Merge branch 'main' into issue/2526

.github/workflows/codeql.yml

@@ -31,8 +31,7 @@ jobs:
         with:
           languages: ${{ matrix.language }}
           queries: +security-and-quality
-          paths-ignore:
-              - '**/jcr_root/apps/system/config/**'
+          paths-ignore: '**/jcr_root/apps/system/config/**'
 
       - name: Autobuild
         uses: github/codeql-action/autobuild@v2

README.md

@@ -91,9 +91,9 @@ For existing projects, take example from the [AEM Project Archetype](https://git
 
 ### System Requirements
 
-Core Components | AEM as a Cloud Service | AEM 6.5   | Java SE | Maven
-----------------|------------------------|-----------|---------|---------
-[2.24.2+](https://github.com/adobe/aem-core-wcm-components/releases/tag/core.wcm.components.reactor-2.23.4) | Continual | 6.5.19.0+ | 8, <br/>11 | 3.3.9+
+Core Components | AEM as a Cloud Service | AEM 6.5    | Java SE | Maven
+----------------|------------------------|------------|---------|---------
+[2.24.2+](https://github.com/adobe/aem-core-wcm-components/releases/tag/core.wcm.components.reactor-2.23.4) | Continual | 6.5.21.0+ | 8, <br/>11 | 3.3.9+
 
 For the requirements from previous Core Component releases, see [Historical System Requirements](VERSIONS.md).
 

all/pom.xml

@@ -23,15 +23,15 @@
     <parent>
         <artifactId>core.wcm.components.parent</artifactId>
         <groupId>com.adobe.cq</groupId>
-        <version>2.24.3-SNAPSHOT</version>
+        <version>2.24.7-SNAPSHOT</version>
         <relativePath>../parent/pom.xml</relativePath>
     </parent>
 
     <!-- ====================================================================== -->
     <!-- P R O J E C T  D E S C R I P T I O N                                   -->
     <!-- ====================================================================== -->
     <artifactId>core.wcm.components.all</artifactId>
-    <version>2.24.3-SNAPSHOT</version>
+    <version>2.24.7-SNAPSHOT</version>
     <packaging>content-package</packaging>
 
     <name>Adobe Experience Manager Core WCM Components Full Package</name>

bundles/core/pom.xml

@@ -23,12 +23,12 @@
     <parent>
         <groupId>com.adobe.cq</groupId>
         <artifactId>core.wcm.components.parent</artifactId>
-        <version>2.24.3-SNAPSHOT</version>
+        <version>2.24.7-SNAPSHOT</version>
         <relativePath>../../parent/pom.xml</relativePath>
     </parent>
 
     <artifactId>core.wcm.components.core</artifactId>
-    <version>2.24.3-SNAPSHOT</version>
+    <version>2.24.7-SNAPSHOT</version>
     <packaging>bundle</packaging>
 
     <name>Adobe Experience Manager Core WCM Components Core Bundle</name>
@@ -367,10 +367,6 @@
             <groupId>commons-io</groupId>
             <artifactId>commons-io</artifactId>
         </dependency>
-        <dependency>
-            <groupId>commons-collections</groupId>
-            <artifactId>commons-collections</artifactId>
-        </dependency>
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-collections4</artifactId>
@@ -438,7 +434,7 @@
         <dependency>
             <groupId>org.apache.sling</groupId>
             <artifactId>org.apache.sling.api</artifactId>
-            <version>2.22.0</version>
+            <version>2.25.4</version>
             <scope>test</scope>
         </dependency>
         <!-- for testing we need the new ResourceTypeBasedResourcePicker -->

bundles/core/src/main/java/com/adobe/cq/wcm/core/components/internal/form/FormHandlerImpl.java

@@ -67,6 +67,7 @@ public boolean forwardFormData(JSONObject formData, String endPointUrl) {
         try  {
             String response = client.execute(post, new BasicResponseHandler());
             LOG.debug("POSTing form data to '{}' succeeded: response: {}", endPointUrl, response);
+            LOG.info("POSTing form data succeeded through FormHandlerImpl");
             return true;
         } catch (IOException e) {
             // for all status codes != 2xx an HttpResponseException is thrown (http://hc.apache.org/httpcomponents-client-ga/httpclient/apidocs/org/apache/http/impl/client/BasicResponseHandler.html)
@@ -85,7 +86,7 @@ protected void activate(Config config) {
         if (socketTimeout < 0) {
             throw new IllegalArgumentException("Socket timeout value cannot be less than 0");
         }
-        
+
         RequestConfig requestConfig = RequestConfig.custom()
                 .setConnectTimeout(connectionTimeout)
                 .setConnectionRequestTimeout(connectionTimeout)

bundles/core/src/main/java/com/adobe/cq/wcm/core/components/internal/link/LinkBuilderImpl.java

@@ -15,9 +15,9 @@
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
 package com.adobe.cq.wcm.core.components.internal.link;
 
-import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.HashMap;
 import java.util.Optional;
 
 import org.apache.commons.lang3.StringUtils;
@@ -135,16 +135,41 @@ public LinkBuilderImpl(String url, SlingHttpServletRequest req, List<PathProcess
             linkUrl = targetAsset.getPath();
         }
 
-        Asset asset = getAsset(linkUrl);
-        Page page = getPage(linkUrl).orElse(null);
+        // linkUrl can be also set via the linkConfiguration, so we have to resolve it from the generic
+        // resource as well; but try to avoid duplicate resolutions as much as possible.
+        Asset asset = null;
+        Page page = null;
+
+        if (targetAsset != null) {
+        	asset = targetAsset;
+        } else if (targetPage != null) {
+        	page = targetPage;
+        } else {
+        	asset = getAsset(linkUrl);
+        	page = getPage(linkUrl).orElse(null);
+        }
+
+        boolean isExternalUrl = false;
         if (asset != null) {
             this.reference = asset;
         } else if (page != null) {
             Pair<Page, String> pair = resolvePage(page);
             this.reference = pair.getLeft();
             linkUrl = StringUtils.isNotEmpty(pair.getRight()) ? pair.getRight() : linkUrl;
+
+            // resolvePage() can resolve the linkUrl into an external URL; this can happen when
+            // there is a redirect from the page to an external URL; in this case
+            // the pair is not equivalent
+            isExternalUrl = !pair.getLeft().getPath().equals(linkUrl);
+        }
+
+        String resolvedLinkURL = null;
+        if (this.reference != null && page != null && !isExternalUrl) {
+        	resolvedLinkURL = getPageLinkURL((Page)this.reference);
+        } else if (StringUtils.isNotEmpty(linkUrl)) {
+        	resolvedLinkURL = linkUrl;
         }
-        String resolvedLinkURL = validateAndResolveLinkURL(linkUrl);
+
         Map<String, String> htmlAttributes = mapLinkAttributesToHtml();
         return buildLink(resolvedLinkURL, request, htmlAttributes);
     }
@@ -213,34 +238,6 @@ private String validateLinkAttributeValue(@Nullable final String value) {
                 .orElse(null);
     }
 
-    /**
-     * Validates and resolves a link URL.
-     *
-     * @param linkURL Link URL
-     * @return The validated link URL or {@code null} if not valid
-     */
-    @Nullable
-    private String validateAndResolveLinkURL(@Nullable final String linkURL) {
-        return Optional.ofNullable(linkURL)
-                .filter(StringUtils::isNotEmpty)
-                .map(this::getLinkURL)
-                .orElse(null);
-    }
-
-    /**
-     * If the provided {@code path} identifies a {@link Page}, this method will generate the correct URL for the page. Otherwise the
-     * original {@code String} is returned.
-     * @param path the page path
-     *
-     * @return the URL of the page identified by the provided {@code path}, or the original {@code path} if this doesn't identify a {@link Page}
-     */
-    @NotNull
-    private String getLinkURL(@NotNull String path) {
-        return getPage(path)
-                .map(this::getPageLinkURL)
-                .orElse(path);
-    }
-
     /**
      * Given a {@link Page}, this method returns the correct URL with the extension
      * @param page the page

bundles/core/src/main/java/com/adobe/cq/wcm/core/components/internal/link/LinkUtil.java

@@ -61,6 +61,7 @@ public class LinkUtil {
             .collect(Collectors.toList()));
     }
 
+    private static final String MAIL_TO_PATTERN = "mailto";
     //SITES-18137: imitate the exact behavior of com.google.common.net.URL_FRAGMENT_ESCAPER
     private static final BitSet URL_FRAGMENT_SAFE_CHARS = new BitSet(256);
 
@@ -127,7 +128,7 @@ public static String escape(final String path, final String queryString, final S
             LOG.error(e.getMessage(), e);
         }
         try {
-            if (parsed != null) {
+            if (parsed != null && !isMailToLink(parsed.getScheme())) {
                 escaped = new URI(parsed.getScheme(), parsed.getAuthority(), parsed.getPath(), maskedQueryString, null).toString();
             } else {
                 escaped = new URI(null, null, path, maskedQueryString, null).toString();
@@ -267,4 +268,12 @@ private static String replaceEncodedCharactersInFragment(final String str) {
             .replace("%2F", "/")
             .replace("%3F", "?");
     }
+
+    private static boolean isMailToLink(String link) {
+        if (link != null) {
+            return link.startsWith(MAIL_TO_PATTERN);
+        } else {
+            return false;
+        }
+    }
 }

bundles/core/src/main/java/com/adobe/cq/wcm/core/components/internal/models/v1/ClientLibrariesImpl.java

@@ -44,7 +44,6 @@
 import org.apache.sling.models.annotations.Model;
 import org.apache.sling.models.annotations.injectorspecific.OSGiService;
 import org.apache.sling.models.annotations.injectorspecific.RequestAttribute;
-import org.apache.sling.models.annotations.injectorspecific.ScriptVariable;
 import org.apache.sling.models.annotations.injectorspecific.Self;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;

bundles/core/src/main/java/com/adobe/cq/wcm/core/components/internal/models/v1/ComponentFilesImpl.java

@@ -33,7 +33,7 @@
 import org.apache.sling.models.annotations.Default;
 import org.apache.sling.models.annotations.Model;
 import org.apache.sling.models.annotations.injectorspecific.OSGiService;
-import org.apache.sling.models.annotations.injectorspecific.ScriptVariable;
+import org.apache.sling.models.annotations.injectorspecific.RequestAttribute;
 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
 import org.slf4j.Logger;
@@ -55,13 +55,13 @@ public class ComponentFilesImpl implements ComponentFiles {
      */
     public static final String COMPONENTS_SERVICE = "components-service";
 
-    @ScriptVariable(name=OPTION_RESOURCE_TYPES)
+    @RequestAttribute(name=OPTION_RESOURCE_TYPES)
     Object resourceTypes;
 
-    @ScriptVariable(name=OPTION_FILTER_REGEX)
+    @RequestAttribute(name=OPTION_FILTER_REGEX)
     String filterRegex;
 
-    @ScriptVariable(name=OPTION_INHERITED)
+    @RequestAttribute(name=OPTION_INHERITED)
     @Default(booleanValues = OPTION_INHERITED_DEFAULT)
     boolean inherited;
 

bundles/core/src/main/java/com/adobe/cq/wcm/core/components/internal/models/v1/PdfViewerImpl.java

@@ -45,6 +45,10 @@ public class PdfViewerImpl extends AbstractComponentImpl implements PdfViewer {
 
     protected static final String RESOURCE_TYPE = "core/wcm/components/pdfviewer/v1/pdfviewer";
     protected static final String FIELD_EMBED_MODE = "embedMode";
+    /**
+     * Field that needs to be passed to Embed API to control full screen button in full-window mode
+     */
+    protected static final String FIELD_SHOW_FULL_SCREEN_VIEW_BUTTON = "showFullScreenViewButton";
 
     @ValueMapValue(injectionStrategy = InjectionStrategy.OPTIONAL)
     @Nullable
@@ -180,6 +184,7 @@ public String getViewerConfigJson() {
             jsonObjectBuilder.add(PN_DEFAULT_VIEW_MODE, defaultViewMode);
             jsonObjectBuilder.add(PN_SHOW_ANNOTATION_TOOLS, showAnnotationTools);
             jsonObjectBuilder.add(PN_SHOW_LEFT_HAND_PANEL, showLeftHandPanel);
+            jsonObjectBuilder.add(FIELD_SHOW_FULL_SCREEN_VIEW_BUTTON, showFullScreen);
         }
 
         if (StringUtils.equals(type, SIZED_CONTAINER)) {

bundles/core/src/main/java/com/adobe/cq/wcm/core/components/internal/models/v1/contentfragment/DAMContentFragmentImpl.java

@@ -22,7 +22,7 @@
 import com.adobe.cq.dam.cfm.ContentFragmentException;
 import com.adobe.cq.dam.cfm.ContentVariation;
 import com.adobe.cq.dam.cfm.FragmentData;
-import org.apache.commons.collections.IteratorUtils;
+import org.apache.commons.collections4.IteratorUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.sling.api.resource.Resource;
 import org.apache.sling.models.annotations.Exporter;

bundles/core/src/main/java/com/adobe/cq/wcm/core/components/internal/models/v4/ListImpl.java

@@ -73,7 +73,7 @@ public Collection<ListItem> getListItems() {
     private Collection<ListItem> getStaticListItems() {
         Stream<AbstractListItemImpl> itemStream = getStaticItemResourceStream().map(linkResource -> {
             Link link = linkManager.get(linkResource).build();
-            if (LinkManagerImpl.isExternalLink(link.getURL())) {
+            if (LinkManagerImpl.isExternalLink(link.getURL()) && (link.getReference() == null)) {
                 return new ExternalLinkListItemImpl(link, linkResource, getId(), component);
             } else {
                 Object reference = link.getReference();

bundles/core/src/main/java/com/adobe/cq/wcm/core/components/internal/services/embed/OEmbedClientImpl.java

@@ -18,7 +18,6 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.MalformedURLException;
-import java.net.URISyntaxException;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.regex.Pattern;
@@ -36,6 +35,7 @@
 import org.apache.http.client.HttpClient;
 import org.apache.http.client.config.RequestConfig;
 import org.apache.http.client.methods.HttpGet;
+import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClients;
 import org.apache.http.osgi.services.HttpClientBuilderFactory;
 import org.osgi.framework.Constants;
@@ -60,16 +60,6 @@ public class OEmbedClientImpl implements OEmbedClient {
     @Reference
     private HttpClientBuilderFactory httpClientBuilderFactory;
 
-    /**
-     * Socket timeout.
-     */
-    private int soTimeout = 60000;
-
-    /**
-     * Connection timeout.
-     */
-    private int connectionTimeout = 5000;
-
     private static final Logger LOGGER = LoggerFactory.getLogger(OEmbedClientImpl.class);
 
     private Map<String, OEmbedClientImplConfigurationFactory.Config> configs = new HashMap<>();
@@ -102,17 +92,17 @@ public OEmbedResponse getResponse(String url) {
         if (config == null) {
             return null;
         }
-        if (OEmbedResponse.Format.JSON == OEmbedResponse.Format.fromString(config.format())) {
-            try {
+        OEmbedResponse.Format format = OEmbedResponse.Format.fromString(config.format());
+        try (CloseableHttpClient httpClient = getHttpClient(config)) {
+            if (OEmbedResponse.Format.JSON == format) {
                 String jsonURL = buildURL(config.endpoint(), url, OEmbedResponse.Format.JSON.getValue(), null, null);
-                return mapper.readValue(getData(jsonURL), OEmbedJSONResponseImpl.class);
-            } catch (IllegalArgumentException | IOException  ioex) {
-                LOGGER.error("Failed to read JSON response", ioex);
-            }
-        } else if (jaxbContext != null && OEmbedResponse.Format.XML == OEmbedResponse.Format.fromString(config.format())) {
-            try {
+                try (InputStream jsonStream = getDataStream(jsonURL, httpClient)) {
+                    return mapper.readValue(jsonStream, OEmbedJSONResponseImpl.class);
+                }
+            } else if (jaxbContext != null && OEmbedResponse.Format.XML == format) {
                 String xmlURL = buildURL(config.endpoint(), url, OEmbedResponse.Format.XML.getValue(), null, null);
-                try (InputStream xmlStream = getData(xmlURL)) {
+                try (InputStream xmlStream = getDataStream(xmlURL, httpClient)) {
+
                     //Disable XXE
                     SAXParserFactory spf = SAXParserFactory.newInstance();
                     spf.setFeature("http://xml.org/sax/features/external-general-entities", false);
@@ -124,9 +114,9 @@ public OEmbedResponse getResponse(String url) {
                     Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
                     return (OEmbedResponse) jaxbUnmarshaller.unmarshal(xmlSource);
                 }
-            } catch (IllegalArgumentException | SAXException | ParserConfigurationException | JAXBException | IOException e) {
-                LOGGER.error("Failed to read XML response", e);
             }
+        } catch (IllegalArgumentException | SAXException | ParserConfigurationException | JAXBException | IOException e) {
+            LOGGER.error("Failed to read " + format + " response", e);
         }
         return null;
     }
@@ -155,20 +145,17 @@ protected OEmbedClientImplConfigurationFactory.Config getConfiguration(String ur
         return null;
     }
 
-    protected InputStream getData(String url) throws IOException, IllegalArgumentException {
-        RequestConfig rc = RequestConfig.custom().setConnectTimeout(connectionTimeout).setSocketTimeout(soTimeout)
-            .build();
-        HttpClient httpClient;
-        if (httpClientBuilderFactory != null
-                && httpClientBuilderFactory.newBuilder() != null) {
-            httpClient = httpClientBuilderFactory.newBuilder()
-                    .setDefaultRequestConfig(rc)
-                    .build();
+    protected CloseableHttpClient getHttpClient(OEmbedClientImplConfigurationFactory.Config config) {
+        RequestConfig rc = RequestConfig.custom().setConnectTimeout(config.connectionTimeout()).setSocketTimeout(config.socketTimeout())
+                .build();
+        if (httpClientBuilderFactory != null && httpClientBuilderFactory.newBuilder() != null) {
+            return httpClientBuilderFactory.newBuilder().setDefaultRequestConfig(rc).build();
         } else {
-            httpClient = HttpClients.custom()
-                    .setDefaultRequestConfig(rc)
-                    .build();
+            return HttpClients.custom().setDefaultRequestConfig(rc).build();
         }
+    }
+
+    protected InputStream getDataStream(String url, HttpClient httpClient) throws IOException, IllegalArgumentException {
         HttpResponse response = httpClient.execute(new HttpGet(url));
         return response.getEntity().getContent();
     }