From b412ae97a659919b928fc28a3cb6500d75d514b2 Mon Sep 17 00:00:00 2001
From: Jonas Granvik <jonas@granvik.me>
Date: Mon, 12 Jan 2015 12:44:34 +0200
Subject: Add option to disable sending v-loc parameter in init request
 (#14460).

Change-Id: Ie17e0621400c3397dc19b386974e231b6f82944c
---
 server/src/com/vaadin/server/BootstrapHandler.java  |  6 ++++++
 server/src/com/vaadin/server/Constants.java         |  1 +
 .../server/DefaultDeploymentConfiguration.java      | 21 +++++++++++++++++++++
 .../com/vaadin/server/DeploymentConfiguration.java  |  9 +++++++++
 server/src/com/vaadin/server/Page.java              |  6 ++++++
 5 files changed, 43 insertions(+)

(limited to 'server/src/com')

diff --git a/server/src/com/vaadin/server/BootstrapHandler.java b/server/src/com/vaadin/server/BootstrapHandler.java
index e74f6d7c45..a9343a7e03 100644
--- a/server/src/com/vaadin/server/BootstrapHandler.java
+++ b/server/src/com/vaadin/server/BootstrapHandler.java
@@ -681,6 +681,12 @@ public abstract class BootstrapHandler extends SynchronizedRequestHandler {
             appConfig.put(ApplicationConstants.SERVICE_URL, serviceUrl);
         }
 
+        boolean sendUrlsAsParameters = vaadinService
+                .getDeploymentConfiguration().isSendUrlsAsParameters();
+        if (!sendUrlsAsParameters) {
+            appConfig.put("sendUrlsAsParameters", false);
+        }
+
         return appConfig;
     }
 
diff --git a/server/src/com/vaadin/server/Constants.java b/server/src/com/vaadin/server/Constants.java
index 02a992a882..8036490333 100644
--- a/server/src/com/vaadin/server/Constants.java
+++ b/server/src/com/vaadin/server/Constants.java
@@ -136,6 +136,7 @@ public interface Constants {
     static final String SERVLET_PARAMETER_UI_PROVIDER = "UIProvider";
     static final String SERVLET_PARAMETER_LEGACY_PROPERTY_TOSTRING = "legacyPropertyToString";
     static final String SERVLET_PARAMETER_SYNC_ID_CHECK = "syncIdCheck";
+    static final String SERVLET_PARAMETER_SENDURLSASPARAMETERS = "sendUrlsAsParameters";
 
     // Configurable parameter names
     static final String PARAMETER_VAADIN_RESOURCES = "Resources";
diff --git a/server/src/com/vaadin/server/DefaultDeploymentConfiguration.java b/server/src/com/vaadin/server/DefaultDeploymentConfiguration.java
index 22d5210eaa..b26e048431 100644
--- a/server/src/com/vaadin/server/DefaultDeploymentConfiguration.java
+++ b/server/src/com/vaadin/server/DefaultDeploymentConfiguration.java
@@ -59,6 +59,8 @@ public class DefaultDeploymentConfiguration extends
      */
     public static final boolean DEFAULT_SYNC_ID_CHECK = true;
 
+    public static final boolean DEFAULT_SEND_URLS_AS_PARAMETERS = true;
+
     private final Properties initParameters;
     private boolean productionMode;
     private boolean xsrfProtectionEnabled;
@@ -69,6 +71,7 @@ public class DefaultDeploymentConfiguration extends
     private final Class<?> systemPropertyBaseClass;
     private LegacyProperyToStringMode legacyPropertyToStringMode;
     private boolean syncIdCheck;
+    private boolean sendUrlsAsParameters;
 
     /**
      * Create a new deployment configuration instance.
@@ -93,6 +96,7 @@ public class DefaultDeploymentConfiguration extends
         checkPushMode();
         checkLegacyPropertyToString();
         checkSyncIdCheck();
+        checkSendUrlsAsParameters();
     }
 
     private void checkLegacyPropertyToString() {
@@ -255,6 +259,16 @@ public class DefaultDeploymentConfiguration extends
         return syncIdCheck;
     }
 
+    /**
+     * {@inheritDoc}
+     * <p>
+     * The default value is <code>true</code>.
+     */
+    @Override
+    public boolean isSendUrlsAsParameters() {
+        return sendUrlsAsParameters;
+    }
+
     /**
      * {@inheritDoc}
      * <p>
@@ -347,6 +361,13 @@ public class DefaultDeploymentConfiguration extends
                 Boolean.toString(DEFAULT_SYNC_ID_CHECK)).equals("true");
     }
 
+    private void checkSendUrlsAsParameters() {
+        sendUrlsAsParameters = getApplicationOrSystemProperty(
+                Constants.SERVLET_PARAMETER_SENDURLSASPARAMETERS,
+                Boolean.toString(DEFAULT_SEND_URLS_AS_PARAMETERS)).equals(
+                "true");
+    }
+
     private Logger getLogger() {
         return Logger.getLogger(getClass().getName());
     }
diff --git a/server/src/com/vaadin/server/DeploymentConfiguration.java b/server/src/com/vaadin/server/DeploymentConfiguration.java
index 3c20518c39..968ec7c0c3 100644
--- a/server/src/com/vaadin/server/DeploymentConfiguration.java
+++ b/server/src/com/vaadin/server/DeploymentConfiguration.java
@@ -110,6 +110,15 @@ public interface DeploymentConfiguration extends Serializable {
      */
     public int getHeartbeatInterval();
 
+    /**
+     * Returns whether the sending of URL's as GET and POST parameters in
+     * requests with content-type <code>application/x-www-form-urlencoded</code>
+     * is enabled or not.
+     * 
+     * @return <code>false</code> if set to false or <code>true</code> otherwise
+     */
+    public boolean isSendUrlsAsParameters();
+
     /**
      * Returns whether a session should be closed when all its open UIs have
      * been idle for longer than its configured maximum inactivity time.
diff --git a/server/src/com/vaadin/server/Page.java b/server/src/com/vaadin/server/Page.java
index 3ddf4862b2..74d79ade50 100644
--- a/server/src/com/vaadin/server/Page.java
+++ b/server/src/com/vaadin/server/Page.java
@@ -939,6 +939,12 @@ public class Page implements Serializable {
      * @return The browser location URI.
      */
     public URI getLocation() {
+        if (location == null
+                && !uI.getSession().getConfiguration().isSendUrlsAsParameters()) {
+            throw new IllegalStateException("Location is not available as the "
+                    + Constants.SERVLET_PARAMETER_SENDURLSASPARAMETERS
+                    + " parameter is configured as false");
+        }
         return location;
     }
 
-- 
cgit v1.2.3