Moved from andling urls with Uri class to strings to support urls with invalid characters + added security on cookie

Author: malaqueueit

QueueIT.Security.Examples/web/META-INF/context.xml

@@ -0,0 +1,2 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Context antiJARLocking="true" path="/QueueIT.Security.Examples"/>

QueueIT.Security.Examples/web/WEB-INF/tags/master.tag

@@ -9,7 +9,7 @@
         <meta name="viewport" content="width=device-width" />
         <link rel="stylesheet" href="Content/Site.css" />
     </head>
-    <body>
+    <body id="<jsp:invoke fragment="title"/>">
         <header>
             <div class="content-wrapper">
                 <div class="float-left">

QueueIT.Security.Examples/web/advanced.jsp

@@ -6,12 +6,12 @@
     try
     {
         
-            IValidateResult result = SessionValidationController.validateRequest("advanced", new URI("http://www.google.com"));
+            IValidateResult result = SessionValidationController.validateRequest(QueueFactory.createQueue("advanced"), "http://www.google.com");
 
             // Check if user must be enqueued
             if (result instanceof EnqueueResult)
             {
-                response.sendRedirect(((EnqueueResult)result).getRedirectUrl().toString());
+                response.sendRedirect(((EnqueueResult)result).getRedirectUrl());
                 return;
             }
 
@@ -46,7 +46,7 @@
 %>
 <t:master>
     <jsp:attribute name="title">
-        Advanced
+        Advanced Queue Configuration
     </jsp:attribute>
     <jsp:attribute name="body">
         <h3>Setting up the queue:</h3>

QueueIT.Security.Examples/web/advancedlanding.jsp

@@ -5,11 +5,11 @@
 <%
     IQueue queue = QueueFactory.createQueue("advanced");
     String targetUrl = request.getParameter("t");
-    request.setAttribute("queueUrl", queue.getQueueUrl(new URI(targetUrl)));
+    request.setAttribute("queueUrl", queue.getQueueUrl(targetUrl));
 %>
 <t:master>
     <jsp:attribute name="title">
-        Advanced
+        Advanced Queue Landing Page
     </jsp:attribute>
     <jsp:attribute name="body">
         <a href="index.jsp">Back To Home</a> <a href="${queueUrl}">Go to queue</a>

QueueIT.Security.Examples/web/cancel.jsp

@@ -5,7 +5,7 @@
 <%
     try
     {
-        IValidateResult result = SessionValidationController.validateRequest("ticketania", request.getParameter("eventid"));
+        IValidateResult result = SessionValidationController.validateRequest("ticketania", request.getParameter("eventId"));
 
         // Check if user must be enqueued
         if (result instanceof AcceptedConfirmedResult)

QueueIT.Security.Examples/web/codeonly.jsp

@@ -12,7 +12,7 @@
         // Check if user must be enqueued
         if (result instanceof EnqueueResult)
         {
-            response.sendRedirect(((EnqueueResult)result).getRedirectUrl().toString());
+            response.sendRedirect(((EnqueueResult)result).getRedirectUrl());
             return;
         }
     }
@@ -31,7 +31,7 @@
 %>
 <t:master>
     <jsp:attribute name="title">
-        Queue-it
+        Code Only Queue Configuration
     </jsp:attribute>
     <jsp:attribute name="body">
     <h3>Setting up the queue:</h3>

QueueIT.Security.Examples/web/error.jsp

@@ -7,15 +7,15 @@
 	// Never call request validation from error handling pages (e.g. error.jsp) which will cause users to get looped arround.
 	
 	String queueName = request.getParameter("queuename");
-    URI targetUrl = new URI(request.getParameter("t"));
+    String targetUrl = request.getParameter("t");
     IQueue queue = QueueFactory.createQueue(queueName);
-    String cancelUrl = queue.getCancelUrl(targetUrl).toString();
+    String cancelUrl = queue.getCancelUrl(targetUrl);
     
     request.setAttribute("cancelUrl", cancelUrl);
 %>
 <t:master>
     <jsp:attribute name="title">
-        Queue-it
+        Error Page
     </jsp:attribute>
     <jsp:attribute name="body">
         <div>An error occured.</div>

QueueIT.Security.Examples/web/link.jsp

@@ -1,20 +1,18 @@
-<%@page import="java.net.URI"%>
-<%@page import="javax.ws.rs.core.UriBuilder"%>
 <%@page import="queueit.security.*"%>
 <%@page contentType="text/html" pageEncoding="UTF-8"%>
 <%@taglib prefix="t" tagdir="/WEB-INF/tags" %>
 <%
     IQueue queue = QueueFactory.createQueue("link");
         
-    URI targetUrl = new URI(request.getRequestURL().toString().replaceAll("link.jsp", "linktarget.jsp"));
-    String queueUrl = queue.getQueueUrl(targetUrl).toString();
+    String targetUrl = request.getRequestURL().toString().replaceAll("link.jsp", "linktarget.jsp");
+    String queueUrl = queue.getQueueUrl(targetUrl);
     
     request.setAttribute("queueUrl", queueUrl);
 %>
 
 <t:master>
     <jsp:attribute name="title">
-        Link
+        Link Queue Configuration
     </jsp:attribute>
     <jsp:attribute name="body">
         <h3>Setting up the queue:</h3>

QueueIT.Security.Examples/web/linktarget.jsp

@@ -1,7 +1,5 @@
 <%@page import="java.net.URLEncoder"%>
 <%@page import="java.util.Date"%>
-<%@page import="java.net.URI"%>
-<%@page import="javax.ws.rs.core.UriBuilder"%>
 <%@page import="queueit.security.*"%>
 <%@page contentType="text/html" pageEncoding="UTF-8"%>
 <%@taglib prefix="t" tagdir="/WEB-INF/tags" %>
@@ -30,7 +28,7 @@
 
 <t:master>
     <jsp:attribute name="title">
-        Link
+        Link Target
     </jsp:attribute>
     <jsp:attribute name="body">
 	<h3>Setting up the queue:</h3>

QueueIT.Security.Examples/web/simple.jsp

@@ -1,4 +1,3 @@
-<%@page import="java.net.URI"%>
 <%@page import="java.util.concurrent.Callable"%>
 <%@page import="queueit.security.*"%>
 <%@page contentType="text/html" pageEncoding="UTF-8"%>
@@ -23,7 +22,7 @@
         {
             String currentUrl = request.getRequestURL().toString();
             cancelUrl = result.getQueue().getCancelUrl(
-                    new URI(currentUrl.substring(0, currentUrl.indexOf("simple.jsp")) + "cancel.jsp?eventId=simple")).toString();
+                    currentUrl.substring(0, currentUrl.indexOf("simple.jsp")) + "cancel.jsp?eventId=simple");
             expireUrl = "expire.jsp?eventid=simple";
             
             request.setAttribute("cancelUrl", cancelUrl);
@@ -45,7 +44,7 @@
 %>
 <t:master>
     <jsp:attribute name="title">
-        Simple
+        Simple Queue Configuration
     </jsp:attribute>
     <jsp:attribute name="body">
         <h3>Setting up the queue:</h3>