Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ZK-5777: sendRedirect() doesn't work because of the encoded & #3229

Merged
merged 1 commit into from
Oct 29, 2024
+74 −1
Merged

ZK-5777: sendRedirect() doesn't work because of the encoded & #3229

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Loading
Loading status checks…
ZK-5777: sendRedirect() doesn't work because of the encoded &
@jumperchen
jumperchen committed Oct 29, 2024
commit 9efa7d69a39104b29bd6d8128623811da0baa6ad
12 changes: 11 additions & 1 deletion zk/src/main/resources/web/js/zk/utl.ts
View file
Original file line number Diff line number Diff line change
@@ -232,7 +232,17 @@ export namespace utl_global {
if (url.startsWith('https://') || url.startsWith('http://')) {
return new URL(url).href;
} else {
return zUtl.encodeXML(url);
const [baseUrl, queryString] = url.split('?');
if (!queryString) {
return baseUrl;
}

const encodedParams = queryString.split('&').map(param => {
const [key, value] = param.split('=');
return `${encodeURIComponent(key)}=${encodeURIComponent(value)}`;
}).join('&');

return `${baseUrl}?${encodedParams}`;
}
}

1 change: 1 addition & 0 deletions zkdoc/release-note
View file
Original file line number Diff line number Diff line change
@@ -40,6 +40,7 @@ ZK 10.1.0
ZK-5820: a side effect of ZK-5018 for F95_ZK_4552Test
ZK-5810: Client MVVM: XEL Methods in include
ZK-5813: a side effect of ZK-5476 for BookCRUD2Test and BookCRUDTest
ZK-5777: sendRedirect() doesn't work because of the encoded &

* Upgrade Notes
+ Remove Htmls.encodeJavaScript(), Strings.encodeJavaScript(), Strings.escape() with Strings.ESCAPE_JAVASCRIPT, and replace them with OWASP Java Encoder APIs instead.
29 changes: 29 additions & 0 deletions zktest/src/main/webapp/test2/B101-ZK-5777.zul
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
<?xml version="1.0" encoding="UTF-8"?>

<!--
B101-ZK-5777.zul
Purpose:
Description:
History:
2024/10/29, Created by jumperchen
Copyright (C) 2024 Potix Corporation. All Rights Reserved.
-->
<zk>
<zscript><![CDATA[
Object v1 = Executions.getCurrent().getParameter("param1");
Object v2 = Executions.getCurrent().getParameter("param2");
public void redirect() {
Executions.getCurrent().sendRedirect("B101-ZK-5777.zul?param1=value1&param2=value2");
// Executions.getCurrent().sendRedirect("B101-ZK-5777.zul?param1=value1&param2=value2", "_self"); workaround
}
]]></zscript>
<label value="param1: ${v1}" />
<label value="param2: ${v2}" />
<button label="redirect with parameters" onClick="redirect()"/>
</zk>
1 change: 1 addition & 0 deletions zktest/src/main/webapp/test2/config.properties
View file
Original file line number Diff line number Diff line change
@@ -3153,6 +3153,7 @@ B90-ZK-4431.zul=A,E,Multislider
##zats##B101-ZK-5730.zul=A,E,NullPointerException,Desktop,Page,Session,Timeout,Destroy,SmartUpdate
##zats##B101-ZK-5802.zul=A,E,JavaScript,Private,Function,Export,Override
##zats##B101-ZK-5810.zul=A,E,XEL,ZUL,ClientMVVM
##zats##B101-ZK-5777.zul=A,E,SendRedirect,Encoding

##
# Features - 3.0.x version
32 changes: 32 additions & 0 deletions zktest/src/test/java/org/zkoss/zktest/zats/test2/B101_ZK_5777Test.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
/* B101_ZK_5777Test.java
Purpose:
Description:
History:
10:12 AM 2024/10/29, Created by jumperchen
Copyright (C) 2024 Potix Corporation. All Rights Reserved.
*/
package org.zkoss.zktest.zats.test2;

import static org.junit.jupiter.api.Assertions.assertEquals;

import org.junit.jupiter.api.Test;

import org.zkoss.test.webdriver.WebDriverTestCase;

/**
* @author jumperchen
*/
public class B101_ZK_5777Test extends WebDriverTestCase {
@Test
public void test() {
connect();
click(jq("@button"));
waitResponse();
assertEquals("param1: value1", jq("@label:eq(0)").text());
assertEquals("param2: value2", jq("@label:eq(1)").text());
}
}