Summary summary = (Summary) (request.getSession() != null ?
request.getSession().getAttribute(DisplayJspController.SUMMARY_ATTRIBUTE) : null);
if (jspName != null && summary != null && contextName.equals(summary.getName())) {
Item item = (Item) summary.getItems().get(jspName);
if (item != null) {
//
// replace "\" with "/"
//
jspName = jspName.replaceAll("\\\\", "/");
//
// remove cheeky "../" from the path to avoid exploits
//
while (jspName.indexOf("../") != -1) {
jspName = jspName.replaceAll("\\.\\./", "");
}
Resource jsp = (Resource) context.getResources().lookup(jspName);
if (jsp != null) {
ServletContext sctx = context.getServletContext();
ServletConfig scfg = (ServletConfig) context.findChild("jsp");
Options opt = new EmbeddedServletOptions(scfg, sctx);
String descriptorPageEncoding = opt.getJspConfig().findJspProperty(jspName).getPageEncoding();
if (descriptorPageEncoding != null && descriptorPageEncoding.length() > 0) {
item.setEncoding(descriptorPageEncoding);
} else {
//
// we have to read the JSP twice, once to figure out the content encoding
// the second time to read the actual content using the correct encoding
//
item.setEncoding(Utils.getJSPEncoding(jsp.streamContent()));
}
if (highlight) {
request.setAttribute("highlightedContent", Utils.highlightStream(jspName, jsp.streamContent(),
"xhtml", item.getEncoding()));
} else {
request.setAttribute("content", Utils.readStream(jsp.streamContent(), item.getEncoding()));
}
} else {
logger.error(jspName + " does not exist");
}