Beispiel #1
0
 /** Returns whether the page can be directly included. */
 private static boolean isDirectInclude(ClassWebResource cwr, String path) {
   final String ext = Servlets.getExtension(path);
   final Extendlet extlet = ext != null ? cwr.getExtendlet(ext) : null;
   if (extlet != null) {
     try {
       return extlet.getFeature(Extendlet.ALLOW_DIRECT_INCLUDE);
     } catch (Throwable ex) { // backward compatibility
     }
   }
   return true;
 }
Beispiel #2
0
  private boolean dispatch(Writer out, String page, Map params, int mode, boolean include)
      throws IOException, ServletException {
    // FUTURE: handle if ~./, PASS_THRU_ATTR and with query string
    // In other words, we convert query string to params if
    // PASS_THRU_ATTR and ~./ (to have a better performance)
    if ((mode != PASS_THRU_ATTR && params != null)
        || !page.startsWith("~./")
        || page.indexOf('?') >= 0) return false;

    // Bug 1801028: We cannot invoke ZumlExtendlet directly
    // The real reason is unknown yet -- it could be due to
    // the re-creation of ExecutionImpl
    // However, the performance is not a major issue, so just skip
    final ClassWebResource cwr = WebManager.getWebManager(_ctx).getClassWebResource();
    if (!isDirectInclude(cwr, page)) return false;

    Object old = null;
    if (mode == PASS_THRU_ATTR) {
      old = _request.getAttribute(Attributes.ARG);
      if (params != null) _request.setAttribute(Attributes.ARG, params);
      // If params=null, use the 'inherited' one (same as Servlets.include)
    }

    final String attrnm =
        include ? "org.zkoss.web.servlet.include" : "org.zkoss.web.servlet.forward";
    _request.setAttribute(attrnm, Boolean.TRUE);
    // so Servlets.isIncluded returns correctly
    try {
      cwr.service(_request, HttpBufferedResponse.getInstance(_response, out), page.substring(2));
    } finally {
      _request.removeAttribute(attrnm);
      if (mode == PASS_THRU_ATTR) _request.setAttribute(Attributes.ARG, old);
    }

    return true;
  }
Beispiel #3
0
 private static boolean shallSession(ClassWebResource cwr, String pi) {
   return cwr.getExtendlet(Servlets.getExtension(pi, false)) != null
       || (pi != null && pi.indexOf('*') >= 0);
   // Optimize the access of static resources (for GAE)
 }
Beispiel #4
0
  protected void doGet(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    final String pi = Https.getThisPathInfo(request);
    //		if (log.finerable()) log.finer("Path info: "+pi);

    final ServletContext ctx = getServletContext();
    final boolean withpi = pi != null && pi.length() != 0;
    if (withpi && pi.startsWith(ClassWebResource.PATH_PREFIX)) {
      // use HttpSession to avoid loading SerializableSession in GAE
      // and don't retrieve session if possible
      final ClassWebResource cwr = getClassWebResource();
      final HttpSession hsess = shallSession(cwr, pi) ? request.getSession(false) : null;
      Object oldsess = null;
      if (hsess == null) {
        oldsess = SessionsCtrl.getRawCurrent();
        SessionsCtrl.setCurrent(new SessionResolverImpl(ctx, request));
        // it might be created later
      }

      WebApp wapp;
      Session sess;
      final Object old =
          hsess != null
              ? (wapp = WebManager.getWebAppIfAny(ctx)) != null
                      && (sess = SessionsCtrl.getSession(wapp, hsess)) != null
                  ? I18Ns.setup(sess, request, response, "UTF-8")
                  : I18Ns.setup(hsess, request, response, "UTF-8")
              : Charsets.setup(null, request, response, "UTF-8");
      try {
        cwr.service(request, response, pi.substring(ClassWebResource.PATH_PREFIX.length()));
      } finally {
        if (hsess != null) I18Ns.cleanup(request, old);
        else {
          Charsets.cleanup(request, old);
          SessionsCtrl.setRawCurrent(oldsess);
        }
      }
      return; // done
    }

    final Session sess = WebManager.getSession(ctx, request, false);
    if (withpi) {
      final AuExtension aue = getAuExtensionByPath(pi);
      if (aue == null) {
        response.sendError(response.SC_NOT_FOUND);
        log.debug("Unknown path info: " + pi);
        return;
      }

      Object oldsess = null;
      if (sess == null) {
        oldsess = SessionsCtrl.getRawCurrent();
        SessionsCtrl.setCurrent(new SessionResolverImpl(ctx, request));
        // it might be created later
      }

      final Object old =
          sess != null
              ? I18Ns.setup(sess, request, response, "UTF-8")
              : Charsets.setup(null, request, response, "UTF-8");
      try {
        aue.service(request, response, pi);
      } finally {
        if (sess != null) I18Ns.cleanup(request, old);
        else {
          Charsets.cleanup(request, old);
          SessionsCtrl.setRawCurrent(oldsess);
        }
      }
      return; // done
    }

    // AU
    if (sess == null) {
      response.setIntHeader("ZK-Error", response.SC_GONE); // denote timeout

      // Bug 1849088: rmDesktop might be sent after invalidate
      // Bug 1859776: need send response to client for redirect or others
      final WebApp wapp = WebManager.getWebAppIfAny(ctx);
      final String dtid = getAuDecoder(wapp).getDesktopId(request);
      if (dtid != null) sessionTimeout(request, response, wapp, dtid);
      return;
    }

    // Feature 3285074 add no-cache for security risk.
    response.setHeader("Pragma", "no-cache");
    response.setHeader("Cache-Control", "no-cache");
    response.setHeader("Cache-Control", "no-store");
    response.setHeader("Expires", "-1");

    final Object old = I18Ns.setup(sess, request, response, "UTF-8");
    try {
      process(sess, request, response);
    } finally {
      I18Ns.cleanup(request, old);
    }
  }