echelon/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
567bccb51c918b19bc3abc7be308a629dfcb3f61
i2p.i2p/apps/routerconsole/jsp/formhandler.jsi
zzz dc343b05a2 MLab/NDT: Hook test to wizard 
Make helper the session scope, not handler
Reduce whitespace in formhandler.jsi
Notes on why FormHandler can't be session scope
Ajax still TODO
2018-11-15 14:24:46 +00:00

69 lines
2.9 KiB
Plaintext
Raw Blame History

<%
/*
* Does the standard setup for all form handlers, then
* displays the message box (which drives the form processing).
*
* Included ~15 times, keep whitespace to a minimum
*
* Include this directly after the line:
* <jsp:useBean class="net.i2p.router.web.helpers.xxxHandler" id="formhandler" scope="request" />
*/
// This initializes the RouterContext - must be the first thing
// i2pcontextId set in css.jsi
formhandler.setContextId(i2pcontextId);
// Prevents any saves via GET
formhandler.storeMethod(request.getMethod());
// Store the nonces for verification
String klass = formhandler.getClass().getName();
String nonceAttr1 = klass + ".nonce";
String nonceAttr2 = nonceAttr1 + "Prev";
String nonce1 = null;
try {
// Jetty doesn't seem to ISE here...
nonce1 = (String) session.getAttribute(nonceAttr1);
String nonce2 = (String) session.getAttribute(nonceAttr2);
formhandler.storeNonces(nonce1, nonce2);
} catch (IllegalStateException ise) {
// nonce1 will be null, removed in setAttibute below
}
String contentType = request.getContentType();
if (contentType != null && contentType.toLowerCase(java.util.Locale.US).startsWith( "multipart/form-data")) {
// For multipart/form-data, we must decode things enough to get the action and nonce
// so FormHandler will validate.
// The handler must get everything else through the wrapper. No other properties will be set.
// All parameters other than nonce and action must be retrieved through the wrapper.
// Warning, parameters are NOT XSS filtered.
net.i2p.servlet.RequestWrapper requestWrapper = new net.i2p.servlet.RequestWrapper(request);
String action = requestWrapper.getParameter("action");
if (action != null)
formhandler.setAction(action);
String nonce = requestWrapper.getParameter("nonce");
if (nonce != null)
formhandler.setNonce(nonce);
formhandler.setRequestWrapper(requestWrapper);
} else {
// Put all the params in the map, some handlers use this instead of individual setters
// We also call all of the setters below.
formhandler.setSettings(request.getParameterMap());
%><jsp:setProperty name="formhandler" property="*" /><%
}
%><jsp:getProperty name="formhandler" property="allMessages" /><%
// Only call this once per page, do not getProperty("newNonce") elsewhere,
// use the variable instead.
// This shuffles down the nonces, so it must be after getAllMessages() above,
// since it does the form validation.
String pageNonce = formhandler.getNewNonce();
try {
// Jetty waits to ISE until here....
session.setAttribute(nonceAttr2, nonce1);
session.setAttribute(nonceAttr1, pageNonce);
} catch (IllegalStateException ise) {}
%>
Reference in New Issue View Git Blame Copy Permalink