example

Clone Tools
  • last updated a few minutes ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Improved: Move page-specific script links to html template (OFBIZ-11799)

Moved OpenLayer js and css to html template

Tested on https://localhost:8443/partymgr/control/PartyGeoLocation?partyId=DemoCustomer

Improved: Corrected some line is longer than 150 characters checkstyle issues. Also fixed some extra spaces and naming conventions related checkstyle issues. (OFBIZ-11921)

  1. … 47 more files in changeset.
Improved: Update build.gradle to the latest dependencies (OFBIZ-11903)

See

https://cwiki.apache.org/confluence/display/OFBIZ/About+OWASP+Dependency+Check

for libs not upgraded.

  1. … 4 more files in changeset.
Improved: Use Error.ftl everywhere it's not yet used (OFBIZ-11890)

Removes all error*.jsp reference, no longer used

  1. … 21 more files in changeset.
Improved: Corrected all checkstyle formatting issues: Line has trailing spaces in plugins component. (OFBIZ-11880) Thanks Jacques for review.

  1. … 60 more files in changeset.
Improved: Corrected checkstyle formatting issues, 'is preceded/not preceded with whitespace' for plugins component. (OFBIZ-11874) This fixes following checkstyle issues: '{' is not preceded with whitespace.

'{' is not followed by whitespace.

'}' is not followed by whitespace.

'}' is not preceded with whitespace.

'typecast' is not followed by whitespace.

'try' is not followed by whitespace.

';' is preceded with whitespace.

  1. … 31 more files in changeset.
Improved: Change resources with proper naming convention in all plugin components. (OFBIZ-11739) Also, made MODULE as private data member of class instead of public. Thanks Jacques for review.

  1. … 61 more files in changeset.
Improved: Expansion of form widget field disabled atrribute with xsd improvement (#21)

(OFBIZ-10432)

Added disabled attribute support in ModelFormField with xs: boolean type

Removed specific field level disabled attribute support for CheckField and TextField

Modified existing usage of the disabled attribute as per new implementation.

Added new DisabledFieldExampleForm under Form Widget Examples for all the fields with disabled attributes.

Thanks: Rishi for the report and Taher, Gil and Jacques for the feedback

  1. … 3 more files in changeset.
Improved: Apply multi-block attr to each application (OFBIZ-11706)

For remaining plugin applications.

  1. … 17 more files in changeset.
Improved: Update build.gradle to the latest dependencies

(OFBIZ-11603)

I tried to update to Groovy 3 but got a compile issue with commons-cli.

I did not dig further.

  1. … 6 more files in changeset.
Improved: replaces module by MODULE everywhere

  1. … 71 more files in changeset.
Fixed: Ensure that the SameSite attribute is set to 'strict' for all cookies.

(OFBIZ-11470)

As reported by OWASP ZAP:

A cookie has been set without the SameSite attribute, which means that the

cookie can be sent as a result of a 'cross-site' request. The SameSite attribute

is an effective counter measure to cross-site request forgery, cross-site script

inclusion, and timing attacks.

The solution was not obvious in OFBiz for 2 reasons:

1. There is no HttpServletResponse::setHeader. So we need to use a filter

(SameSiteFilter) and even that is not enough because of 2:

2. To prevent session fixation we force Tomcat to generates a new jsessionId,

ultimately put in cookie, in LoginWorker::login. So we need to add a call to

SameSiteFilter::addSameSiteCookieAttribute in

UtilHttp::setResponseBrowserDefaultSecurityHeaders.

  1. … 20 more files in changeset.
Fixed: Ensure that the SameSite attribute is set to 'strict' for all cookies.

(OFBIZ-11470)

As reported by OWASP ZAP:

A cookie has been set without the SameSite attribute, which means that the

cookie can be sent as a result of a 'cross-site' request. The SameSite attribute

is an effective counter measure to cross-site request forgery, cross-site script

inclusion, and timing attacks.

The solution was not obvious in OFBiz for 2 reasons:

1. There is no HttpServletResponse::setHeader. So we need to use a filter

(SameSiteFilter) and even that is not enough because of 2:

2. To prevent session fixation we force Tomcat to generates a new jsessionId,

ultimately put in cookie, in LoginWorker::login. So we need to add a call to

SameSiteFilter::addSameSiteCookieAttribute in

UtilHttp::setResponseBrowserDefaultSecurityHeaders.

  1. … 20 more files in changeset.
Fixed: Ensure that the SameSite attribute is set to 'strict' for all cookies.

(OFBIZ-11470)

As reported by OWASP ZAP:

A cookie has been set without the SameSite attribute, which means that the

cookie can be sent as a result of a 'cross-site' request. The SameSite attribute

is an effective counter measure to cross-site request forgery, cross-site script

inclusion, and timing attacks.

The solution was not obvious in OFBiz for 2 reasons:

1. There is no HttpServletResponse::setHeader. So we need to use a filter

(SameSiteFilter) and even that is not enough because of 2:

2. To prevent session fixation we force Tomcat to generates a new jsessionId,

ultimately put in cookie, in LoginWorker::login. So we need to add a call to

SameSiteFilter::addSameSiteCookieAttribute in

UtilHttp::setResponseBrowserDefaultSecurityHeaders.

  1. … 20 more files in changeset.
Upgrade Tomcat from 9.0.29 to 9.0.31 (CVE-2020-1938) (OFBIZ-11407)

tomcat-embed-websocket dependencies not updated

Fixed: Add XML declaration in “web.xml” files (OFBIZ-6993)

These declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

A schema conformance issue has been fixed in ecommerce “web.xml”.

(cherry picked from commit 1158664ba37264fa6b8429033bad768175ff10d5)

# Conflicts handled by hand

# msggateway/webapp/msggateway/WEB-INF/web.xml

  1. … 25 more files in changeset.
Fixed: Add XML declaration in “web.xml” files (OFBIZ-6993)

These declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

A schema conformance issue has been fixed in ecommerce “web.xml”.

  1. … 25 more files in changeset.
Fixed: Add XML declaration in “web.xml” files (OFBIZ-6993)

These declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

A schema conformance issue has been fixed in ecommerce “web.xml”.

# Conflicts handled by hand

# msggateway/webapp/msggateway/WEB-INF/web.xml

  1. … 25 more files in changeset.
"Applied fix from plugins for revision: 1868545" ------------------------------------------------------------------------ r1868545 | jleroux | 2019-10-17 14:19:33 +0200 (jeu. 17 oct. 2019) | 16 lignes

Fixed: EditExample always update status, because current Status not shown

(OFBIZ-11230)

In the EditExample Form, the drop-down is populates with the Valid change status

only. So current status is not in the list and the status print in the drop-down

is the next authorized. I want to modify exampleName or exampleType, I go to

editExample and change what I want and validate. The problem is status is also

changed!

There are 12 other same or similar cases. For the first of them (in FinAccount)

there is the same bug: when I change FinAccount Name, status change too. If I

add current="first-in-list" in the tag drop-down it works

jleroux: Quote is a peculiar case due to OFBIZ-7337 which was a wrong fix

Thanks: Oliver for the analysis and the fix

------------------------------------------------------------------------

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/branches/release17.12@1868549 13f79535-47bb-0310-9956-ffa450edef68

"Applied fix from plugins for revision: 1868545" ------------------------------------------------------------------------ r1868545 | jleroux | 2019-10-17 14:19:33 +0200 (jeu. 17 oct. 2019) | 16 lignes

Fixed: EditExample always update status, because current Status not shown

(OFBIZ-11230)

In the EditExample Form, the drop-down is populates with the Valid change status

only. So current status is not in the list and the status print in the drop-down

is the next authorized. I want to modify exampleName or exampleType, I go to

editExample and change what I want and validate. The problem is status is also

changed!

There are 12 other same or similar cases. For the first of them (in FinAccount)

there is the same bug: when I change FinAccount Name, status change too. If I

add current="first-in-list" in the tag drop-down it works

jleroux: Quote is a peculiar case due to OFBIZ-7337 which was a wrong fix

Thanks: Oliver for the analysis and the fix

------------------------------------------------------------------------

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/branches/release18.12@1868547 13f79535-47bb-0310-9956-ffa450edef68

Fixed: EditExample always update status, because current Status not shown (OFBIZ-11230)

In the EditExample Form, the drop-down is populates with the Valid change status

only. So current status is not in the list and the status print in the drop-down

is the next authorized. I want to modify exampleName or exampleType, I go to

editExample and change what I want and validate. The problem is status is also

changed!

There are 12 other same or similar cases. For the first of them (in FinAccount)

there is the same bug: when I change FinAccount Name, status change too. If I

add current="first-in-list" in the tag drop-down it works

jleroux: Quote is a peculiar case due to OFBIZ-7337 which was a wrong fix

Thanks: Oliver for the analysis and the fix

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1868545 13f79535-47bb-0310-9956-ffa450edef68

Improved: Upgrade Tomcat from 9.0.26 to 9.0.27 (OFBIZ-11249)

Forgot a plugin, as ever :/

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1868544 13f79535-47bb-0310-9956-ffa450edef68

Improved: Update build.gradle to the latest dependencies (OFBIZ-11245)

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1868194 13f79535-47bb-0310-9956-ffa450edef68

Improved: Remove redundant "dtd" directory from classpath (OFBIZ-11161)

the "dtd" directories are already present as resources distributed

inside OFBiz jar, so there is no need to augment the classpath to find

the XML schema inside those directories.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1865797 13f79535-47bb-0310-9956-ffa450edef68

  1. … 1 more file in changeset.
Improved: Update build.gradle to the latest dependencies (OFBIZ-11151)

Like for OFBIZ-10922 some updates were not possible. Please refer to the Jira

for more information

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1864973 13f79535-47bb-0310-9956-ffa450edef68

  1. … 6 more files in changeset.
Improved: Navigate from a domain to another with automated signed in authentication (OFBIZ-10307)

Currently the CORS demonstration in example component is useless.

This tooltip allows local users to test it.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1862538 13f79535-47bb-0310-9956-ffa450edef68

Improved: Update Tomcat to 9.0.21 (OFBIZ-11102)

Mostly because of various concurrency and stability fixes for HTTP/2 as reported

in the official announcement

Once again missed to commit in example/build.gradle

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1861262 13f79535-47bb-0310-9956-ffa450edef68

Improved: Remove redundant type declarations (OFBIZ-10937)

Since Java 1.7, when defining generic types it is unnecessary to

redefine those types in the constructor when it is already done in the

declared type.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1860025 13f79535-47bb-0310-9956-ffa450edef68

  1. … 43 more files in changeset.
"Applied fix from plugins for revision: 1859735 " ------------------------------------------------------------------------ r1859735 | jleroux | 2019-05-22 18:41:04 +0200 (mer. 22 mai 2019) | 12 lignes

Fixed: massPrintOrders service does not work

(OFBIZ-11049)

This problem was similar to what was resolved by r1806237 for OFBIZ-9138.

This fixes it by using the same solution than in r1806237. If the visual theme

is unknown in the the service context get the default theme from

general.properties using ThemeFactory::resolveTheme.

sendPrintFromScreen, createFileFromScreen, sendBirtMail, getXslFo and

printReportPdf (in example) were concerned

------------------------------------------------------------------------

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/branches/release17.12@1859739 13f79535-47bb-0310-9956-ffa450edef68

  1. … 1 more file in changeset.
"Applied fix from plugins for revision: 1859735 " ------------------------------------------------------------------------ r1859735 | jleroux | 2019-05-22 18:41:04 +0200 (mer. 22 mai 2019) | 12 lignes

Fixed: massPrintOrders service does not work

(OFBIZ-11049)

This problem was similar to what was resolved by r1806237 for OFBIZ-9138.

This fixes it by using the same solution than in r1806237. If the visual theme

is unknown in the the service context get the default theme from

general.properties using ThemeFactory::resolveTheme.

sendPrintFromScreen, createFileFromScreen, sendBirtMail, getXslFo and

printReportPdf (in example) were concerned

------------------------------------------------------------------------

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/branches/release18.12@1859737 13f79535-47bb-0310-9956-ffa450edef68

  1. … 1 more file in changeset.