|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object org.apache.wicket.protocol.http.request.CryptedUrlWebRequestCodingStrategy
public class CryptedUrlWebRequestCodingStrategy
This is a request coding strategy which encrypts the URL and hence makes it impossible for users to guess what is in the url and rebuild it manually. It uses the CryptFactory registered with the application to encode and decode the URL. Hence, the coding algorithm must be a two-way one (reversible). Because the algorithm is reversible, URLs which were bookmarkable before will remain bookmarkable.
To register the request coding strategy to need to do the following:
protected IRequestCycleProcessor newRequestCycleProcessor() { return new WebRequestCycleProcessor() { protected IRequestCodingStrategy newRequestCodingStrategy() { return new CryptedUrlWebRequestCodingStrategy(new WebRequestCodingStrategy()); } }; }Note: When trying to hack urls in the browser an exception might be caught while decoding the URL. By default, for safety reasons a very simple WicketRuntimeException is thrown. The original stack trace is only logged.
Nested Class Summary | |
---|---|
class |
CryptedUrlWebRequestCodingStrategy.HackAttackException
|
Constructor Summary | |
---|---|
CryptedUrlWebRequestCodingStrategy(IRequestCodingStrategy defaultStrategy)
Construct. |
Method Summary | |
---|---|
RequestParameters |
decode(Request request)
Decode the querystring of the URL |
protected java.lang.String |
decodeURL(java.lang.String url)
Decode the "x" parameter of the querystring |
java.lang.CharSequence |
encode(RequestCycle requestCycle,
IRequestTarget requestTarget)
Encode the querystring of the URL |
protected java.lang.CharSequence |
encodeURL(java.lang.CharSequence url)
Returns the given url encoded. |
void |
mount(IRequestTargetUrlCodingStrategy urlCodingStrategy)
Mounts a request target with the given path. |
protected java.lang.String |
onError(java.lang.Exception ex)
Deprecated. Use onError(Exception, String) |
protected java.lang.String |
onError(java.lang.Exception ex,
java.lang.String url)
|
java.lang.CharSequence |
pathForTarget(IRequestTarget requestTarget)
Gets the url that the provided request target conforms to. |
protected java.lang.String |
rebuildUrl(java.lang.CharSequence queryString)
In case the query string has been shortened prior to encryption, than rebuild (lengthen) the query string now. |
protected java.lang.CharSequence |
shortenUrl(java.lang.CharSequence queryString)
Try to shorten the querystring without loosing information. |
IRequestTarget |
targetForRequest(RequestParameters requestParameters)
Gets the request target that conforms to the given request parameters. |
void |
unmount(java.lang.String path)
Unmounts a request target. |
IRequestTargetUrlCodingStrategy |
urlCodingStrategyForPath(java.lang.String path)
Gets the encoder that was mounted on the provided path if any. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Constructor Detail |
---|
public CryptedUrlWebRequestCodingStrategy(IRequestCodingStrategy defaultStrategy)
defaultStrategy
- The default strategy most requests are forwarded toMethod Detail |
---|
public RequestParameters decode(Request request)
decode
in interface IRequestCodingStrategy
request
- the incoming request
IRequestCodingStrategy.decode(org.apache.wicket.Request)
public java.lang.CharSequence encode(RequestCycle requestCycle, IRequestTarget requestTarget)
encode
in interface IRequestCodingStrategy
requestCycle
- the current request cycle (for efficient access)requestTarget
- the request target
IRequestCodingStrategy.encode(org.apache.wicket.RequestCycle,
org.apache.wicket.IRequestTarget)
public void mount(IRequestTargetUrlCodingStrategy urlCodingStrategy)
IRequestTargetMounter
mount
in interface IRequestTargetMounter
urlCodingStrategy
- The strategy to use for encoding and decoding urlsIRequestTargetMounter.mount(org.apache.wicket.request.target.coding.IRequestTargetUrlCodingStrategy)
public void unmount(java.lang.String path)
IRequestTargetMounter
unmount
in interface IRequestTargetMounter
path
- the path to unmountIRequestTargetMounter.unmount(java.lang.String)
public IRequestTargetUrlCodingStrategy urlCodingStrategyForPath(java.lang.String path)
IRequestTargetMounter
urlCodingStrategyForPath
in interface IRequestTargetMounter
path
- the path
IRequestTargetMounter.urlCodingStrategyForPath(java.lang.String)
public java.lang.CharSequence pathForTarget(IRequestTarget requestTarget)
IRequestTargetMounter
pathForTarget
in interface IRequestTargetMounter
requestTarget
- the request target
IRequestTargetMounter.pathForTarget(org.apache.wicket.IRequestTarget)
public IRequestTarget targetForRequest(RequestParameters requestParameters)
IRequestTargetMounter
targetForRequest
in interface IRequestTargetMounter
requestParameters
- the request parameters
IRequestTargetMounter.targetForRequest(org.apache.wicket.request.RequestParameters)
protected java.lang.CharSequence encodeURL(java.lang.CharSequence url)
url
- The URL to encode
protected java.lang.String decodeURL(java.lang.String url)
url
- The encoded URL
protected java.lang.String onError(java.lang.Exception ex)
onError(Exception, String)
ex
-
protected java.lang.String onError(java.lang.Exception ex, java.lang.String url)
protected java.lang.CharSequence shortenUrl(java.lang.CharSequence queryString)
queryString
- The original query string
protected java.lang.String rebuildUrl(java.lang.CharSequence queryString)
queryString
- The URL's query string
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |