Mercurial > dive4elements > river

comparison gwt-client/src/main/java/org/dive4elements/river/client/client/ui/map/MapPrintPanel.java @ 8844:890f708b18d6

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Encode print URL with GWT-means. The homebrew encoding partly resulted in URLs not accepted by Tomcat 7 due to the fix for CVE-2016-6816.
author Tom Gottfried <tom@intevation.de>
date Fri, 12 Jan 2018 17:07:42 +0100
parents 3823b8bd6bfd
children 5e38e2924c07
comparison
equal deleted inserted replaced
8843:3ecf1f76b2b8 8844:890f708b18d6
20 import org.dive4elements.river.client.shared.model.DataList; 20 import org.dive4elements.river.client.shared.model.DataList;
21 import org.dive4elements.river.client.shared.model.OutputSettings; 21 import org.dive4elements.river.client.shared.model.OutputSettings;
22 import org.dive4elements.river.client.shared.model.Property; 22 import org.dive4elements.river.client.shared.model.Property;
23 import org.dive4elements.river.client.shared.model.PropertySetting; 23 import org.dive4elements.river.client.shared.model.PropertySetting;
24 import org.dive4elements.river.client.shared.model.Settings; 24 import org.dive4elements.river.client.shared.model.Settings;
25 import org.dive4elements.river.client.shared.MapUtils;
26 25
27 import com.google.gwt.core.client.GWT; 26 import com.google.gwt.core.client.GWT;
27 import com.google.gwt.http.client.URL;
28 import com.google.gwt.user.client.Window; 28 import com.google.gwt.user.client.Window;
29 import com.google.gwt.user.client.rpc.AsyncCallback; 29 import com.google.gwt.user.client.rpc.AsyncCallback;
30 import com.smartgwt.client.types.Alignment; 30 import com.smartgwt.client.types.Alignment;
31 import com.smartgwt.client.util.SC; 31 import com.smartgwt.client.util.SC;
32 import com.smartgwt.client.widgets.Canvas; 32 import com.smartgwt.client.widgets.Canvas;
256 url.append("&maptype="); 256 url.append("&maptype=");
257 url.append(mapType); 257 url.append(mapType);
258 258
259 appendPrintToUrl(collection, url); 259 appendPrintToUrl(collection, url);
260 260
261 return url.toString(); 261 return URL.encode(url.toString());
262 } 262 }
263 263
264 private void appendPrintToUrl(Collection collection, StringBuilder url) { 264 private void appendPrintToUrl(Collection collection, StringBuilder url) {
265 Settings settings = collection.getSettings("print-settings"); 265 Settings settings = collection.getSettings("print-settings");
266 if (settings != null) { 266 if (settings != null) {
273 localized = MSG.getString(props.getName()); 273 localized = MSG.getString(props.getName());
274 } 274 }
275 catch (MissingResourceException mre) { 275 catch (MissingResourceException mre) {
276 localized = props.getName(); 276 localized = props.getName();
277 } 277 }
278 url.append(MapUtils.toSaveHTMLJavaString(localized)); 278 url.append(localized);
279 url.append("="); 279 url.append("=");
280 url.append(MapUtils.toSaveHTMLJavaString((String)props.getValue())); 280 url.append((String)props.getValue());
281 } 281 }
282 } 282 }
283 // O.o 283 // O.o
284 String river = findRiver(((MapOutputTab)mapToolbar.getOutputTab() 284 String river = findRiver(((MapOutputTab)mapToolbar.getOutputTab()
285 ).getCollectionView().getArtifact()); 285 ).getCollectionView().getArtifact());
286 url.append("&" + MapUtils.toSaveHTMLJavaString(MSG.getString(MAPFISH_RIVER)) + "=" + 286 url.append("&" + MSG.getString(MAPFISH_RIVER) + "=" + river);
287 MapUtils.toSaveHTMLJavaString(river));
288 } 287 }
289 288
290 // Copy of DatacageWindow's findRiver with added state for map.river 289 // Copy of DatacageWindow's findRiver with added state for map.river
291 protected String findRiver(Artifact artifact) { 290 protected String findRiver(Artifact artifact) {
292 ArtifactDescription adescr = artifact.getArtifactDescription(); 291 ArtifactDescription adescr = artifact.getArtifactDescription();
http://dive4elements.wald.intevation.org