[gatein-commits] gatein SVN: r2436 - portal/branches/EPP_5_0_Branch/web/portal/src/main/webapp/groovy/portal/webui/workspace.

Thursday, 1 April 2010


Author: thomas.heute(a)jboss.com
Date: 2010-04-01 04:01:03 -0400 (Thu, 01 Apr 2010)
New Revision: 2436

Modified:
  
portal/branches/EPP_5_0_Branch/web/portal/src/main/webapp/groovy/portal/webui/workspace/UIPortalApplication.gtmpl
Log:
JBEPP-193: Security issue in portal URL handler

Modified:
portal/branches/EPP_5_0_Branch/web/portal/src/main/webapp/groovy/portal/webui/workspace/UIPortalApplication.gtmpl
===================================================================
---
portal/branches/EPP_5_0_Branch/web/portal/src/main/webapp/groovy/portal/webui/workspace/UIPortalApplication.gtmpl	2010-04-01
06:52:16 UTC (rev 2435)
+++
portal/branches/EPP_5_0_Branch/web/portal/src/main/webapp/groovy/portal/webui/workspace/UIPortalApplication.gtmpl	2010-04-01
08:01:03 UTC (rev 2436)
@@ -62,25 +62,21 @@
         <script type="text/javascript"
src="<%=docBase%>/javascript/merged.js"></script>
     <%}%>
     <script type="text/javascript">
-      eXo.env.portal.context = '<%=docBase%>' ;
-      <%if(rcontext.getAccessPath() == 0) {%>
-          eXo.env.portal.accessMode = 'public' ;
-      <%} else {%>
-          eXo.env.portal.accessMode = 'private' ;
-      <%}%>
-      eXo.env.portal.portalName = '<%=rcontext.getPortalOwner()%>' ;
-      eXo.env.server.context = '<%=docBase%>' ;
-      eXo.env.server.portalBaseURL =
'<%=rcontext.getURLBuilder().getBaseURL()%>' ;
-      eXo.env.client.skin = '$skin' ;
+      eXo.env.portal.context = "<%=docBase%>" ;
+      <%if(rcontext.getAccessPath() == 0) {%>eXo.env.portal.accessMode =
"public" ;<%}
+      else
+      {%>eXo.env.portal.accessMode = "private" ;<%}%>
+      eXo.env.portal.portalName = "<%=rcontext.getPortalOwner()%>" ;
+      eXo.env.server.context = "<%=docBase%>" ;
+      eXo.env.server.portalBaseURL =
"<%=rcontext.getRequest().getRequestURI()%>" ;
+      eXo.env.client.skin = "$skin" ;
       <% 
         UIPortal portal = uicomponent.findFirstComponentOfType(UIPortal.class);
         String sessionAliveLevel = (portal == null ? null : portal.sessionAlive) ;
         boolean canKeepState = sessionAliveLevel == null ? false :
!sessionAliveLevel.equals(PortalProperties.SESSION_NEVER) ;
       %>
-      
       eXo.portal.portalMode = <%= uicomponent.getModeState() %>;
-      
-      eXo.session.level = '$sessionAliveLevel';
+      eXo.session.level = "$sessionAliveLevel";
       eXo.session.canKeepState = $canKeepState;
       eXo.session.isOpen = $uicomponent.isSessionOpen ;
       eXo.session.itvTime =
${((PortalRequestContext)rcontext).getRequest().getSession().getMaxInactiveInterval()} ;


    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

[gatein-commits] gatein SVN: r2436 - portal/branches/EPP_5_0_Branch/web/portal/src/main/webapp/groovy/portal/webui/workspace.