Clone Tools
  • last updated 11 mins ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Improved: Use Error.ftl everywhere it's not yet used (OFBIZ-11890)

Removes ashes in web.xml files

  1. … 2 more files in changeset.
Improved: Cannot find the declaration of element 'web-app' in version 3.0 files. (OFBIZ-6993)

I missed to backport changes web.xml (was OK in plugins)

  1. … 24 more files in changeset.
Reverted: "Fixed: add XML declaration in “web.xml” files (OFBIZ-6993)"

This reverts commit 3075027df7c82bcb381810d9d438150ef696254f.

  1. … 24 more files in changeset.
Reverted: "Fixed: add XML declaration in “web.xml” files (OFBIZ-6993)"

This reverts commit a93b1fcb7859a754ba84b810c4736e7ef6778689.

  1. … 24 more files in changeset.
Revert "Improved: Update “web.xml” files version 3.0 → 4.0 (OFBIZ-6993)"

This reverts commit 226e901981b68941bbcf3e1025d2208061d28db6.

  1. … 24 more files in changeset.
Reverted: "Fixed: add XML declaration in “web.xml” files (OFBIZ-6993)"

This reverts commit d1c037dca1ea14caf545c85c3741bb9af093f3c9.

  1. … 24 more files in changeset.
Improved: Update “web.xml” files version 3.0 → 4.0 (OFBIZ-6993)

  1. … 24 more files in changeset.
Fixed: add XML declaration in “web.xml” files (OFBIZ-6993)

these declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

  1. … 24 more files in changeset.
Fixed: Add XML declaration in “web.xml” files (OFBIZ-6993)

These declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

  1. … 24 more files in changeset.
Fixed: add XML declaration in “web.xml” files (OFBIZ-6993)

these declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

  1. … 24 more files in changeset.
Fixed: Add XML declaration in “web.xml” files (OFBIZ-6993)

These declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

  1. … 24 more files in changeset.
Fixed: add XML declaration in “web.xml” files (OFBIZ-6993)

these declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

  1. … 24 more files in changeset.
Fixed: Add session tracking mode and make cookie secure (OFBIZ-6655)

Following "Session timeout for webapps" discussion on dev ML

https://markmail.org/message/p6fbiojjrwb2ybxd

We decided to put back the session-timeout value in web.xml files and to remove

the line

session.setMaxInactiveInterval(60*60); //in seconds

from ControlEventListener.java

Double checking Deepak found I missed 2 cases, here they are

I then checked using this regexp: ^(?!.[\s\S]*minutes).[\s\S]*servlet.*$

That there is not other cases. The regexp comes from

https://stackoverflow.com/questions/15209711/regex-to-find-files-containing-one-word-but-not-another

I did not want to pass 1 hour to create it ;)

Thanks: Deepak Nigam

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-framework/trunk@1851157 13f79535-47bb-0310-9956-ffa450edef68

  1. … 1 more file in changeset.
Improved: Add session tracking mode and make cookie secure (OFBIZ-6655)

Programmatically replaces the web.xml <session-config> declarations and uses

the @WebListener annotation to start the process. This avoid to duplicates

things everywhere in web.xml files. Since the web.xml files have precedence

on annotations, the setting can be easily overridden when necessary.

Now that we also use HTTPS in ecommerce the ecommerce session cookie is

also secured.

I also noted that we had 8 weird <session-timeout> declarations:

in solr component: <session-timeout>2</session-timeout>

in themes: <session-timeout>1</session-timeout>

Also in Rainbowstone we lacked the <cookie-config> and <tracking-mode>

declarations. I think it's not good.

I resolve these points by simply removing the <session-config> in web.xml files

of themes and Solr.

Thanks: Pradhan Yash Sharma for review

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-framework/trunk@1811041 13f79535-47bb-0310-9956-ffa450edef68

  1. … 27 more files in changeset.
Implemented: removed the "controller" related logic, that is now provided by the new ControlFilter, from the ContextFilter; modified existing applications to use the two filters in a chain; removed from the other specialized filters all the logic that was duplicated or extended from ContextFilter.

A web application, in order to leverage the OFBiz framework, requires that a

series of objects are in its contexts (servlet context, session and request)

such as "delegator", "delegatorName", "dispatcher", "security" etc. etc...

This setup is performed by the logic contained in the servlet filter implemented

by the ContextFilter class.

The execution of this logic is required for the application to run properly.

However, before this commit, in the ContextFilter there was other logic, related

to access control and redirection rules (some of them performed in coordination

with the ControlServlet), making it difficult to deploy this filter in all the

web applications, especially the ones that implement special handling of paths.

In fact, this filter was deployed in most but not all the web application in the

OFBiz codebase: specifically it was not deployed in web applications that

require the execution of other filters (e.g. CatalogUrlFilter, etc...) like the

ones in the "ecommerce" and "solr" components.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@1761304 13f79535-47bb-0310-9956-ffa450edef68

  1. … 50 more files in changeset.
(OFBIZ-6274) Renamed OFBiz artefacts from org.ofbiz.* to org.apache.ofbiz.*.Thanks to Taher for working on it.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@1752920 13f79535-47bb-0310-9956-ffa450edef68

  1. … 3610 more files in changeset.
Temporary fix for "UtilXml.LocalResolver.resolveEntity] could not find LOCAL DTD/Schema with publicId [null] and the file/resource is [web-app_3_0.xsd]" - https://issues.apache.org/jira/browse/OFBIZ-6807

As suggested by Deepak keeps only <<web-app version="3.0">> in web.xml files instead of whole xmlns and schemaLocation.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@1726388 13f79535-47bb-0310-9956-ffa450edef68

  1. … 53 more files in changeset.
2 modified patches from Rahul Bhammarker for "Add session tracking mode and make cookie secure" https://issues.apache.org/jira/browse/OFBIZ-6655

Need to enhance security at web-app level.

As per current implementation:

- The cookie containing the session identifier is not secure

- The session identifier is transmitted in the query string of the URL

To fix these issue we have to add following session config otpions in web.xml

{code}

<session-config>

<cookie-config>

<http-only>true</http-only>

<secure>true</secure>

</cookie-config>

<tracking-mode>COOKIE</tracking-mode>

</session-config>

{code}

Also we need to update the web-app servlet specification from 2.3 to 3.0

{code}

<web-app version="3.0"

xmlns="http://java.sun.com/xml/ns/javaee"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://java.sun.com/xml/ns/javaee

http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd">

{code}

https://tomcat.apache.org/whichversion.html

jleroux: these are only the framework+themes+applications patches, with 3 entries not applied

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@1719872 13f79535-47bb-0310-9956-ffa450edef68

  1. … 26 more files in changeset.
[OFBIZ-6171] Applied patch from Pierre Smits for replacing 'Open for Business' references with 'Apache OFBiz'.Thanks Pierre for the contribution.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@1706589 13f79535-47bb-0310-9956-ffa450edef68

  1. … 153 more files in changeset.
Party Manager - remove unused element from web.xml.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@1642580 13f79535-47bb-0310-9956-ffa450edef68

Party Manager - consolidate JS file locations into a single folder.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@1642575 13f79535-47bb-0310-9956-ffa450edef68

  1. … 7 more files in changeset.
Removed the old and unused "serviceReaderUrls" context-param from all the web applications.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@1364217 13f79535-47bb-0310-9956-ffa450edef68

  1. … 23 more files in changeset.
Because these back-end applications do not have a website and probably never will remove the website records and definitions in web.xml as an experiment for the accounting, order, product and party component. if there are no problems others will follow....

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@1153352 13f79535-47bb-0310-9956-ffa450edef68

  1. … 11 more files in changeset.
A patch from BJ Freeman "complete web.xml for error reporting" (https://issues.apache.org/jira/browse/OFBIZ-3820) - OFBIZ-3820

BJ: when there is an error, the control servlet looks for an error path in <param-name>allowedPaths</param-name>

it does not find one throwing an exception which buries the orginal error.

instead of changing the code it is just easier to add the /error: path.

then the real error gets reported correctly.

JLR: This will maybe help to better understand some errors on demo servers, and can't hurt

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@954135 13f79535-47bb-0310-9956-ffa450edef68

  1. … 36 more files in changeset.
2d part and end of an effort to remove trailing spaces [ \t]+$ => "" (empty) Should be easier to review when committing changes with trailing spaces removed automatically by anyedit or such tool (please refer to http://docs.ofbiz.org/x/mg)

Of course this effort to remove trailing spaces has no functional implications.

Actually, I was doing a 1st commit and as it's long to upload, I got conflicts with r763135

In the meantime I did some refactoring also in *.java and *.groovy files :

){ => ) {

if( => if (

while( => while (

}else => } else

else{ => else {

switch( => switch (

try{ => try {

}catch => } catch

catch( => catch (

}finally{ => } finally {

So these changes are also in this commit, should not be a problem anyway.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@763175 13f79535-47bb-0310-9956-ffa450edef68

  1. … 2212 more files in changeset.
Changed WebSiteId parameter description to be more general

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@751214 13f79535-47bb-0310-9956-ffa450edef68

  1. … 30 more files in changeset.
Added webSiteId definition for every webapp. This will be used to link online help pages to OFBiz screens. The webSiteId will also be used to associate VisualThemeSets to webapps.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@744502 13f79535-47bb-0310-9956-ffa450edef68

  1. … 19 more files in changeset.
Show progress bar during file upload in Party Content.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@595890 13f79535-47bb-0310-9956-ffa450edef68

  1. … 6 more files in changeset.
updated find party so create new links can determine what type of party to create (person vs group) based on the search parameters

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@539247 13f79535-47bb-0310-9956-ffa450edef68

  1. … 2 more files in changeset.
Applied patch from Adrian Crum (OFBIZ-763) to refactor the layout of the partymgr application according to the new css/patterns: this is still a work in progress and a PoC.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/trunk@514106 13f79535-47bb-0310-9956-ffa450edef68

  1. … 36 more files in changeset.