Welcome to Apache Wicket

With proper mark-up/logic separation, a POJO data model, and a refreshing lack of XML, Apache Wicket makes developing web-apps simple and enjoyable again. Swap the boilerplate, complex debugging and brittle code for powerful, reusable components written with plain Java and HTML.

Wicket is released under the Apache License, Version 2.0.

Apache Wicket 7.0.0-M6 released

The Apache Wicket PMC is proud to announce Apache Wicket 7.0.0-M6!

We have released another milestone release for Apache Wicket 7. We aim to finalise Wicket 7 over the coming months and request your help in testing the new major version.

Caveats

It is still a development version so expect API breaks to happen over the course of the coming milestone releases.

Semantic versioning

As we adopted semver Wicket 7 will be the first release since 6.0 where we are able to refactor the API. We will continue to use semver when we have made Wicket 7 final and maintain api compatibility between minor versions of Wicket 7.

Requirements

Wicket 7 requires the following:

  • Java 7
  • Servlet 3 compatible container

You can’t mix wicket libraries from prior Wicket versions with Wicket 7.

Migration guide

As usual we have a migration guide available online for people migrating their applications to Wicket 7. We will continue to update the guide as development progresses. If you find something that is not in the guide, please update the guide, or let us know so we can update the guide.

You can find the guide here: http://s.apache.org/wicket7migrate

New and noteworthy

  • New inline image support for the new data: protocol. See http://ci.apache.org/projects/wicket/apidocs/6.x/org/apache/wicket/markup/html/image/InlineImage.html for more information.

  • Added CSRF prevention measure to Wicket. The CsrfPreventionRequestCycleListener (http://ci.apache.org/projects/wicket/apidocs/6.x/org/apache/wicket/protocol/http/CsrfPreventionRequestCycleListener.html) will prevent requests coming from other origins than allowed from performing actions. See the JavaDoc for more information on this listener.

  • JQuery was upgraded to most recent version.

Using this release

With Apache Maven update your dependency to (and don’t forget to update any other dependencies on Wicket projects to the same version):

<dependency>
    <groupId>org.apache.wicket</groupId>
    <artifactId>wicket-core</artifactId>
    <version>7.0.0-M6</version>
</dependency>

Or download and build the distribution yourself, or use our convenience binary package

About this release

Below you can find the cryptographic signatures for the distributions and the release notes.

The signatures for the source release artefacts:

The signatures for the source release artefacts:

Signature for apache-wicket-7.0.0-M6.zip:

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iEYEABECAAYFAlWANLgACgkQJBX8W/xy/UXSmQCgtAb+JrBeiq4+OdbpbN22sy+/
F3YAn2ZeQ4byJPdmc4m4K6LLgg41AWSU
=xN5i
-----END PGP SIGNATURE-----

Signature for apache-wicket-7.0.0-M6.tar.gz:

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iEYEABECAAYFAlWANLgACgkQJBX8W/xy/UUEsACgxiS2RQzuOi35Yw5C4c90KAFZ
yPIAoMU7z9Go0pn5ZFKZwq+VDA0cvoh4
=KW/I
-----END PGP SIGNATURE-----

CHANGELOG for 7.0.0-M6:

Release Notes - Wicket - Version 7.0.0-M6

Bugs

* [WICKET-5790] - VariableInterpolator & #getThrowExceptionOnMissingResource
* [WICKET-5814] - CryptoMapper clears feedback messages
* [WICKET-5816] - Apps can't use Application.setName instead of WicketFilter for e.g. JMX names
* [WICKET-5822] - AjaxSelfUpdatingTimer stops working after ajax download
* [WICKET-5825] - Deployment of wicket-examples.war fails in Tomcat
* [WICKET-5828] - PageProvider not serializable
* [WICKET-5834] - NPE in DefaultPropertyResolver
* [WICKET-5835] - InlineEnclosure doesn't call child.configure() before updating its visilbity
* [WICKET-5837] - JUnit tests may fail because of AbstractDefaultAjaxBehavior
* [WICKET-5838] - Last-modified header of external markup is ignored
* [WICKET-5841] - continueToOriginalDestination() discards new cookies
* [WICKET-5843] - CryptoMapper doesn't work with context relative UrlResourceReferences
* [WICKET-5845] - AuthenticatedWebSession.get() returns a new session with signedIn false
* [WICKET-5850] - LazyInitProxyFactory causes NoClassDefFound org/apache/wicket/proxy/ILazyInitProxy in case of multimodule deployment
* [WICKET-5851] - PackageResourceTest#packageResourceGuard test fails under Windows
* [WICKET-5853] - LongConverter converts some values greater than Long.MAX_VALUE
* [WICKET-5855] - RememberMe functionality seems to be broken after the change of the default crypt factory
* [WICKET-5856] - StackOverFlowError when working with transparent containers
* [WICKET-5857] - PagingNavigator invalid HTML (rel attribute on span tag)
* [WICKET-5858] - AjaxRequestTarget.focusComponent does not work in modal window
* [WICKET-5861] - BigDecimalConverter does not allow parsing of values great than Double.MAX_VALUE
* [WICKET-5862] - Wicket Container visibility bug
* [WICKET-5864] - Multipart Ajax form submit does not release the channel in case of connection failure
* [WICKET-5869] - Kittencaptcha doesn't calculate click y-coordinate correctly
* [WICKET-5870] - wicket-event-jquery.js: Wicket.Browser.isIE11() does not return boolean
* [WICKET-5874] - WicketTester TagTester does not work as expected when using non self closing tags
* [WICKET-5879] - Using an AjaxSubmitLink to hide its form results in an exception
* [WICKET-5881] - NPE in FormComponent#updateCollectionModel in case of no converted input and unmodifiable collection
* [WICKET-5883] - Feedback messages not cleared for invisible/disabled form components on submit.
* [WICKET-5887] - wicket.xsd refers to non-existing xhtml.label:attlist
* [WICKET-5891] - Parsing of ChinUnionPay credit card should use the first 6 characters
* [WICKET-5893] - CookieUtils should use the original response when saving a cookie
* [WICKET-5895] - validateHeaders fails to detect missing head/body (regression)
* [WICKET-5898] - StackOverflowError after form submit with a validation error
* [WICKET-5900] - Add WicketTester support for IAjaxLink
* [WICKET-5903] - Regression in mount resolution when using optional parameters
* [WICKET-5904] - NPE after editing a markup file in debug mode
* [WICKET-5906] - Use default on missing resource does not work
* [WICKET-5908] - A new HtmlHeaderContainer is added each time a page instance is rendered
* [WICKET-5910] - CGLib proxy should not intercept protected methods
* [WICKET-5911] - Re-rendering page after exception in render phase does not call onBeforeRender()
* [WICKET-5912] - NPE in Page#hasInvisibleTransparentChild
* [WICKET-5915] - The application can not find /META-INF/wicket/**.properties on Windows systems
* [WICKET-5916] - StackOverflowError when calling getObject() from load() in LDM
* [WICKET-5917] - Do not use jQuery's $ in String snippets in Java code

Improvement

* [WICKET-5314] - AbstractAutoCompleteBehavior does not support AjaxChannels
* [WICKET-5749] - Wicket-auth-roles should deal with resource authorization
* [WICKET-5789] - Make org.apache.wicket.protocol.ws.javax.WicketServerEndpointConfig publicly visible
* [WICKET-5801] - Responsive Images
* [WICKET-5823] - DefaultAuthenticationStrategy should be modified to reduce copy/paste while extending it's functionality
* [WICKET-5829] - rename PageSettings#recreateMountedPagesAfterExpiry
* [WICKET-5831] - Improve unsafe Id reporting in the AbstractRepeater
* [WICKET-5832] - Do not fail at CDI's ConversationPropagator when running in non-http thread
* [WICKET-5833] - Add a way to get all opened web socket connections per user session
* [WICKET-5840] - WicketTester doesn't support #clickLink() for ExternalLink component
* [WICKET-5859] - Add Hebrew and Arabic translations
* [WICKET-5860] - Cross-Site Websocket Hijacking protection
* [WICKET-5863] - Overiding disableCaching in ServletWebResponse is ignored when responce is buffered
* [WICKET-5865] - AjaxEditableLabel should implement IGenericComponent
* [WICKET-5872] - wicket extensions initializer.properties for greek language
* [WICKET-5875] - ComponentRenderer.renderComponent() unexpectedly produces a WicketRuntimeException when called with a nested Component which contains a nested wicket:message
* [WICKET-5889] - Ability to not submit a nested form
* [WICKET-5892] - add ClientProperties#isJavaScriptEnabled()
* [WICKET-5894] - Support *.woff2 webfonts in SecurePackageResourceGuard as well
* [WICKET-5901] - Leaving veil when ajax processing ends with redirect
* [WICKET-5905] - allow listening to Ajax calls before scheduling
* [WICKET-5921] - Provide a default implementation of IModelComparator that always returns false

New Feature

* [WICKET-5819] - Support for HTML 5 media tags (audio / video)
* [WICKET-5827] - Allow to apply multiple Javascript / CSS compressors
* [WICKET-5897] - Use the #isEnabled() method with validators
* [WICKET-5918] - Create an Image component that uses the new data: protocol (an InlineImage)
* [WICKET-5919] - Add support for CSRF prevention

Task

* [WICKET-5896] - Upgrade jQuery to latest stable versions (1.11.4 & 2.1.3)

Wish

* [WICKET-5848] - Remove .settings folders of projects

Have fun!

— The Wicket team

Apache Wicket 6.20.0 released

The Apache Wicket PMC is proud to announce Apache Wicket 6.20.0!

This release marks another minor release of Wicket 6. Starting with Wicket 6 we use semantic versioning for the future development of Wicket, and as such no API breaks are present in this release compared to 6.0.0.

Using this release

With Apache Maven update your dependency to (and don’t forget to update any other dependencies on Wicket projects to the same version):

<dependency>
<groupId>org.apache.wicket</groupId>
<artifactId>wicket-core</artifactId>
<version>6.20.0</version>
</dependency>

Or download and build the distribution yourself, or use our convenience binary package

Upgrading from earlier versions

If you upgrade from 6.y.z this release is a drop in replacement. If you come from a version prior to 6.0.0, please read our Wicket 6 migration guide found at

Have fun!

— The Wicket team

This release

CHANGELOG for 6.20.0:

The following changes were made in Wicket for this release.

Bug

  • [WICKET-5790] - VariableInterpolator & #getThrowExceptionOnMissingResource
  • [WICKET-5814] - CryptoMapper clears feedback messages
  • [WICKET-5816] - Apps can’t use Application.setName instead of WicketFilter for e.g. JMX names
  • [WICKET-5822] - AjaxSelfUpdatingTimer stops working after ajax download
  • [WICKET-5834] - NPE in DefaultPropertyResolver
  • [WICKET-5835] - InlineEnclosure doesn’t call child.configure() before updating its visilbity
  • [WICKET-5837] - JUnit tests may fail because of AbstractDefaultAjaxBehavior
  • [WICKET-5838] - Last-modified header of external markup is ignored
  • [WICKET-5841] - continueToOriginalDestination() discards new cookies
  • [WICKET-5843] - CryptoMapper doesn’t work with context relative UrlResourceReferences
  • [WICKET-5845] - AuthenticatedWebSession.get() returns a new session with signedIn false
  • [WICKET-5850] - LazyInitProxyFactory causes NoClassDefFound org/apache/wicket/proxy/ILazyInitProxy in case of multimodule deployment
  • [WICKET-5851] - PackageResourceTest#packageResourceGuard test fails under Windows
  • [WICKET-5855] - RememberMe functionality seems to be broken after the change of the default crypt factory
  • [WICKET-5857] - PagingNavigator invalid HTML (rel attribute on span tag)
  • [WICKET-5858] - AjaxRequestTarget.focusComponent does not work in modal window
  • [WICKET-5862] - Wicket Container visibility bug
  • [WICKET-5864] - Multipart Ajax form submit does not release the channel in case of connection failure
  • [WICKET-5869] - Kittencaptcha doesn’t calculate click y-coordinate correctly
  • [WICKET-5870] - wicket-event-jquery.js: Wicket.Browser.isIE11() does not return boolean
  • [WICKET-5873] - Resources served by Wicket are not compressable
  • [WICKET-5874] - WicketTester TagTester does not work as expected when using non self closing tags
  • [WICKET-5881] - NPE in FormComponent#updateCollectionModel in case of no converted input and unmodifiable collection
  • [WICKET-5883] - Feedback messages not cleared for invisible/disabled form components on submit.
  • [WICKET-5887] - wicket.xsd refers to non-existing xhtml.label:attlist
  • [WICKET-5891] - Parsing of ChinUnionPay credit card should use the first 6 characters
  • [WICKET-5893] - CookieUtils should use the original response when saving a cookie
  • [WICKET-5895] - validateHeaders fails to detect missing head/body (regression)
  • [WICKET-5900] - Add WicketTester support for IAjaxLink
  • [WICKET-5910] - CGLib proxy should not intercept protected methods
  • [WICKET-5911] - Re-rendering page after exception in render phase does not call onBeforeRender()
  • [WICKET-5917] - Do not use jQuery’s $ in String snippets in Java code

Improvement

  • [WICKET-5754] - (String)ResourceModel’s defaultValue could be an IModel
  • [WICKET-5823] - DefaultAuthenticationStrategy should be modified to reduce copy/paste while extending it’s functionality
  • [WICKET-5832] - Do not fail at CDI’s ConversationPropagator when running in non-http thread
  • [WICKET-5840] - WicketTester doesn’t support #clickLink() for ExternalLink component
  • [WICKET-5859] - Add Hebrew and Arabic translations
  • [WICKET-5863] - Overiding disableCaching in ServletWebResponse is ignored when responce is buffered
  • [WICKET-5865] - AjaxEditableLabel should implement IGenericComponent
  • [WICKET-5872] - wicket extensions initializer.properties for greek language
  • [WICKET-5875] - ComponentRenderer.renderComponent() unexpectedly produces a WicketRuntimeException when called with a nested Component which contains a nested wicket:message
  • [WICKET-5894] - Support *.woff2 webfonts in SecurePackageResourceGuard as well
  • [WICKET-5901] - Leaving veil when ajax processing ends with redirect
  • [WICKET-5905] - allow listening to Ajax calls before scheduling
  • [WICKET-5921] - Provide a default implementation of IModelComparator that always returns false

New Feature

  • [WICKET-5827] - Allow to apply multiple Javascript / CSS compressors
  • [WICKET-5897] - Use the #isEnabled() method with validators
  • [WICKET-5918] - Create an Image component that uses the new data: protocol (an InlineImage)
  • [WICKET-5919] - Add support for CSRF prevention

Task

  • [WICKET-5896] - Upgrade jQuery to latest stable versions (1.11.4 & 2.1.3)

Have fun!

— The Wicket team

Older news items

  • Wicket 1.5.13 released - 13 Feb 2015
    This is the thirteenth maintenance release of the Wicket 1.5.x series. This release brings over 1 bug fix and 1 improvement. Git tag Changelog To... more
  • New committer - Sebastien Briquet - 13 Feb 2015
    The Project Management Committee (PMC) for Apache Wicket has asked Sebastien Briquet to become a committer and we are pleased to announce that he has... more
  • Apache Wicket 7.0.0-M5 released - 02 Feb 2015
    The Apache Wicket PMC is proud to announce Apache Wicket 7.0.0-M5! We have released another milestone release for Apache Wicket 7. We aim to finalise... more
  • Apache Wicket 6.19.0 released - 02 Feb 2015
    The Apache Wicket PMC is proud to announce Apache Wicket 6.19.0! This release marks another minor release of Wicket 6. Starting with Wicket 6 we... more
  • Apache Wicket 7.0.0-M4 released - 05 Nov 2014
    The Apache Wicket PMC is proud to announce Apache Wicket 7.0.0-M4! We have released another milestone release for Apache Wicket 7. We aim to finalise... more
  • Apache Wicket 6.18.0 released - 05 Nov 2014
    The Apache Wicket PMC is proud to announce Apache Wicket 6.18.0! This release marks another minor release of Wicket 6. Starting with Wicket 6 we... more
  • CVE-2014-3526 - Apache Wicket Information disclosure vulnerability - 22 Sep 2014
    Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Wicket 1.5.11, 6.16.0 and 7.0.0-M2 Description: When rendering a web page Wicket checks the request... more
  • Wicket 1.5.12 released - 15 Sep 2014
    This is the twelfth maintenance release of the Wicket 1.5.x series. This release brings over 5 bug fixes and improvements. Git tag Changelog To use... more
  • Apache Wicket 6.17.0 released - 24 Aug 2014
    The Apache Wicket PMC is proud to announce Apache Wicket 6.17.0! This release marks the seventeenth minor release of Wicket 6. Starting with Wicket 6... more
  • Apache Wicket 7.0.0-M3 released - 23 Aug 2014
    We have released the third of a series of milestone releases for Apache Wicket 7. We aim to finalise Wicket 7 over the coming months... more

# Books about Wicket

The following books are published regarding Apache Wicket (click a cover to learn more about the book):