Commit 6975cfc7 authored by Bert Leunis's avatar Bert Leunis

CMS-11481 encode the value of the path parameter in cms and console

Node paths that have square brackets in it (for same name siblings) now get encoded correctly.
parent 6dc17eb9
/*
* Copyright 2012-2015 Hippo B.V. (http://www.onehippo.com)
* Copyright 2012-2018 Hippo B.V. (http://www.onehippo.com)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
......@@ -23,6 +23,7 @@ import javax.jcr.Node;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
import org.apache.wicket.Application;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AbstractDefaultAjaxBehavior;
import org.apache.wicket.ajax.AjaxRequestTarget;
......@@ -34,6 +35,7 @@ import org.apache.wicket.model.IModel;
import org.apache.wicket.request.IRequestParameters;
import org.apache.wicket.request.cycle.RequestCycle;
import org.apache.wicket.request.resource.JavaScriptResourceReference;
import org.apache.wicket.util.encoding.UrlEncoder;
import org.apache.wicket.util.string.StringValue;
import org.hippoecm.frontend.model.IModelReference;
import org.hippoecm.frontend.model.JcrNodeModel;
......@@ -161,7 +163,9 @@ public class ParameterHistoryBehavior extends AbstractDefaultAjaxBehavior implem
private void setPathWithAjax(final String path, final boolean replace) {
final AjaxRequestTarget ajax = RequestCycle.get().find(AjaxRequestTarget.class);
if (ajax != null) {
final String script = String.format("Hippo.ParameterHistory.setPath('%s', %s);", path, replace);
final String encoding = Application.get().getRequestCycleSettings().getResponseRequestEncoding();
final String encodedPath = UrlEncoder.QUERY_INSTANCE.encode(path, encoding);
final String script = String.format("Hippo.ParameterHistory.setPath('%s', %s);", encodedPath, replace);
ajax.appendJavaScript(script);
}
}
......
/*
* Copyright 2013-2014 Hippo B.V. (http://www.onehippo.com)
* Copyright 2013-2018 Hippo B.V. (http://www.onehippo.com)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
......@@ -20,6 +20,7 @@ import java.util.Iterator;
import java.util.List;
import java.util.Map;
import org.apache.wicket.Application;
import org.apache.wicket.Component;
import org.apache.wicket.ajax.AbstractDefaultAjaxBehavior;
import org.apache.wicket.ajax.AjaxRequestTarget;
......@@ -33,6 +34,7 @@ import org.apache.wicket.markup.head.OnLoadHeaderItem;
import org.apache.wicket.request.IRequestParameters;
import org.apache.wicket.request.cycle.RequestCycle;
import org.apache.wicket.request.resource.JavaScriptResourceReference;
import org.apache.wicket.util.encoding.UrlEncoder;
import org.apache.wicket.util.string.StringValue;
public class UrlControllerBehavior extends AbstractDefaultAjaxBehavior {
......@@ -66,7 +68,10 @@ public class UrlControllerBehavior extends AbstractDefaultAjaxBehavior {
protected void setParameter(String name, String value) {
final AjaxRequestTarget requestTarget = RequestCycle.get().find(AjaxRequestTarget.class);
if (requestTarget != null) {
final String javascript = String.format("Hippo.UrlHistory.setParameter('%s', '%s');", name, value);
final String encoding = Application.get().getRequestCycleSettings().getResponseRequestEncoding();
final String javascript = String.format("Hippo.UrlHistory.setParameter('%s', '%s');",
UrlEncoder.QUERY_INSTANCE.encode(name, encoding),
UrlEncoder.QUERY_INSTANCE.encode(value, encoding));
requestTarget.appendJavaScript(javascript);
}
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment