputStream);
pm.setPolicy(path, policy);
}
+
+ /**
+ * Get referer (also see org.wyona.yanel.impl.resources.ResourceCreatorResource#getReferer())
+ */
+ private String getReferer(String backToRealm) throws Exception {
+ // IMPORTANT: Please make sure that the below corresponds with 'cancel-url-base-equals-host-page-url'
+ String referer = getEnvironment().getRequest().getHeader("Referer");
+ if(referer != null) {
+ java.net.URL url = new java.net.URL(referer);
+ // TODO: Replace with proxy settings!
+ return replaceEntities(referer);
+ //return backToRealm + replaceEntities(url.getFile() + "?" + url.getQuery());
+ } else {
+ log.warn("No referer found!");
+ }
+ return getPath().substring(1); // Absolute
+ //return backToRealm + getPath().substring(1); // Relative
+ }
+
+ /**
+ * Replaces some characters by their corresponding xml entities.
+ * This method escapes those characters which must not occur in an xml text node.
+ * @param string
+ * @return escaped string
+ */
+ private String replaceEntities(String str) {
+ // there may be some & and some & mixed in the input, so first transform all
+ // & to & and then transform all & back to &
+ // this way we don't get double escaped &amp;
+ str = str.replaceAll("&", "&");
+ str = str.replaceAll("&", "&");
+ str = str.replaceAll("<", "<");
+ return str;
+ }
}
More information about the Yanel-commits
mailing list