Skip to content
This repository has been archived by the owner on Oct 5, 2021. It is now read-only.

Commit

Permalink
Merge pull request #209 from cnapagoda/cass
Browse files Browse the repository at this point in the history 
Kernel 5.2.0 dependency upgrade
  • Loading branch information
@cnapagoda
cnapagoda committed Mar 30, 2017
2 parents d9280d2 + f1a5b81 commit a8fc643
Show file tree
Hide file tree
Showing 33 changed files with 1,801 additions and 390 deletions.
2 changes: 1 addition & 1 deletion components/uuf-core/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@
</dependency>
<!--Orbit-->
<dependency>
<groupId>org.wso2.orbit.org.yaml</groupId>
<groupId>org.yaml</groupId>
<artifactId>snakeyaml</artifactId>
</dependency>
<!--Other-->
Expand Down
14 changes: 14 additions & 0 deletions components/uuf-core/src/main/java/org/wso2/carbon/uuf/internal/RequestDispatcher.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
import org.wso2.carbon.uuf.exception.HttpErrorException;
import org.wso2.carbon.uuf.exception.PageRedirectException;
import org.wso2.carbon.uuf.exception.UUFException;
import org.wso2.carbon.uuf.internal.auth.SessionRegistry;
import org.wso2.carbon.uuf.internal.debug.DebugLogger;
import org.wso2.carbon.uuf.internal.debug.Debugger;
import org.wso2.carbon.uuf.internal.io.StaticResolver;
Expand All @@ -42,6 +43,7 @@
import static org.wso2.carbon.uuf.spi.HttpResponse.STATUS_FOUND;
import static org.wso2.carbon.uuf.spi.HttpResponse.STATUS_INTERNAL_SERVER_ERROR;
import static org.wso2.carbon.uuf.spi.HttpResponse.STATUS_OK;
import static org.wso2.carbon.uuf.spi.HttpResponse.STATUS_UNAUTHORIZED;

public class RequestDispatcher {

Expand Down Expand Up @@ -94,6 +96,18 @@ private void servePageOrFragment(App app, HttpRequest request, HttpResponse resp
response.setContent(STATUS_OK, renderedFragment.toString(), CONTENT_TYPE_APPLICATION_JSON);
} else {
// Request for a page.
// Logic to validate against CSRF attacks
if (request.getMethod().equals("POST") &&
!app.getConfiguration().getCsrfIgnoreUris().contains(request.getUriWithoutContextPath())) {
// POST request where the URI isn't in the CSRF ignore list, hence validate the CSRF Token
if (request.getCookieValue(SessionRegistry.CSRF_TOKEN) == null ||
request.getFormParams().get("uuf-csrftoken") == null ||
!request.getFormParams().get("uuf-csrftoken").equals(
request.getCookieValue(SessionRegistry.CSRF_TOKEN))) {
serveDefaultErrorPage(STATUS_UNAUTHORIZED, "CSRF threat detected", response);
return;
}
}
String html = app.renderPage(request, response);
response.setContent(STATUS_OK, html, CONTENT_TYPE_TEXT_HTML);
}
Expand Down
12 changes: 0 additions & 12 deletions components/uuf-core/src/main/java/org/wso2/carbon/uuf/internal/UUFServer.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -175,18 +175,6 @@ public void serve(HttpRequest request, HttpResponse response) {
return;
}

// Logic to validate against CSRF attacks
if (request.getMethod().equals("POST") &&
!app.getConfiguration().getCsrfIgnoreUris().contains(request.getUriWithoutContextPath())) {
// POST request where the URI isn't in the CSRF ignore list, hence validate the CSRF Token
if (request.getCookieValue(SessionRegistry.CSRF_TOKEN) == null ||
request.getFormParams().get("uuf-csrftoken") == null ||
!request.getFormParams().get("uuf-csrftoken").equals(request.getCookieValue(SessionRegistry.CSRF_TOKEN))) {
requestDispatcher.serveDefaultErrorPage(STATUS_UNAUTHORIZED, "CSRF threat detected", response);
return;
}
}

if (app != null) {
requestDispatcher.serve(app, request, response);
} else {
Expand Down
2 changes: 1 addition & 1 deletion components/uuf-renderablecreator-hbs/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@
<artifactId>handlebars</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.orbit.org.yaml</groupId>
<groupId>org.yaml</groupId>
<artifactId>snakeyaml</artifactId>
</dependency>
<dependency>
Expand Down
10 changes: 8 additions & 2 deletions ...-hbs/src/main/java/org/wso2/carbon/uuf/renderablecreator/hbs/impl/js/JsFunctionsImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -165,13 +165,19 @@ public SendToClientFunction getSendToClientFunction() {
"=" + GSON.toJson(values[0]) +
";</script>";
api.getRequestLookup().addToPlaceholder(
(values.length == 2 && Placeholder.headJs.name().equalsIgnoreCase((String) values[1])) ?
Placeholder.headJs : Placeholder.js, scriptTag);
isHeadJsPlaceholder(values) ? Placeholder.headJs : Placeholder.js, scriptTag);
};
}
return sendToClientFunction;
}

private boolean isHeadJsPlaceholder(Object[] values) {
// this method check whether the user wants to push javascript into HeadJs placeholder.
// argument length is one means that, user haven't passed any placeholder.
// argument length two means that user passed a placeholder. so are checking pass argument value is HeadJs.
return values.length == 2 && Placeholder.headJs.name().equalsIgnoreCase((String) values[1]);
}

public I18nFunction getI18nFunction() {
if (i18nFunction == null) {
i18nFunction = (String key, String... values) -> {
Expand Down
8 changes: 6 additions & 2 deletions features/org.wso2.carbon.uuf.core.feature/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,10 @@
<artifactId>org.wso2.carbon.uuf.core</artifactId>
<version>${carbon.uuf.version}</version>
</dependency>
<dependency>
<groupId>org.yaml</groupId>
<artifactId>snakeyaml</artifactId>
</dependency>
</dependencies>

<build>
Expand Down Expand Up @@ -70,8 +74,8 @@
<version>${carbon.uuf.version}</version>
</bundle>
<bundle>
<symbolicName>snakeyaml</symbolicName>
<version>${orbit.org.yaml.version}</version>
<symbolicName>org.yaml.snakeyaml</symbolicName>
<version>${org.snakeyaml.version}</version>
</bundle>
<bundle>
<symbolicName>org.objectweb.asm</symbolicName>
Expand Down
57 changes: 36 additions & 21 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,9 +51,10 @@
<module>features/org.wso2.carbon.uuf.renderablecreator.html.feature</module>
<module>features/org.wso2.carbon.uuf.httpconnector.msf4j.feature</module>
<module>samples</module>
<module>product</module>
<module>tests</module>
<!--<module>perf-benchmark/tests/handlebars-n-msf4j/org.wso2.carbon.uuf.sample.perf-bnchmrk</module>-->
<module>product</module>

</modules>

<dependencyManagement>
Expand Down Expand Up @@ -131,9 +132,9 @@
<version>${gson.version}</version>
</dependency>
<dependency>
<groupId>org.wso2.orbit.org.yaml</groupId>
<groupId>org.yaml</groupId>
<artifactId>snakeyaml</artifactId>
<version>${orbit.org.yaml.version}</version>
<version>${org.snakeyaml.version}</version>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
Expand Down Expand Up @@ -188,11 +189,6 @@
<artifactId>org.wso2.carbon.security.caas</artifactId>
<version>${carbon.security.caas.version}</version>
</dependency>
<dependency>
<groupId>org.wso2.carbon.security.userstore</groupId>
<artifactId>org.wso2.carbon.security.userstore.jdbc</artifactId>
<version>${carbon.security.userstore.jdbc.version}</version>
</dependency>

<!--UUF Sample Components-->
<dependency>
Expand Down Expand Up @@ -491,6 +487,18 @@
<version>${disruptor.orbit.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.container</artifactId>
<version>${carbon.kernel.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.pax.exam.feature</artifactId>
<version>${carbon.kernel.version}</version>
<type>zip</type>
</dependency>
</dependencies>
</dependencyManagement>

Expand Down Expand Up @@ -549,6 +557,11 @@
<artifactId>build-helper-maven-plugin</artifactId>
<version>1.8</version>
</plugin>
<plugin>
<groupId>org.jacoco</groupId>
<artifactId>jacoco-maven-plugin</artifactId>
<version>${maven.jacocoplugin.version}</version>
</plugin>
</plugins>
</pluginManagement>
</build>
Expand All @@ -557,11 +570,11 @@
<carbon.uuf.version>1.0.0-SNAPSHOT</carbon.uuf.version>

<!-- UUF -->
<carbon.kernel.version>5.1.0</carbon.kernel.version>
<carbon.kernel.version>5.2.0-m3</carbon.kernel.version>
<carbon.kernel.version.range>[5.0,6)</carbon.kernel.version.range>
<carbon.deployment.version>5.0.0</carbon.deployment.version>
<carbon.deployment.version>5.1.0</carbon.deployment.version>
<carbon.jndi.version>1.0.0</carbon.jndi.version>
<carbon.cache.version>1.0.0</carbon.cache.version>
<carbon.cache.version>1.1.3</carbon.cache.version>
<javax.cache-api.version>1.0.0</javax.cache-api.version>
<javax.cache-api.version.range>[1.0.0, 2.0.0)</javax.cache-api.version.range>
<javax.naming.version.range>[0.0.0, 1.0.0)</javax.naming.version.range>
Expand All @@ -584,35 +597,35 @@
<guava.version.range>[18.0,19.0)</guava.version.range>
<gson.version>2.6.2</gson.version>
<gson.version.range>[2.6.2,3)</gson.version.range>
<orbit.org.yaml.version>1.16.0.wso2v1</orbit.org.yaml.version>
<orbit.org.yaml.version.range>[1.16.0, 1.17.0)</orbit.org.yaml.version.range>
<org.snakeyaml.version>1.17</org.snakeyaml.version>
<orbit.org.yaml.version.range>[1.17.0,2.0.0)</orbit.org.yaml.version.range>
<org.objectweb.asm.version>5.1</org.objectweb.asm.version>
<org.objectweb.asm.version.range>[5.1, 6.0)</org.objectweb.asm.version.range>
<javax.ws.rs.version.range>[2.0.0, 3.0.0)</javax.ws.rs.version.range>

<!-- UUF Product -->
<carbon.datasources.version>1.0.0</carbon.datasources.version>
<carbon.metrics.version>2.0.0</carbon.metrics.version>
<carbon.messaging.version>1.0.11</carbon.messaging.version>
<carbon.messaging.version.range>[1.0.11, 2.0.0)</carbon.messaging.version.range>
<carbon.transport.http.netty.version>2.1.4</carbon.transport.http.netty.version>
<carbon.metrics.version>2.0.1</carbon.metrics.version>
<carbon.messaging.version>2.3.1</carbon.messaging.version>
<carbon.messaging.version.range>[2.0.0, 3.0.0)</carbon.messaging.version.range>
<carbon.transport.http.netty.version>4.3.0-m2</carbon.transport.http.netty.version>

<!-- Handlebars -->
<orbit.com.github.jknack.handlebars.version>4.0.3.wso2v1</orbit.com.github.jknack.handlebars.version>
<orbit.com.github.jknack.handlebars.version.range>[4.0.3, 5.0.0)</orbit.com.github.jknack.handlebars.version.range>
<antlr-version>4.5.1-1</antlr-version>

<!-- MSF4J -->
<msf4j.version>2.1.0</msf4j.version>
<msf4j.version>2.3.0-m1</msf4j.version>
<msf4j.version.range>[2.1.0, 3.0.0)</msf4j.version.range>

<!-- Authentication and Authorization -->
<carbon.security.caas.version>1.0.0-m2</carbon.security.caas.version>
<carbon.security.userstore.jdbc.version>1.0.0-m2</carbon.security.userstore.jdbc.version>
<carbon.security.caas.version>1.0.2-m1</carbon.security.caas.version>
<carbon.security.caas.version.range>[1.0.0, 2.0.0)</carbon.security.caas.version.range>

<!-- Maven Plugins -->
<carbon-uuf-maven-plugin.version>1.0.0-SNAPSHOT</carbon-uuf-maven-plugin.version>
<carbon.feature.plugin.version>2.0.1</carbon.feature.plugin.version>
<carbon.feature.plugin.version>3.0.0</carbon.feature.plugin.version>
<maven.bundle.plugin.version>2.5.0</maven.bundle.plugin.version>

<!-- Test -->
Expand All @@ -628,6 +641,8 @@
<pax.exam.link.mvn.version>4.6.0</pax.exam.link.mvn.version>
<pax.url.aether.version>1.6.0</pax.url.aether.version>
<maven.paxexam.plugin.version>1.2.4</maven.paxexam.plugin.version>
<maven.jacocoplugin.version>0.7.5.201505241946</maven.jacocoplugin.version>
<org.jacoco.ant.version>0.7.5.201505241946</org.jacoco.ant.version>
<equinox.simpleconfigurator.version>1.1.0.v20131217-1203</equinox.simpleconfigurator.version>
<apache.felix.gogo.command.version>0.10.0.v201209301215</apache.felix.gogo.command.version>
<apache.felix.gogo.runtime.version>0.10.0.v201209301036</apache.felix.gogo.runtime.version>
Expand Down
Loading

0 comments on commit a8fc643

Please sign in to comment.