msggateway

Clone Tools
  • last updated a few seconds ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Improved: Corrected some line is longer than 150 characters checkstyle issues. Also fixed some extra spaces and naming conventions related checkstyle issues. (OFBIZ-11921)

  1. … 47 more files in changeset.
Improved: Use Error.ftl everywhere it's not yet used (OFBIZ-11890)

Removes all error*.jsp reference, no longer used

    • -53
    • +0
    ./webapp/msggateway/error/error.jsp
  1. … 21 more files in changeset.
Improved: Corrected checkstyle formatting issues, 'is preceded/not preceded with whitespace' for plugins component. (OFBIZ-11874) This fixes following checkstyle issues: '{' is not preceded with whitespace.

'{' is not followed by whitespace.

'}' is not followed by whitespace.

'}' is not preceded with whitespace.

'typecast' is not followed by whitespace.

'try' is not followed by whitespace.

';' is preceded with whitespace.

  1. … 31 more files in changeset.
Documented: ofbiz-plugins / msgGateway, remove docbook file without migrate them to asciidoc (contain only a title) (OFBIZ-11587)

    • -29
    • +0
    ./data/helpdata/HELP_MsgGateway.xml
Improved: replaces module by MODULE everywhere

  1. … 73 more files in changeset.
Fixed: Ensure that the SameSite attribute is set to 'strict' for all cookies.

(OFBIZ-11470)

As reported by OWASP ZAP:

A cookie has been set without the SameSite attribute, which means that the

cookie can be sent as a result of a 'cross-site' request. The SameSite attribute

is an effective counter measure to cross-site request forgery, cross-site script

inclusion, and timing attacks.

The solution was not obvious in OFBiz for 2 reasons:

1. There is no HttpServletResponse::setHeader. So we need to use a filter

(SameSiteFilter) and even that is not enough because of 2:

2. To prevent session fixation we force Tomcat to generates a new jsessionId,

ultimately put in cookie, in LoginWorker::login. So we need to add a call to

SameSiteFilter::addSameSiteCookieAttribute in

UtilHttp::setResponseBrowserDefaultSecurityHeaders.

  1. … 20 more files in changeset.
Fixed: Ensure that the SameSite attribute is set to 'strict' for all cookies.

(OFBIZ-11470)

As reported by OWASP ZAP:

A cookie has been set without the SameSite attribute, which means that the

cookie can be sent as a result of a 'cross-site' request. The SameSite attribute

is an effective counter measure to cross-site request forgery, cross-site script

inclusion, and timing attacks.

The solution was not obvious in OFBiz for 2 reasons:

1. There is no HttpServletResponse::setHeader. So we need to use a filter

(SameSiteFilter) and even that is not enough because of 2:

2. To prevent session fixation we force Tomcat to generates a new jsessionId,

ultimately put in cookie, in LoginWorker::login. So we need to add a call to

SameSiteFilter::addSameSiteCookieAttribute in

UtilHttp::setResponseBrowserDefaultSecurityHeaders.

  1. … 20 more files in changeset.
Fixed: Ensure that the SameSite attribute is set to 'strict' for all cookies.

(OFBIZ-11470)

As reported by OWASP ZAP:

A cookie has been set without the SameSite attribute, which means that the

cookie can be sent as a result of a 'cross-site' request. The SameSite attribute

is an effective counter measure to cross-site request forgery, cross-site script

inclusion, and timing attacks.

The solution was not obvious in OFBiz for 2 reasons:

1. There is no HttpServletResponse::setHeader. So we need to use a filter

(SameSiteFilter) and even that is not enough because of 2:

2. To prevent session fixation we force Tomcat to generates a new jsessionId,

ultimately put in cookie, in LoginWorker::login. So we need to add a call to

SameSiteFilter::addSameSiteCookieAttribute in

UtilHttp::setResponseBrowserDefaultSecurityHeaders.

  1. … 20 more files in changeset.
Fixed: Add XML declaration in “web.xml” files (OFBIZ-6993)

These declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

A schema conformance issue has been fixed in ecommerce “web.xml”.

(cherry picked from commit 1158664ba37264fa6b8429033bad768175ff10d5)

# Conflicts handled by hand

# msggateway/webapp/msggateway/WEB-INF/web.xml

    • -0
    • +86
    ./webapp/msggateway/WEB-INF/web.xml
  1. … 25 more files in changeset.
Fixed: Add XML declaration in “web.xml” files (OFBIZ-6993)

These declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

A schema conformance issue has been fixed in ecommerce “web.xml”.

  1. … 25 more files in changeset.
Fixed: Add XML declaration in “web.xml” files (OFBIZ-6993)

These declarations avoid SAXParseException traceback when parsing web.xml

the first time in WebappUtil.parseWebXmlFile

A schema conformance issue has been fixed in ecommerce “web.xml”.

# Conflicts handled by hand

# msggateway/webapp/msggateway/WEB-INF/web.xml

    • -0
    • +86
    ./webapp/msggateway/WEB-INF/web.xml
  1. … 25 more files in changeset.
Improved: Remove redundant "dtd" directory from classpath (OFBIZ-11161)

the "dtd" directories are already present as resources distributed

inside OFBiz jar, so there is no need to augment the classpath to find

the XML schema inside those directories.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1865797 13f79535-47bb-0310-9956-ffa450edef68

  1. … 1 more file in changeset.
Improved: Inline ‘UtilGenerics#checkList’ (OFBIZ-11141)

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1863492 13f79535-47bb-0310-9956-ffa450edef68

  1. … 5 more files in changeset.
Improved: no functional change, adds missing license headers

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1860902 13f79535-47bb-0310-9956-ffa450edef68

Improved: Remove useless imports

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1860027 13f79535-47bb-0310-9956-ffa450edef68

  1. … 1 more file in changeset.
Improved: Remove redundant type declarations (OFBIZ-10937)

Since Java 1.7, when defining generic types it is unnecessary to

redefine those types in the constructor when it is already done in the

declared type.

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1860025 13f79535-47bb-0310-9956-ffa450edef68

  1. … 43 more files in changeset.
Improved: Rename custom component for SMS gateway integration. Removed unused file. (OFBIZ-10973)

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1858323 13f79535-47bb-0310-9956-ffa450edef68

    • -23
    • +0
    ./data/MsgGatewaySecurityPermissionSeedData.xml
Improved: Rename custom component for SMS gateway integration. Move the permission data to demo data as it should not be consider as seed. (OFBIZ-10973)

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1858318 13f79535-47bb-0310-9956-ffa450edef68

    • -0
    • +10
    ./data/MsgGatewaySecurityGroupDemoData.xml
    • -9
    • +0
    ./data/MsgGatewaySecurityPermissionSeedData.xml
Improved: Rename custom component for SMS gateway integration. Change more refereneces from msg91 to msggateway. (OFBIZ-10973)

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1858315 13f79535-47bb-0310-9956-ffa450edef68

    • -2
    • +2
    ./webapp/msggateway/WEB-INF/controller.xml
Improved: Rename custom component for SMS gateway integration. Change main decorator location and app bar display setting. (OFBIZ-10973)

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1858311 13f79535-47bb-0310-9956-ffa450edef68

Improved: Rename custom component for SMS gateway integration. Rename files and references, also rename the webapp from msg91 to msggateway. (OFBIZ-10973) Thanks to Pritam and Swapnil Mane for this improvement

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1858308 13f79535-47bb-0310-9956-ffa450edef68

    • -7
    • +7
    ./data/MsgGatewaySecurityGroupDemoData.xml
    • -6
    • +8
    ./data/MsgGatewaySecurityPermissionSeedData.xml
    • -47
    • +0
    ./webapp/msg91/WEB-INF/controller.xml
    • -0
    • +47
    ./webapp/msggateway/WEB-INF/controller.xml
    • -0
    • +86
    ./webapp/msggateway/WEB-INF/web.xml
    • -0
    • +53
    ./webapp/msggateway/error/error.jsp
    • -0
    • +20
    ./webapp/msggateway/index.jsp
Improved: Rename custom component for SMS gateway integration. Rename files and references, few more will be coming after this commit. (OFBIZ-10973) Thanks to Pritam for this improvement

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1858307 13f79535-47bb-0310-9956-ffa450edef68

    • -0
    • +42
    ./config/MsgGatewayUiLabels.xml
    • -29
    • +0
    ./data/Msg91SecurityGroupDemoData.xml
    • -30
    • +0
    ./data/Msg91SecurityPermissionSeedData.xml
    • -0
    • +33
    ./data/MsgGatewayDemoData.xml
    • -0
    • +29
    ./data/MsgGatewaySecurityGroupDemoData.xml
    • -0
    • +30
    ./data/MsgGatewaySecurityPermissionSeedData.xml
    • -0
    • +30
    ./data/MsgGatewaySeedData.xml
    • -0
    • +29
    ./data/helpdata/HELP_MsgGateway.xml
    • -0
    • +35
    ./documents/MsgGateway.xml
  1. … 5 more files in changeset.
Improved: Rename custom component for SMS gateway integration. Rename the component name, will change the inner occrances in next commit. (OFBIZ-10973) Thanks to Jacques for notifying for this improvement

git-svn-id: https://svn.apache.org/repos/asf/ofbiz/ofbiz-plugins/trunk@1858279 13f79535-47bb-0310-9956-ffa450edef68

    • -0
    • +42
    ./config/Msg91UiLabels.xml
    • -0
    • +33
    ./data/Msg91DemoData.xml
    • -0
    • +29
    ./data/Msg91SecurityGroupDemoData.xml
    • -0
    • +30
    ./data/Msg91SecurityPermissionSeedData.xml
    • -0
    • +30
    ./data/Msg91SeedData.xml
    • -0
    • +29
    ./data/helpdata/HELP_Msg91.xml
    • -0
    • +35
    ./documents/Msg91.xml
    • -0
    • +45
    ./entitydef/entitymodel.xml
    • -0
    • +51
    ./ofbiz-component.xml
    • -0
    • +32
    ./servicedef/services.xml
    • -0
    • +54
    ./src/main/java/org/apache/ofbiz/msg91/Msg91Services.java
    • -0
    • +47
    ./webapp/msg91/WEB-INF/controller.xml
    • -0
    • +86
    ./webapp/msg91/WEB-INF/web.xml
    • -0
    • +53
    ./webapp/msg91/error/error.jsp
  1. … 23 more files in changeset.