From 4e84166db5c5538e3984d9d2d6bb1f9902e65ee0 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 04 Nov 2014 17:38:17 -0500
Subject: [PATCH] Merged #217 "Exclude SSLv3 from Gitblit GO https protocols"

---
 src/main/java/com/gitblit/wicket/GitBlitWebApp.java |   57 +++++++++++++++++++++++++++++++++++++++++++--------------
 1 files changed, 43 insertions(+), 14 deletions(-)

diff --git a/src/main/java/com/gitblit/wicket/GitBlitWebApp.java b/src/main/java/com/gitblit/wicket/GitBlitWebApp.java
index e5b6550..359040b 100644
--- a/src/main/java/com/gitblit/wicket/GitBlitWebApp.java
+++ b/src/main/java/com/gitblit/wicket/GitBlitWebApp.java
@@ -21,9 +21,6 @@
 import java.util.Map;
 import java.util.TimeZone;
 
-import javax.inject.Inject;
-import javax.inject.Singleton;
-
 import org.apache.wicket.Application;
 import org.apache.wicket.Request;
 import org.apache.wicket.Response;
@@ -46,9 +43,11 @@
 import com.gitblit.manager.IProjectManager;
 import com.gitblit.manager.IRepositoryManager;
 import com.gitblit.manager.IRuntimeManager;
+import com.gitblit.manager.IServicesManager;
 import com.gitblit.manager.IUserManager;
 import com.gitblit.tickets.ITicketService;
 import com.gitblit.transport.ssh.IPublicKeyManager;
+import com.gitblit.utils.XssFilter;
 import com.gitblit.wicket.pages.ActivityPage;
 import com.gitblit.wicket.pages.BlamePage;
 import com.gitblit.wicket.pages.BlobDiffPage;
@@ -92,6 +91,9 @@
 import com.gitblit.wicket.pages.TreePage;
 import com.gitblit.wicket.pages.UserPage;
 import com.gitblit.wicket.pages.UsersPage;
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import com.google.inject.Singleton;
 
 @Singleton
 public class GitBlitWebApp extends WebApplication implements GitblitWicketApp {
@@ -102,7 +104,13 @@
 
 	private final Map<String, CacheControl> cacheablePages = new HashMap<String, CacheControl>();
 
+	private final Provider<IPublicKeyManager> publicKeyManagerProvider;
+
+	private final Provider<ITicketService> ticketServiceProvider;
+
 	private final IStoredSettings settings;
+
+	private final XssFilter xssFilter;
 
 	private final IRuntimeManager runtimeManager;
 
@@ -114,8 +122,6 @@
 
 	private final IAuthenticationManager authenticationManager;
 
-	private final IPublicKeyManager publicKeyManager;
-
 	private final IRepositoryManager repositoryManager;
 
 	private final IProjectManager projectManager;
@@ -124,31 +130,38 @@
 
 	private final IGitblit gitblit;
 
+	private final IServicesManager services;
+
 	@Inject
 	public GitBlitWebApp(
+			Provider<IPublicKeyManager> publicKeyManagerProvider,
+			Provider<ITicketService> ticketServiceProvider,
 			IRuntimeManager runtimeManager,
 			IPluginManager pluginManager,
 			INotificationManager notificationManager,
 			IUserManager userManager,
 			IAuthenticationManager authenticationManager,
-			IPublicKeyManager publicKeyManager,
 			IRepositoryManager repositoryManager,
 			IProjectManager projectManager,
 			IFederationManager federationManager,
-			IGitblit gitblit) {
+			IGitblit gitblit,
+			IServicesManager services) {
 
 		super();
+		this.publicKeyManagerProvider = publicKeyManagerProvider;
+		this.ticketServiceProvider = ticketServiceProvider;
 		this.settings = runtimeManager.getSettings();
+		this.xssFilter = runtimeManager.getXssFilter();
 		this.runtimeManager = runtimeManager;
 		this.pluginManager = pluginManager;
 		this.notificationManager = notificationManager;
 		this.userManager = userManager;
 		this.authenticationManager = authenticationManager;
-		this.publicKeyManager = publicKeyManager;
 		this.repositoryManager = repositoryManager;
 		this.projectManager = projectManager;
 		this.federationManager = federationManager;
 		this.gitblit = gitblit;
+		this.services = services;
 	}
 
 	@Override
@@ -176,9 +189,9 @@
 
 		// setup the standard gitweb-ish urls
 		mount("/repositories", RepositoriesPage.class);
-		mount("/overview", OverviewPage.class, "r", "h");
+		mount("/overview", OverviewPage.class, "r");
 		mount("/summary", SummaryPage.class, "r");
-		mount("/reflog", ReflogPage.class, "r", "h");
+		mount("/reflog", ReflogPage.class, "r");
 		mount("/commits", LogPage.class, "r", "h");
 		mount("/log", LogPage.class, "r", "h");
 		mount("/tags", TagsPage.class, "r");
@@ -209,7 +222,7 @@
 		mount("/mytickets", MyTicketsPage.class, "r", "h");
 
 		// setup the markup document urls
-		mount("/docs", DocsPage.class, "r");
+		mount("/docs", DocsPage.class, "r", "h");
 		mount("/doc", DocPage.class, "r", "h", "f");
 
 		// federation urls
@@ -256,7 +269,7 @@
 		if (!settings.getBoolean(Keys.web.mountParameters, true)) {
 			parameters = new String[] {};
 		}
-		mount(new GitblitParamUrlCodingStrategy(settings, location, clazz, parameters));
+		mount(new GitblitParamUrlCodingStrategy(settings, xssFilter, location, clazz, parameters));
 
 		// map the mount point to the cache control definition
 		if (clazz.isAnnotationPresent(CacheControl.class)) {
@@ -310,6 +323,14 @@
 	@Override
 	public IStoredSettings settings() {
 		return settings;
+	}
+
+	/* (non-Javadoc)
+	 * @see com.gitblit.wicket.Webapp#xssFilter()
+	 */
+	@Override
+	public XssFilter xssFilter() {
+		return xssFilter;
 	}
 
 	/* (non-Javadoc)
@@ -385,7 +406,7 @@
 	 */
 	@Override
 	public IPublicKeyManager keys() {
-		return publicKeyManager;
+		return publicKeyManagerProvider.get();
 	}
 
 	/* (non-Javadoc)
@@ -421,11 +442,19 @@
 	}
 
 	/* (non-Javadoc)
+	 * @see com.gitblit.wicket.Webapp#services()
+	 */
+	@Override
+	public IServicesManager services() {
+		return services;
+	}
+
+	/* (non-Javadoc)
 	 * @see com.gitblit.wicket.Webapp#tickets()
 	 */
 	@Override
 	public ITicketService tickets() {
-		return gitblit.getTicketService();
+		return ticketServiceProvider.get();
 	}
 
 	/* (non-Javadoc)

--
Gitblit v1.9.1